Sat.Dec 28, 2019 - Fri.Jan 03, 2020

How Cybersecurity's Metrics of Misery Fail to Describe Cybercrime Pain

Dark Reading

Dollars lost and data records exposed are valuable measurements, but the true pain of a cybersecurity incident goes far beyond that. We asked infosec pros how they put words to the pain they feel when their defenses fall apart

Mean Time to Hardening: The Next-Gen Security Metric

Threatpost

Given that the average time to weaponizing a new bug is seven days, you effectively have 72 hours to harden your systems before you will see new exploits.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Promiscuous Cookies and Their Impending Death via the SameSite Policy

Troy Hunt

Cookies like to get around. They have no scruples about where they go save for some basic constraints relating to the origin from which they were set.

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. This includes protection from natural disasters, theft, vandalism, and terrorism. Related: Good to know about IoT Physical security is often a second thought when it comes to information security.

Risk 148

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Understanding the data downtime gap — and how to fix it

Information Management Resources

The growing dependence on information, plus the sheer amount of it, has led to something called the data downtime gap. Here's a look at what that is and how companies can address it. Data visualization Analytics Data management

IT 47

More Trending

7 Tips for Maximizing Your SOC

Threatpost

Use the seven points listed above to create an effective and efficient operational workflow and, importantly, happier analysts who aren't buried at the bottom of a pile of mostly irrelevant data.

Happy 10th Birthday, KrebsOnSecurity.com

Krebs on Security

Today marks the 10th anniversary of KrebsOnSecurity.com! Over the past decade, the site has featured more than 1,800 stories focusing mainly on cybercrime, computer security and user privacy concerns. And what a decade it has been.

Fraud in the New Decade

Dark Reading

Like any enterprise that wants to survive, fraudsters and hackers will continue to build on past successes to fuel future growth

111
111

Restaurant Chain Landry's Investigates Malware Incident

Data Breach Today

Houston-Based Firm Describes How Card Data May Have Been Breached Landry's Inc., a Houston-based company that owns and operates over 600 restaurants, hotels, casinos and other entertainment establishments in the U.S.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Predicting the top 7 trends in manufacturing for 2020

OpenText Information Management

After starting the year strongly, manufacturing left 2019 faced with shrinking production and global uncertainty. Deloitte suggests manufacturers should increase the resilience in their operations while building and improving their ‘digital muscle’.

Top 10 Data Governance Trends for 2020: Data’s Real Value Comes Into Focus

erwin

Understanding the data governance trends for the year ahead will give business leaders and data professionals a competitive edge … Happy New Year! Regulatory compliance and data breaches have driven the data governance narrative during the past few years.

How AI and Cybersecurity Will Intersect in 2020

Dark Reading

Understanding the new risks and threats posed by increased use of artificial intelligence

Smart Home Device Maker Wyze Exposed Camera Database

Data Breach Today

Technical Data Plus Emails Made It Possible to Link Cameras to People Seattle-based smart home device maker Wyze says an error by a developer exposed a database to the internet over a three-week period earlier this month.

IT 179

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

Crooks use Star Wars saga as bait in Phishing and malware attacks

Security Affairs

Crooks are exploiting the popularity of the Star Wars saga to monetize their efforts, experts warn of online streaming sites delivering malware. Cybercriminals leverage popular movies like Star Wars to lure users into downloading malware to watch exclusive scenes or the full movie.

The United Kingdom Leaks Home Addresses of Prominent Brits

Adam Levin

2020 seems to be getting off to an inauspicious start with the compromise of the home addresses of prominent UK citizens–many of them in lines of work that could make them targets for crime.

6 CISO New Year's Resolutions for 2020

Dark Reading

We asked chief information security officers how they plan to get their infosec departments in shape next year

Microsoft Removes 50 Domains Tied to North Korean Hackers

Data Breach Today

Company Says Malicious Sites Used For Spear-Phishing and Malware Attacks Microsoft has taken control of 50 domains that the company says were used by a hacking group with ties to North Korea. The attackers used these sites to launch spear-phishing attacks against specific victims and spread malware

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

US Army banned the popular TikTok app over China security concerns

Security Affairs

The U.S. Army this week has banned the popular TikTok app from government mobile amid fear of China-linked cyberespionage. The US Army has banned the use of the popular TikTok app on mobile phones used by its personnel for security reasons.

Hacking School Surveillance Systems

Schneier on Security

Lance Vick suggesting that students hack their schools' surveillance systems. This is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine," he said.

IT 80

Time for Insider-Threat Programs to Grow Up

Dark Reading

Immature programs attempting to protect against damaging attacks by insiders run the risk of alienating employees

Risk 94

Ambulance Company Slapped With HIPAA Fine

Data Breach Today

Regulator Says Case Involved 'Longstanding Compliance Issues' Federal regulators have smacked a Georgia-based ambulance company with a financial settlement and corrective action plan in a case involving "longstanding" HIPAA compliance issues. How big was the fine, and what factors precipitated it

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

Expert finds Starbucks API Key exposed online

Security Affairs

Developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users.

2019: 12 Months of Connecting with Customers

Micro Focus

As is customary with this time of year, blogs, press and social media are filled with top 10 lists, year in review, articles reflecting back on what has passed and what is to come. I wanted to take a moment to reflect on 2019 and some of the ways the Micro Focus team has come. View Article.

Organizations May 'Uncloud' Over Security, Budgetary Concerns

Dark Reading

While most cloud vendors forecast continued adoption and growth, some customers are taking a harder look at the cloud services they're using

Cloud 94

US Coast Guard Warns Over Ryuk Ransomware Attacks

Data Breach Today

Incident That Targeted Maritime Facility Traced to Phishing Email The U.S. Coast Guard issued a security alert this month after a ransomware attack took down the IT network of an unnamed maritime facility.

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

A new trojan Lampion targets Portugal

Security Affairs

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax.

How the US Prepares Its Embassies for Potential Attacks

WIRED Threat Level

In addition to securing physical structures, the Diplomatic Security Service runs simulations of protests in a model city in Virginia. Security Security / National Security

IT 77

6 Security Team Goals for DevSecOps in 2020

Dark Reading

Huge opportunities await security teams that are finally ready move the needle on security problems that have plagued organizations for years