Sat.Dec 21, 2019 - Fri.Dec 27, 2019

The California Consumer Privacy Act is upon us. Who is ready?

Information Management Resources

Technology companies have significant work to do as they head into the new year and the demands of regulatory compliance for customer data become real. Data privacy rules Data security Customer data

Combining AI and Playbooks to Predict Cyberattacks

Threatpost

Mature machine learning can analyze attack strategies and look for underlying patterns that the AI system can use to predict an attacker's next move. InfoSec Insider Malware ai artificial intelligence cyberattack derek manky emotet Fortinet infosec insider playbook predictive analysis

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

2020 & Beyond: The Evolution of Cybersecurity

Dark Reading

As new technologies disrupt the industry, remember that security is a process, not a goal. Educate yourself on how you can best secure your corner of the Web

When Is Data "Public"? (And 2.5M Public Factual Records in HIBP)

Troy Hunt

When is data "public"? And what does "public" even mean? Does it mean it's merely visible to the public? Or does it mean the public can do anything they like with it? This discussion comes up time and time again as it did with the huge leak of PDL data only last month.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Maze Ransomware Gang Names More Alleged Victims

Data Breach Today

Criminals Confirm Florida City of Pensacola Hit, Threaten to Dump Stolen Data The gang behind Maze ransomware now lists 21 alleged victims on its website that it says have not paid a demanded ransom, including the Florida city of Pensacola.

More Trending

Top cybersecurity Predictions for 2020

Security Affairs

The 2020 Cybersecurity Landscape – Below Pierluigi Paganini’s cybersecurity predictions for the next twelve months. Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year.

The Decade Big-Money Email Scams Took Over

WIRED Threat Level

In the last few years, the "Nigerian prince" scams have gotten a major upgrade. Security

Gartner's Avivah Litan on the Rise of 'Fake Everything'

Data Breach Today

Fake news, fake accounts - even fake food. Gartner analyst Avivah Litan is concerned about the onslaught of "fake everything" and how it undermines the trust upon which enterprises are built. In this 2020 preview, Litan discusses emerging technologies to combat the fakes

IT 173

Chinese Hackers Bypassing Two-Factor Authentication

Schneier on Security

Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

New Mozi P2P Botnet targets Netgear, D-Link, Huawei routers

Security Affairs

A new Mozi P2P botnet is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them.

The Worst Hacks of the Decade

WIRED Threat Level

It's been a rough 10 years in cybersecurity—and it's only getting worse. Security Security / Cyberattacks and Hacks

Researchers: Chinese APT Espionage Campaign Bypasses 2FA

Data Breach Today

Fox-IT Suspects APT20 Group Was Involved An advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries for two years, bypassing two-factor authentication, according to a report by Fox-IT

ToTok Is an Emirati Spying Tool

Schneier on Security

The smartphone messaging app ToTok is actually an Emirati spying tool : But the service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

More than 100 Chinese nationals arrested in Nepal over suspected cyber scam

Security Affairs

Nepal police arrested more than 100 Chinese nationals over a suspected cyber scam, this is the largest-ever operation involving foreigners. Nepal authorities have arrested more than 100 Chinese nationals that were in the country on tourist visas, they are suspected to be involved in a cyber scam.

Predictions Review: Trump, Zuck Crush My Optimism In 2019

John Battelle's Searchblog

This past year, I predicted the fall of both Zuck and Trump, not to mention the triumph of cannabis and rationale markets. But in 2019, the sociopaths won – bigly. Damn, was I wrong.

Will the U.S. Get a Federal Privacy Law?

Data Breach Today

Some Legislative Experts Don't Expect Progress Soon Democrats and the Republicans introduced a number of proposed bills in 2019 designed to create a federal privacy law. But will Congress be able to achieve a compromise in 2020

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

ARMA International

Highlights of the Forrester Research and ARMA International Records Management Online Survey, Q4 2019.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

RuNet – Russia successfully concluded tests on its Internet infrastructure

Security Affairs

Russia successfully disconnected from the internet. Russia’s government announced that it has successfully concluded a series of tests for its RuNet intranet aimed at country disconnection from the Internet.

Data Breach Compromises Payment Card Info At Wawa Stores

Adam Levin

Convenience store and gas station chain Wawa informed customers of a data breach that compromised payment card information at most of its 842 locations. In an announcement released December 19, Wawa CEO Chris Gheysens.

Apple and Google Stop Distributing ToTok Messaging App

Data Breach Today

UAE Government Allegedly Built App to Spy on Citizens; Rival Offerings Banned Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S.

Do You Have the Right Stuff to Transition to Information Governance?

ARMA International

In the late 1950s, the United States invited its top test pilots to apply to become the nation’s first astronauts. As memorialized in the book The Right Stuff , test pilots then had to decide whether to transition into an uncertain-yet-vaguely-familiar new career or continue along their present path.

Thai Officials confirmed the hack of prison surveillance cameras and the video broadcast

Security Affairs

Authorities in Thailand are investigating a cyber attack that resulted in the broadcast of surveillance video from inside a prison in the country’s south.

IoT 81

The Certified Information Professional (CIP) vs the Information Governance Professional (IGP)

AIIM

In a recent post, I compared the CIP and the Certified Records Manager (CRM) certification. The Certified Information Governance Professional (IGP) from ARMA is another certification in the information management field and one that’s attracted a lot of interest from records managers.

US Cybercom Considers Bold Election Security Moves: Report

Data Breach Today

Measures Could Include 'Limited Cyber Operation' Against Russians The U.S. Cyber Command is weighing several cyber strategies to counter Russian influence and interference during the 2020 presidential election, The Washington Post reports.

Facebook Finally Fixes Its Two-Factor Mess

WIRED Threat Level

A Wawa breach, Russian spies, and more of the week's top security news. Security Security / Security News

IT 65

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk

Security Affairs

Critical CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway could be exploited to access company networks, 80,000 companies at risk worldwide.

Risk 83

Doorstep Dispensaree becomes the first UK organisation to receive a GDPR fine

IT Governance

Doorstep Dispensaree has been fined £275,000 for failing to comply with the GDPR (General Data Protection Regulation) , making it the first organisation in the UK to be penalised for breaching its requirements.

MyKings Cryptomining Botnet Leverages EternalBlue Flaw

Data Breach Today

Researchers Also Find Malicious Code Hiding in Taylor Swift Image The MyKings botnet, which has been spreading cryptominers and other malware, continues to grow in sophistication, using steganography to hide malicious updates, Sophos Labs reports.

151
151

'Star Wars: The Rise of Skywalker' Is a Lesson in Military Opposites

WIRED Threat Level

The Resistance is outmanned and outgunned, but their adaptability wins the day. Security Security / Security News

A flaw in Twitter App for Android could have been exploited to take over the account

Security Affairs

A flaw in the Twitter app for Android could have been exploited by attackers to obtain sensitive information or take over an account.