Sat.Feb 08, 2020 - Fri.Feb 14, 2020

The 5 Love Languages of Cybersecurity

Dark Reading

When it comes to building buy-in from the business, all cybersecurity needs is love -- especially when it comes to communication

WiFi: A New Way to Spread Emotet Malware

Data Breach Today

Researchers Say Trojan's Developers Devising Ways to Spread Trojan to More Devices Security researchers have found that the developers of the Emotet Trojan have created a new way to spread it to more victims - attackers are using unsecured WiFi networks as a way to deliver the malware to more devices.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Adam Levin

As if cybersecurity weren’t already a red-letter issue, the United States and, most likely, its allies–in other words, the global economic community–are in Iran’s cyber sites, a major player in cyber warfare and politically divisive disinformation campaigns.

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

The U.S. Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

DNSSEC Keysigning Ceremony Postponed Because of Locked Safe

Schneier on Security

Interesting collision of real-world and Internet security: The ceremony sees several trusted internet engineers (a minimum of three and up to seven) from across the world descend on one of two secure locations -- one in El Segundo, California, just south of Los Angeles, and the other in Culpeper, Virginia -- both in America, every three months. Once in place, they run through a lengthy series of steps and checks to cryptographically sign the digital key pairs used to secure the internet's root zone. (Here's Cloudflare 's in-depth explanation, and IANA's PDF step-by-step guide.). [.]. Only specific named people are allowed to take part in the ceremony, and they have to pass through several layers of security -- including doors that can only be opened through fingerprint and retinal scans -- before getting in the room where the ceremony takes place. Staff open up two safes, each roughly one-metre across. One contains a hardware security module that contains the private portion of the KSK. The module is activated, allowing the KSK private key to sign keys, using smart cards assigned to the ceremony participants. These credentials are stored in deposit boxes and tamper-proof bags in the second safe. Each step is checked by everyone else, and the event is livestreamed. Once the ceremony is complete -- which takes a few hours -- all the pieces are separated, sealed, and put back in the safes inside the secure facility, and everyone leaves. But during what was apparently a check on the system on Tuesday night -- the day before the ceremony planned for 1300 PST (2100 UTC) Wednesday -- IANA staff discovered that they couldn't open one of the two safes. One of the locking mechanisms wouldn't retract and so the safe stayed stubbornly shut. As soon as they discovered the problem, everyone involved, including those who had flown in for the occasion, were told that the ceremony was being postponed. Thanks to the complexity of the problem -- a jammed safe with critical and sensitive equipment inside -- they were told it wasn't going to be possible to hold the ceremony on the back-up date of Thursday, either. dns keys locks safes

More Trending

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

Huawei can secretly tap into communications through the networking equipment, states a U.S. official , while White House urge allies to ban the Chinese giant. This week The Wall Street Journal reported that U.S.

A Light at the End of Liberty Reserve’s Demise?

Krebs on Security

In May 2013, the U.S. Justice Department seized Liberty Reserve , alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world.

A US Data Protection Agency

Schneier on Security

The United States is one of the few democracies without some formal data protection agency, and we need one. Senator Gillibrand just proposed creating one. dataprotection nationalsecuritypolicy

100
100

US Has Evidence of Huawei Backdoor: Report

Data Breach Today

Chinese Firm Denies Allegations That It Can Access Networks As the U.S. ramps up pressure on its allies to ban equipment from Chinese manufacturer Huawei from their 5G networks, U.S.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec

Dark Reading

What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones

Dangerous Domain Corp.com Goes Up for Sale

Krebs on Security

As an early domain name investor, Mike O’Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com.

Sales 182

Crypto AG Was Owned by the CIA

Schneier on Security

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II.

Services Provider to Government Left Database Exposed: Report

Data Breach Today

Researcher Says Exposed Granicus Database Could Have Made Websites Vulnerable One of the largest IT services providers for U.S.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents

Troy Hunt

Today is Safer Internet Day which marks the annual occurrence of parents thinking about their kids' online presence (before we go back to thinking very little about it tomorrow!)

Russian watchdog fines Twitter, Facebook for not moving user data to local servers

Security Affairs

A Russian court fined Twitter and Facebook 4 million rubles each for refusing to store the personal data of Russian citizens on local servers.

China's Military Behind 2017 Equifax Breach: DoJ

Dark Reading

Four members of China's People Liberation Army hacked the information broker, leading to the theft of sensitive data on approximately 145 million citizens

MIT Researchers: Online Voting App Has Security Flaws

Data Breach Today

Voatz Smartphone App Used in 2018 Vulnerable to Hacking, Report Alleges MIT security researchers have published a paper that describes several security flaws in Voatz, a smartphone app used for limited online voting during the 2018 midterm elections.

Paper 194

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Signal Is Finally Bringing Its Secure Messaging to the Masses

WIRED Threat Level

The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream. Security Security / Security News

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet.

Apple's Tracking-Prevention Feature in Safari has a Privacy Bug

Schneier on Security

Last month, engineers at Google published a very curious privacy bug in Apple's Safari web browser. Apple's Intelligent Tracking Prevention, a feature designed to reduce user tracking, has vulnerabilities that themselves allow user tracking. Some details : ITP detects and blocks tracking on the web.

RSA 2020: The Show Must Go On

Data Breach Today

Coronavirus Will Not Alter Plans for Event in San Francisco While public health concerns over the spread of the coronavirus are leading to the cancellation of some international events, the RSA Conference 2020 will proceed as scheduled in San Francisco Feb. 24-28

181
181

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Donating BAT to Have I Been Pwned with Brave Browser

Troy Hunt

I don't know exactly why the recent uptick, but lately I've had a bunch of people ask me if I've tried the Brave web browser. Why they'd ask me that is much more obvious: Brave is a privacy-focused browser that nukes ads and trackers.

IT 87

Reading the 2019 Internet Crime Complaint Center (IC3) report

Security Affairs

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year.

China's Hacking Spree Will Have a Decades-Long Fallout

WIRED Threat Level

Equifax. Anthem. Marriott. The data that China has amassed about US citizens will power its intelligence activities for a generation. Security Security / National Security

IT 86

Facebook's Privacy Practices Targeted by Canadian Regulator

Data Breach Today

To Force Changes, Regulator Must Prove Facebook Violated Canada's Privacy Law Canada's privacy commissioner is taking Facebook to court to try and force the social network to make specific changes to its privacy practices.

5 Common Errors That Allow Attackers to Go Undetected

Dark Reading

Make these mistakes and invaders might linger in your systems for years

85

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Security Affairs

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group.

How 4 Chinese Hackers Allegedly Took Down Equifax

WIRED Threat Level

The Department of Justice has pinned the hack on China. Here's how it was done, according to the indictment. Security Security / Cyberattacks and Hacks

IT 85

More Phishing Campaigns Tied to Coronavirus Fears

Data Breach Today

Researchers Describe a Wide Variety of Tactics As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range of targets