Sat.Oct 26, 2019 - Fri.Nov 01, 2019

Halloween: The curse of data

Thales eSecurity

We’ve all watched a horror film and said “why are you doing that?!” as the main characters walk aimlessly down to a basement filled with chain saws or shouted, “are you stupid?!!” as they decide that it’s a good idea to hitchhike alone in the dark.

IT Preps for Post Quantum Crypto (Whatever That Means)

The Security Ledger

Practical quantum computing isn’t here yet. But a new survey by Digicert suggests that isn't stopping IT pros from prepping for a post-quantum reality.even if they aren’t exactly sure what that means.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Is Your AI Strategy Haunted?

Perficient Data & Analytics

Many enterprises set out with good intentions to transform their organizations with AI, but fail to deliver without a strong AI Strategy in place.

Data Governance Makes Data Security Less Scary

erwin

Happy Halloween! Do you know where your data is? What data you have? Who has had access to it? These can be frightening questions for an organization to answer.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Breaches at NetworkSolutions, Register.com, and Web.com

Krebs on Security

Top domain name registrars NetworkSolutions.com , Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed. A notice to customers at notice.web.com.

More Trending

SHARED INTEL: APIs hook up new web and mobile apps — and break attack vectors wide open

The Last Watchdog

If your daily screen time is split between a laptop browser and a smartphone, you may have noticed that a few browser web pages are beginning to match the slickness of their mobile apps. Related: The case for a microservices firewall Netflix and Airbnb are prime examples of companies moving to single-page applications, or SPAs , in order to make their browser webpages as responsive as their mobile apps.

21 Million stolen credentials from Fortune 500 companies available on the dark web

Security Affairs

Roughly 21 million login credentials for Fortune 500 companies are available for sale, in plain text, in multiple forums and black market places in the dark web. More than 21 million login credentials belonging to Fortune 500 companies are available for sale in various places on the dark web.

Takeaways from the $566M BriansClub Breach

Krebs on Security

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrime store highlighted some persistent and hard truths.

Sales 200

Joker's Stash Lists 1.3 Million Stolen Indian Payment Cards

Data Breach Today

Notorious Cybercrime Marketplace Unveils Massive Data Trove, Researchers Warn The notorious Joker's Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3

191
191

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

List of data breaches and cyber attacks in October 2019 – 421 million records breached

IT Governance

In a month where security experts across Europe were boosting awareness of cyber security , organisations had mixed results in their own data protection practices.

Data Breach Reporting on the Rise, According to IAPP Research

InfoGoTo

Cyberattacks and data breaches top the list of data protection and privacy concerns among organizations today. New data privacy regulations, including GDPR and CCPA now require timely reporting when data breaches occur.

A Broken Random Number Generator in AMD Microcode

Schneier on Security

Interesting story. I always recommend using a random number generator like Fortuna , even if you're using a hardware random source. It's just safer. bios hardware randomnumbers

IT 90

Fast Food Chain Krystal Investigates Card 'Security Incident'

Data Breach Today

More Than 200 Restaurants Affected Between July and September Fast food chain Krystal says it's investigating a payment card "security ncident" that affected as many as 228 of its restaurants across southeastern U.S. states.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

CVE-2019-11043 exposes Web servers using nginx and PHP-FPM to hack

Security Affairs

asty PHP7 remote code execution bug exploited in the wild. Experts warn of a remote code execution vulnerability in PHP7, tracked as CVE-2019-11043, has been exploited in attacks in the wild.

IT 89

3 Ways to Improve Intelligent Capture with Human Touch

AIIM

While digital information accuracy is important to all document preservation, some institutions benefit from it more than others.

Russian Hackers Are Still Targeting the Olympics

WIRED Threat Level

Fancy Bear has attacked 16 anti-doping agencies around the world, indicating that its Olympics grudge is far from over. Security Security / Cyberattacks and Hacks

IT 83

Clinics Serving Uninsured Hit by Ransomware

Data Breach Today

Organization Refuses to Pay Ransom, Struggles to Bounce Back A ransomware attack on the operator of non-profit clinics that serve the uninsured in St. Louis led to the breach of information on 152,000 patients, clinicians and employees.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Hackers behind Uber and Lynda hacks plead guilty in data breaches

Security Affairs

Two hackers have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016 and attempted to extort money from the two companies. Brandon Charles Glover and Vasile Mereacre are two hackers that have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016.

8 Holiday Security Tips for Retailers

Dark Reading

Here's how retailers can protect their businesses from attackers and scammers hoping to wreak havoc during the most wonderful time of the year

Former FBI General Counsel Jim Baker Chooses Encryption Over Backdoors

Schneier on Security

In an extraordinary essay , the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors: In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities­ -- including law enforcement­ -- to embrace encryption because it is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime. [.]. I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace. [.]. All public safety officials should think of protecting the cybersecurity of the United States as an essential part of their core mission to protect the American people and uphold the Constitution. And they should be doing so even if there will be real and painful costs associated with such a cybersecurity-forward orientation. The stakes are too high and our current cybersecurity situation too grave to adopt a different approach. Basically, he argues that the security value of strong encryption greatly outweighs the security value of encryption that can be bypassed. He endorses a "defense dominant" strategy for Internet security. Keep in mind that Baker led the FBI's legal case against Apple regarding the San Bernardino shooter's encrypted iPhone. In writing this piece, Baker joins the growing list of former law enforcement and national security senior officials who have come out in favor of strong encryption over backdoors: Michael Hayden , Michael Chertoff , Richard Clarke, Ash Carter , William Lynn, and Mike McConnell. Edward Snowden also agrees. backdoors cryptowars cryptography cybersecurity encryption fbi lawenforcement nationalsecuritypolicy nsa

Two Data Leaks Expose Millions of Records

Data Breach Today

Customers of Adobe and Italy's UniCredit Affected in Separate Incidents Two new security incidents demonstrate how easily millions of customer records can be exposed. Researchers found an unsecured database containing records of customers of Adobe Creative Cloud.

Cloud 173

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

CVE-2019-13720 flaw in Chrome exploited in Operation WizardOpium attacks

Security Affairs

One of the two flaws in Chrome addressed by Google, CVE-2019-13720, was exploited in a campaign that experts attribute to Korea-linked threat actors.

Is Voting by Mobile App a Better Security Option or Just 'A Bad Idea'?

Dark Reading

Security experts say voting by app adds another level of risk, as mobile-voting pilots expand for overseas military and voters with disabilities

Rudy Giuliani Butt-Dialed a Reporter (Twice!)

WIRED Threat Level

A UN phishing attack, Adobe accounts exposed, and more of the week's top security news. Security Security / Security News

McAfee: Malicious Voicemails Target Office365 Users

Data Breach Today

Scammers Include Fake Audio in Attempt to Steal Credentials Cybercriminals are targeting users of Microsoft's Office365 subscription services with phishing campaigns that uses fake voicemail messages in an attempt to steal victims' credentials and other information, according to researchers at the security firm McAfee.

Kaspersky researchers found a Chrome 0-day exploited in attacks in the wild

Security Affairs

Google released security updates to address two high severity flaws in Chrome, one of which is actively exploited in attacks in the wild to hijack computers.