Sat.Oct 19, 2019 - Fri.Oct 25, 2019

Protect IT—A Combination of Security Culture and Cyber Hygiene Good Practices

Thales eSecurity

In the spirit of National Cyber Security Awareness Month (NCSAM), my colleague Ashvin Kamaraju wrote about how organizations can use fundamental controls to secure their information technology. Effective digital security doesn’t end at “Secure IT,” however.

61% of organisations reported a data breach in 2019

IT Governance

If your organisation didn’t suffer a data breach last year, consider yourself one of the lucky few. The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months.

Software Is Infrastructure

ForAllSecure

The realization that software is becoming an essential component of our everyday lives was reflected yet again in this year’s. Black Hat. Even more solutions are being touted to deal with the ever-growing exposure of software to malicious threats.

52

42 Phony Google Play Apps Delivered Adware: Report

Data Breach Today

Fake Apps Downloaded More Than 8 Million Times, ESET Researchers Say Some 42 apps that were available in the Google Play store had been delivering adware to Android devices for about a year, according to the security firm ESET.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Cachet Financial Reeling from MyPayrollHR Fraud

Krebs on Security

More Trending

Leaked Memo Warns of Poor Cybersecurity in White House

Adam Levin

A leaked memo from the Office of the Chief Information Security Officer (OCISO) delivered alarming news about the state of cybersecurity at the White House.

Johannesburg Struggles to Recover From Ransomware Attack

Data Breach Today

It's the Second Attack to Target South African City This Year Johannesburg has been hit with a ransomware attack that is crippling municipal services. City Power, an electric utility owned by the city that was hit by a similar attack in July - also was affected by the latest attack

Ransomware Hits B2B Payments Firm Billtrust

Krebs on Security

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. The company said it is in the final stages of bringing all of its systems back online from backups. With more than 550 employees, Lawrence Township, N.J.-based

B2B 130

TikTok, Under Scrutiny, Distances Itself From China

WIRED Threat Level

Three senators have called for an investigation into the social media app, which is owned by the Chinese tech giant ByteDance. Security Security / National Security

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Friday Squid Blogging: Researchers Investigating Using Squid Propulsion for Underwater Robots

Schneier on Security

Interesting article and paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here. academicpapers robotics squid

Paper 52

Here's Why 'Raccoon' Infostealer Is Popular With Criminals

Data Breach Today

IT 130

Avast, NordVPN Breaches Tied to Phantom User Accounts

Krebs on Security

Weekly Update 162

Troy Hunt

Ah, impending summer on the Gold Coast! It's that time of year when you can just start to sense those warm beach days and it's absolutely my favourite time of year here. Which means. it's time to head off to other events again.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Business Models for the Internet of Things (IoT)

Information Matters

Building Business Models for the Internet of Things (IoT): a Literature Review Abstract This paper presents a comprehensive literature review of research relating to IoT business models.

IoT 52

Senators Push for FTC Probe Into Amazon Over Capital One

Data Breach Today

Lawmakers Ask FTC to Investigate Whether Amazon Broke Federal Law Democratic lawmakers are urging the U.S. Federal Trade Commission to open an investigation into whether Amazon violated federal law by failing to the prevent Capital One's devastating data breach.

DDoS Attack on Amazon Web Services caused intermittently outage

Security Affairs

This week Amazon Web Services (AWS) suffered a major distributed denial-of-service (DDoS) attack that made it unavailable for some customers.

Episode 165: Oh, Canada! Independent Security Researchers Feel the Chill Up North

The Security Ledger

n this episode of the podcast (#165), we look at the challenges faced by independent security researchers in Canada. We talk with 19 year-old Noah Clements of University of New Brunswick about the blowback he received after reporting a serious hole in a smart doorbell.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

IRS Followed Bitcoin Transactions and Stops Child Exploitation Site via Forbes

IG Guru

This article discusses how the IRS in the USA along with agencies in the UK and South Korea.

FBI Issues Payment Card Skimming Warning

Data Breach Today

DHS Joins FBI in Offering Mitigation Advice The FBI issued a warning this week about skimmer attacks designed to steal payment card data from e-commerce sites. The U.S. Department of Homeland Security also offered tips on defending against these attacks

Ransomware attack hit the City of Johannesburg municipality

Security Affairs

A new ransomware attack made the headlines, this time the victim is the City of Johannesburg municipality. A ransomware attack infected systems at the City of Johannesburg municipality shutting down the website, the e-services platform, and the billing system (SAP ISU and CRM).

Dark Web Site Taken Down without Breaking Encryption

Schneier on Security

The US Department of Justice unraveled a dark web child-porn website, leading to the arrest of 337 people in at least 18 countries.

77% of UK workers don’t receive cyber skills training

IT Governance

Cyber security training is one of the most effective ways of improving your organisation’s defences against security incidents. It gives staff the wherewithal to avoid costly mistakes and establishes a strong cyber security culture in the office.

Three Charged in $11 Million BEC Scam

Data Breach Today

Police Say Cybercriminal Gang Targeted 12 Companies Spanish authorities say they've arrested three individuals on charges of running a large-scale business email compromise scheme that targeted a dozen companies around the world to steal about $11 million

130
130

Tortuga Crisis: Moonwalk, one of the biggest pirate CDNs eliminated dragging other big CDN-providers down

Security Affairs

Group-IB has discovered that the shutdown of Moonwalk CDN (Content Delivery Network) has likely led to the closure of HDGO and Kodik CDNs.

What is RPA and what does it mean for the OTC process?

DXC Technology

Having more information at our disposal means that we’re able to make better business decisions. But there’s another outcome we’re discovering as well: As data grows, business processes multiply and expand.

IT 52

GERMANY: Data Protection Authorities Issue GDPR Fining Guidelines

DLA Piper Privacy Matters

On 16 October 2019 – after weeks of rumors and speculations – the German data protection authorities (‘DPAs’) published their guidelines (‘ Guidelines’ ) for calculating administrative fines under Article 83 General Data Protection Regulation (‘ GDPR’ ).

GDPR 52

Phishing Schemes Continue to Plague the Healthcare Sector

Data Breach Today

Experts Offer Insights on Mitigating the Threat Recent health data breaches involving phishing schemes are reminders of the persistent threat email-related scams pose to healthcare organizations - and the urgent need to mitigate that threat