Sat.Aug 17, 2019 - Fri.Aug 23, 2019

Forced Password Reset? Check Your Assumptions

Krebs on Security

Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password.

MY TAKE: Can embedding security deep inside mobile apps point the way to securing IoT?

The Last Watchdog

The full blossoming of the Internet of Things is on the near horizon – or is it? Enterprises across the planet are revving up their IoT business models, and yet there is a sense of foreboding about a rising wave of IoT-related security exposures.

IoT 168

The rise of hybrid cloud poses new security challenges – are you prepared?

Thales eSecurity

There aren’t many sure bets in technology today, but it’s hard to see an enterprise world without the use of hybrid cloud environments.

Cloud 106

Harnessing structured and unstructured data for digital transformation

Information Management Resources

As executives look to evolve, the common thread amongst these objectives is the critical importance of analyzing data – both structured and unstructured – to attaining lasting success

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Cloud Security: Mess It Up and It's on You

Data Breach Today

Jay Heiser of Gartner Says the Cloud Demands New Security Processes, Tools The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges.

IT 175

More Trending

Hackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installs

Security Affairs

Hackers are exploiting recently disclosed flaws in enterprise virtual private network (VPN) products from Fortinet and Pulse Secure.

Google Finds 20-Year-Old Microsoft Windows Vulnerability

Schneier on Security

There's no indication that this vulnerability was ever used in the wild, but the code it was discovered in -- Microsoft's Text Services Framework -- has been around since Windows XP. google microsoft vulnerabilities windows

IT 107

Texas Pummeled by Coordinated Ransomware Attack

Data Breach Today

Cybercrime Campaign Counts 23 Victims - Mostly Local Government Entities State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning.

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Krebs on Security

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states.

Sales 231

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency.

Mining 113

Influence Operations Kill Chain

Schneier on Security

Influence operations are elusive to define. The Rand Corp.'s s definition is as good as any: "the collection of tactical information about an adversary as well as the dissemination of propaganda in pursuit of a competitive advantage over an opponent."

Video 106

FBI Arrests Nigerian Suspect in $11 Million BEC Scheme

Data Breach Today

Scam Targeted UK Affiliate of US Heavy Equipment Firm Caterpillar, Prosecutors Allege The FBI has arrested a Nigerian businessman for allegedly carrying out an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar

SHARED INTEL: Malware-ridden counterfeit phones place consumers, companies in harm’s way

The Last Watchdog

A faked Rolex or Prada handbag is easy enough to acquire on the street in certain cities, and you can certainly hunt one down online. Now add high-end counterfeit smartphones to the list of luxury consumer items that are being aggressively marketed to bargain-hungry consumers.

Study 147

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

A new Zero-Day in Steam client impacts over 96 million Windows users

Security Affairs

A new zero-day vulnerability in the for Windows impacting over 96 million users was disclosed by researcher Vasily Kravets. A news zero-day flaw in the Steam client for Windows client impacts over 96 million users.

Video 113

Modifying a Tesla to Become a Surveillance Platform

Schneier on Security

From DefCon : At the Defcon hacker conference today, security researcher Truman Kain debuted what he calls the Surveillance Detection Scout.

Facebook and Twitter Scuttle Hong Kong Disinformation

Data Breach Today

Pro-Democracy Protestors Targeted via Information Operations Attributed to China Facebook and Twitter have suspended a number of accounts and pages that they have tied to information operations being run by the Chinese government.

GUEST ESSAY: The ethical considerations of personal privacy viewed as a human right

The Last Watchdog

It ought to be clear to everyone that personal privacy should be a human right and not a commodity to be bought and sold. Alas, we can’t take it for granted: data breaches put us under fire constantly, revealing everything about us from logs and passwords to medical data. The recent Suprema data breach , for example, exposed such sensitive data as fingerprints, facial recognition, and clearance level information of as many as 28 million employees worldwide.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Hacker publicly releases Jailbreak for iOS version 12.4

Security Affairs

Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers. A public Jailbreak for iPhones in was released by a hacker, it is an exceptional event because it is the first in years.

Events 114

‘Documentation as code’ matters. Here’s why

DXC Technology

There has long been a mindset to treat documentation and code as separate functions. But this thinking is obsolete. Organizations should start treating documentation as code. Development projects are not complete without documentation that is in the same state or better as the code.

Down and Out in Hacktivist Land

Data Breach Today

Bona Fide Hacktivism Plummets, While Nation-State False-Flag Operations Continue Where have all the hacktivists gone?

213
213

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. .

Thousands credit card numbers of MoviePass customers were exposed online

Security Affairs

A security expert discovered that the popular movie ticket subscription service MoviePass has exposed thousands of customer card numbers and personal credit cards.

China Attacks Hong Kong Protesters With Fake Social Posts

WIRED Threat Level

Twitter and Facebook say they’ve taken down misinformation campaigns from China that cast pro-democracy activists as ISIS members and cockroaches. Security Security / Security News

Texas Says 22 Local Government Agencies Hit by Ransomware

Data Breach Today

Single Threat Actor' Suspected; Government Coalition Urges Greater Prevention Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too.

The Design Thinking Process: Five Stages to Solving Business Problems

erwin

The design thinking process is a method of encouraging and improving creative problem-solving. The design thinking process is by no means new. John Edward Arnold, a professor of mechanical engineering and business administration, was one of the first to discuss the concept in as early as the 1950s.

Lenovo Solution Centre flaw allows hacking Windows laptop in 10 minutes

Security Affairs

Researchers at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) tracked as CVE-2019-6177. Security experts at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) that exists since 2011.

Facebook’s New Privacy Feature Comes With a Loophole

WIRED Threat Level

"Off-Facebook Activity" will give users more control over their data, but Facebook needs up to 48 hours to aggregate your information into a format it can share with advertisers. Security Security / Privacy

For Sale on Cybercrime Markets: Real 'Digital Fingerprints'

Data Breach Today

Sales 210

License Plate "NULL"

Schneier on Security

There was a DefCon talk by someone with the vanity plate "NULL." The California system assigned him every ticket with no license plate: $12,000.

91

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Your IP or Internet Protocol address is your digital identity on the internet.