Sat.Jan 11, 2020 - Fri.Jan 17, 2020

Why Penetration Tests Are So Essential

Data Breach Today

Avoiding the Massive Potential Costs of a Data Breach Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities

Now Stores Must Tell You How They're Tracking Your Every Move

WIRED Threat Level

California's new privacy law has spurred a torrent of online notices. But the law is also forcing changes offline, in traditional stores. Business Business / Artificial Intelligence Security

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

5 trends to expect in the new big data protection revolution

Information Management Resources

Instead of regurgitating many of the dominant predictions around tech buzzwords such as quantum computing, 5G, IoT, the cloud, and artificial intelligence, let’s instead focus on the inherent duality of technology. Big data Data security Data management

5G – The Future of Security and Privacy in Smart Cities

Security Affairs

5G technology is here, it is the right time to discuss security and privacy in smart cities and their possible evolution. After a long talk and eagerly waiting, finally, 5G technology is here. The 5G tech is fast – really fast, and now, ‘true’ smart cities are just about time to turn into reality. But what makes a smart city? Or what’s the role of 5G in this transformation?

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Phishing Today, Deepfakes Tomorrow: Training Employees to Spot This Emerging Threat

Dark Reading

Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches -- so start protecting your business now

More Trending

State of the Union: CCPA and Beyond in 2020

Data Protection Report

On New Year’s Day, you may have received emails from numerous companies saying their privacy policies have changed, or noticed a link at the bottom of many companies’ homepages stating “Do Not Sell My Info.” These are two of the more visible requirements of the California Consumer Protection Act (CCPA) and companies are still in the process of rolling out other requirements.

B2B 46

Alarming Trend: More Ransomware Gangs Exfiltrating Data

Data Breach Today

Criminals Increasingly Leak Stolen Data to Force Bitcoin Payoff As if ransomware wasn't already bad enough, more gangs are now exfiltrating data from victims before leaving systems crypto-locked.

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows.

5G Security

Schneier on Security

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

What Is Data Modeling? Data Modeling Best Practices for Data-Driven Organizations

erwin

What is Data Modeling? Data modeling is a process that enables organizations to discover, design, visualize, standardize and deploy high-quality data assets through an intuitive, graphical interface.

Windows 7: Microsoft Ceases Free Security Updates

Data Breach Today

Security Experts Recommend Holdouts Review Their IT Strategy and Cloud Options Microsoft has ceased offering free security updates for its Windows 7 operating system, as well as Windows Server 2008 and 2008 R2.

Cloud 203

Patch Tuesday, January 2020 Edition

Krebs on Security

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency.

If Russia Hacked Burisma, Brace for the Leaks to Follow

WIRED Threat Level

The Kremlin likely hacked the oil giant. Its next play: selectively release—and even forge—documents. Did the US learn enough from 2016 to ignore them? Security Security / Cyberattacks and Hacks

IT 93

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Critical Windows Vulnerability Discovered by NSA

Schneier on Security

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

Baby's First Data Breach: App Exposes Baby Photos, Videos

Data Breach Today

Peekaboo Moments Hasn't Responded to Warning That It's Exposing Personal Content A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found.

Phishing for Apples, Bobbing for Links

Krebs on Security

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted.

Texas School District Loses $2.3M to Phishing Attack

Dark Reading

The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

All the Ways Facebook Tracks You—and How to Limit It

WIRED Threat Level

If you have a Facebook account—and even if you don't—the company is going to collect data about you. But you can at least control how it gets used. Security Security / Privacy

IT 91

NSA Uncovers 'Severe' Microsoft Windows Vulnerability

Data Breach Today

Microsoft Provides Patch for Cryptographic Flaw in Windows 10 The NSA took the unusual step Tuesday of announcing what it calls a "severe" vulnerability in Microsoft's Windows 10 operating systems ahead of Microsoft's Patch Tuesday security update.

Baby App “Peekaboo” Leaks Photos, Videos and Personal Data

Adam Levin

An unsecured database discovered online has leaked thousands of baby photos and videos. . Bithouse, Inc. left unprotected and accessible online an Elasticsearch database containing nearly 100GB of information associated with its app Peekabo Moments. The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. .

With International Tensions Flaring, Cyber Risk is Heating Up for All Businesses

Dark Reading

Risks of nation-state attacks go beyond Iran, and the need for awareness and security don't stop at any national border

Risk 84

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Hack the Army bug bounty program paid $275,000 in rewards

Security Affairs

Hack the Army bug bounty program results: 146 valid vulnerabilities were reported by white hat hackers and more than $275,000 were paid in rewards. The second Hack the Army bug bounty program ran between October 9 and November 15, 2019 through the HackerOne platform.

Equifax Settles Mega-Breach Lawsuit for $1.38 Billion

Data Breach Today

Federal Judge Gives Final Approval to Class Action Settlement Over 2017 Breach A federal judge in Atlanta has given final approval to a settlement that resolves a class action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history.

Speaking of: The Paper Clip’s Digital Equivalent

Weissman's World

In the physical world, paper clips are an important source of context, as their use suggests that the pieces of paper they clip together are somehow related. But what is their digital equivalent? And what does this mean in terms of identifying how many documents those pieces of paper represent, the relative importance of the […]. The post Speaking of: The Paper Clip’s Digital Equivalent appeared first on Holly Group. governance metadata infogov information management

Paper 120

7 Ways to Get the Most Out of a Penetration Test

Dark Reading

You'll get the best results when you're clear on what you want to accomplish from a pen test

83

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Google removed 1.7K+ Joker Malware infected apps from its Play Store

Security Affairs

Google revealed it successfully removed more than 1,700 apps from the Play Store over the past three years that had been infected with the Joker malware. Google provided technical details of its activity against the Joker malware (aka Bread) operation during the last few years.

IT 84

Albany Airport Pays Off Sodinokibi Ransomware Gang: Report

Data Breach Today

Same Crypto-Locking Malware Recently Crippled Currency Exchange Firm Telenex Officials at the Albany International Airport paid a ransom to cybercriminals after the facility's systems were hit with Sodiniokibi ransomware strain, according to local media reports.

Windows 10 Has a Security Flaw So Severe the NSA Disclosed It

WIRED Threat Level

In a shift toward transparency, the National Security Agency announced a bug that could have left over 900 million PCs vulnerable to attack. Security Security / Cyberattacks and Hacks

IT 83