Sat.Jan 11, 2020 - Fri.Jan 17, 2020

Why Penetration Tests Are So Essential

Data Breach Today

Avoiding the Massive Potential Costs of a Data Breach Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities

Now Stores Must Tell You How They're Tracking Your Every Move

WIRED Threat Level

California's new privacy law has spurred a torrent of online notices. But the law is also forcing changes offline, in traditional stores. Business Business / Artificial Intelligence Security

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

5 trends to expect in the new big data protection revolution

Information Management Resources

Instead of regurgitating many of the dominant predictions around tech buzzwords such as quantum computing, 5G, IoT, the cloud, and artificial intelligence, let’s instead focus on the inherent duality of technology. Big data Data security Data management

5G – The Future of Security and Privacy in Smart Cities

Security Affairs

5G technology is here, it is the right time to discuss security and privacy in smart cities and their possible evolution. After a long talk and eagerly waiting, finally, 5G technology is here. The 5G tech is fast – really fast, and now, ‘true’ smart cities are just about time to turn into reality. But what makes a smart city? Or what’s the role of 5G in this transformation?

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Phishing Today, Deepfakes Tomorrow: Training Employees to Spot This Emerging Threat

Dark Reading

Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches -- so start protecting your business now

More Trending

State of the Union: CCPA and Beyond in 2020

Data Protection Report

On New Year’s Day, you may have received emails from numerous companies saying their privacy policies have changed, or noticed a link at the bottom of many companies’ homepages stating “Do Not Sell My Info.” These are two of the more visible requirements of the California Consumer Protection Act (CCPA) and companies are still in the process of rolling out other requirements.

B2B 46

Patch Tuesday, January 2020 Edition

Krebs on Security

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency.

Alarming Trend: More Ransomware Gangs Exfiltrating Data

Data Breach Today

Criminals Increasingly Leak Stolen Data to Force Bitcoin Payoff As if ransomware wasn't already bad enough, more gangs are now exfiltrating data from victims before leaving systems crypto-locked.

Texas School District Loses $2.3M to Phishing Attack

Dark Reading

The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

If Russia Hacked Burisma, Brace for the Leaks to Follow

WIRED Threat Level

The Kremlin likely hacked the oil giant. Its next play: selectively release—and even forge—documents. Did the US learn enough from 2016 to ignore them? Security Security / Cyberattacks and Hacks

IT 95

Phishing for Apples, Bobbing for Links

Krebs on Security

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted.

Windows 7: Microsoft Ceases Free Security Updates

Data Breach Today

Security Experts Recommend Holdouts Review Their IT Strategy and Cloud Options Microsoft has ceased offering free security updates for its Windows 7 operating system, as well as Windows Server 2008 and 2008 R2.

Cloud 201

Critical Windows Vulnerability Discovered by NSA

Schneier on Security

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Windows 10 Has a Security Flaw So Severe the NSA Disclosed It

WIRED Threat Level

In a shift toward transparency, the National Security Agency announced a bug that could have left over 900 million PCs vulnerable to attack. Security Security / Cyberattacks and Hacks

IT 87

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows.

Baby's First Data Breach: App Exposes Baby Photos, Videos

Data Breach Today

Peekaboo Moments Hasn't Responded to Warning That It's Exposing Personal Content A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found.

Baby App “Peekaboo” Leaks Photos, Videos and Personal Data

Adam Levin

An unsecured database discovered online has leaked thousands of baby photos and videos. . Bithouse, Inc. left unprotected and accessible online an Elasticsearch database containing nearly 100GB of information associated with its app Peekabo Moments. The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. .

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Hack the Army bug bounty program paid $275,000 in rewards

Security Affairs

Hack the Army bug bounty program results: 146 valid vulnerabilities were reported by white hat hackers and more than $275,000 were paid in rewards. The second Hack the Army bug bounty program ran between October 9 and November 15, 2019 through the HackerOne platform.

Speaking of: The Paper Clip’s Digital Equivalent

Weissman's World

In the physical world, paper clips are an important source of context, as their use suggests that the pieces of paper they clip together are somehow related. But what is their digital equivalent? And what does this mean in terms of identifying how many documents those pieces of paper represent, the relative importance of the […]. The post Speaking of: The Paper Clip’s Digital Equivalent appeared first on Holly Group. governance metadata infogov information management

Paper 120

Equifax Settles Mega-Breach Lawsuit for $1.38 Billion

Data Breach Today

Federal Judge Gives Final Approval to Class Action Settlement Over 2017 Breach A federal judge in Atlanta has given final approval to a settlement that resolves a class action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history.

A Windows 10 Vulnerability Was Used to Rickroll the NSA and Github

WIRED Threat Level

A researcher demonstrated the attack less than a day after Microsoft disclosed one of the most critical Windows vulnerabilities ever. . Security Security / Cyberattacks and Hacks

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Google removed 1.7K+ Joker Malware infected apps from its Play Store

Security Affairs

Google revealed it successfully removed more than 1,700 apps from the Play Store over the past three years that had been infected with the Joker malware. Google provided technical details of its activity against the Joker malware (aka Bread) operation during the last few years.

IT 84

Welcoming the Danish Government to Have I Been Pwned

Troy Hunt

In a continued bid to make breach data available to the government departments around the world tasked with protecting their citizens, I'm very happy to welcome the first country onto Have I Been Pwned for 2020 - Denmark!

NSA Uncovers 'Severe' Microsoft Windows Vulnerability

Data Breach Today

Microsoft Provides Patch for Cryptographic Flaw in Windows 10 The NSA took the unusual step Tuesday of announcing what it calls a "severe" vulnerability in Microsoft's Windows 10 operating systems ahead of Microsoft's Patch Tuesday security update.

This Apple-FBI Fight Is Different From the Last One

WIRED Threat Level

In 2016, the iPhone encryption debate ended in a draw. Don't count on 2020's scuffle over the Pensacola shooter's devices to play out the same way. Security Security / National Security

Two PoC exploits for CVE-2020-0601 NSACrypto flaw released

Security Affairs

Researchers published proof-of-concept (PoC) code exploits for a recently-patched CVE-2020-0601 flaw in the Windows operating system reported by NSA.