Sat.Dec 07, 2019 - Fri.Dec 13, 2019

Collaboration Platforms: Great for Collaborating, Problematic for Ediscovery and Compliance

Hanzo Learning Center

Most knowledge work these days demands some form of collaboration. You draft a document; your colleagues comment on it and make suggestions for how it could be better. You chat on Slack about how to incorporate those comments.

Toys “R” Us Is Back—Now With More Surveillance!

WIRED Threat Level

Reports about the toy store using cameras to track shoppers caused an uproar, but the companies behind the tech insist their systems are trained to ignore kids. Security Security / Privacy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Why it’s now crucial to preserve PKI, digital certificates as the core of Internet security

The Last Watchdog

For decades, the cornerstone of IT security has been Public Key Infrastructure, or PKI , a system that allows you to encrypt and sign data, issuing digital certificates that authenticate the identity of users. Related: How PKI could secure the Internet of Things If that sounds too complicated to grasp, take a look at the web address for the home page of this website. Take note of how the URL begins with HTTPS. The ‘S’ in HTTPS stands for ‘secure.’

Is your Organization Suffering From Third-Party "Compliance Drift"?

Data Breach Today

Countermeasures to Keep your Compliance On Track and as Originally Designed Third-party vendors accessing your most critical systems and networks can also bring in security incidents along with all those wonderful things they promised in the sales presentation

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

Passwordless? Imagining the Future of Authentication

The Security Ledger

The average employee in the workplace has 191 passwords. Will we ever rid ourselves of them and, if so, how? Gerald Beuchelt, the Chief Information Security Officer at LogMeIn talks about how changes in authentication may deliver a passwordless future. The post Passwordless?

More Trending

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Krebs on Security

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo.

GDPR Violation: German Privacy Regulator Fines 1&1 Telecom

Data Breach Today

$11 Million Fine for Authentication Shortcomings at Telecommunications Provider One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms.

GDPR 179

Insights about the first five years of Right to be Forgotten requests at Google

Elie

Right to be Forgotten” (RTBF). is a landmark European ruling that governs the delisting of personal information from search results.

Paper 97

Welcome to the era of the industrial cloud

OpenText Information Management

The industrial Internet of Things (IIoT) is having a profound effect on how manufacturing organizations share information.

Cloud 89

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

The Great $50M African IP Address Heist

Krebs on Security

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers.

Intel Chips Vulnerable to 'Plundervolt' Attack

Data Breach Today

Dropping Voltage to CPUs Can Force Sensitive Data Disclosure Intel issued a firmware update on Tuesday to mitigate an attack developed by researchers, dubbed Plundervolt, which uses voltage fluctuations to reveal secrets such as encryption keys.

Lessons Learned from 7 Big Breaches in 2019

Dark Reading

Capital One, Macy's, FEMA, and others: key takeaways from the year's most notable breaches

83

Why Ring Doorbells Perfectly Exemplify the IoT Security Crisis

WIRED Threat Level

A new wave of reports about the home surveillance cameras getting hijacked by creeps is painfully familiar. Security Security / Cyberattacks and Hacks

IoT 83

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Patch Tuesday, December 2019 Edition

Krebs on Security

Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software.

City of Pensacola Recovering From Ransomware Attack

Data Breach Today

FBI: Incident Doesn't Appear Related to Last Week's Naval Air Base Shooting The city of Pensacola, Florida, on Tuesday was still recovering from a Saturday ransomware attack that occurred just one day after a shooting incident at Naval Air Station Pensacola.

Scaring People into Supporting Backdoors

Schneier on Security

Back in 1998, Tim May warned us of the "Four Horsemen of the Infocalypse": "terrorists, pedophiles, drug dealers, and money launderers." I tended to cast it slightly differently.

Data Leak Exposes Birth Certificate Info of 750k

Adam Levin

The personal data of more than 752,000 applicants filed to obtain copies of birth and death certificates was found on an unprotected Amazon Web Services database. .

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

CISO Magazine Honors KrebsOnSecurity

Krebs on Security

CISO Magazine , a publication dedicated to covering issues near and dear to corporate chief information security officers everywhere, has graciously awarded this author the designation of “ Cybersecurity Person of the Year ” in its December 2019 issue.

Health Data Breach Tally: Trends in 2019

Data Breach Today

Hacking Attacks, Business Associate Incidents Were Common The federal tally of health data breaches shows that hacking attacks and incidents involving business associates dominated this year. Here's an analysis of all the latest trends

Nation-State Attackers May Have Co-opted Vega Ransomware

Dark Reading

The tactics used by the latest version of the Vega cryptolocker program indicates the code may have been stolen from its authors and is now being used for destructive attacks, a new report suggests

City of Pensacola Hit By Cyberattack Following Shooting

Adam Levin

Pensacola, FL was hit by a cyberattack in the wake of what has been described as a terrorist shooting.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Flaws in Siemens SPPA-T3000 control system expose power plants to hack

Security Affairs

Experts discovered tens of flaws in the Siemens SPPA-T3000 control systems that could be exploited to attack fossil and renewable power plants.

Joker's Stash Celebrates Turkey Day With Stolen Card Data

Data Breach Today

Fraudsters Invited to Dine Out on 460,000 Stolen Turkish Payment Cards The notorious Joker's Stash carder marketplace has recently listed for sale 460,000 records, including four "Turkey-Mix" batches that feature never-before-seen payment card data that traces to Turkey's 10 largest banks, says cybersecurity firm Group-IB.

Sales 158

EFF on the Mechanics of Corporate Surveillance

Schneier on Security

EFF has published a comprehensible and very readable "deep dive" into the technologies of corporate surveillance, both on the Internet and off. Well worth reading and sharing. Boing Boing post. businessofsecurity eff privacy surveillance tracking

Data Leak Week: Billions of Sensitive Files Exposed Online

Dark Reading

A total of 2.7 billion email addresses, 1 billion email account passwords, and nearly 800,000 applications for copies of birth certificate were found on unsecured cloud buckets

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.