Sat.Oct 12, 2019 - Fri.Oct 18, 2019

How to Build a Rock-Solid Cybersecurity Culture

Dark Reading

In part one of this two-part series, we start with the basics - getting everyone to understand what's at stake - and then look at lessons from the trenches

Open Cybersecurity Alliance: In Pursuit of Interoperability

Data Breach Today

With 18 Vendors on Board, Experts Assess New Group's Chances for Success Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Top Use Cases for Enterprise Architecture: Architect Everything


Architect Everything: New use cases for enterprise architecture are increasing enterprise architect’s stock in data-driven business. As enterprise architecture has evolved, so to have the use cases for enterprise architecture.

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

The Last Watchdog

A pair of malicious activities have become a stunning example of digital transformation – unfortunately on the darknet. Related: Cyber risks spinning out of IoT Credential stuffing and account takeovers – which take full advantage of Big Data, high-velocity software, and automation – inundated the internet in massive surges in 2018 and the first half of 2019, according to multiple reports. Credential stuffing is one of the simplest cybercriminal exploits , a favorite among hackers.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked.

Sales 282

More Trending

SIM cards used in 29 countries are vulnerable to Simjacker attack

Security Affairs

Security researchers at Adaptive Mobile who discovered the SimJacker issue have published the list of countries where mobile operators use flawed SIM cards.

Paper 114

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

The Last Watchdog

If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. Compromised logins continue to facilitate cyber attacks at all levels, from phishing ruses to credential stuffing to enabling hackers to probe deep inside of a breached network.

When Card Shops Play Dirty, Consumers Win

Krebs on Security

Cybercrime forums have been abuzz this week over news that BriansClub — one of the underground’s largest shops for stolen credit and debit cards — has been hacked, and its inventory of 26 million cards shared with security contacts in the banking industry.

Sales 195

Ransomware Attacks: STOP, Dharma, Phobos Dominate

Data Breach Today

GlobeImposter 2.0 and Sodinokibi Strikes Also Common, Researchers Find Ransomware is once again the most common illicit profit-making tool in online attackers' arsenal, police warn. Security firm Emsisoft says the most-seen strains in recent months include STOP, Dharma.cezar, Phobos, GlobeImposter 2.0

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

The MacOS Catalina Privacy and Security Features You Should Know

WIRED Threat Level

The latest macOS update is chock-full of ways to better safeguard your data. Security Security / Security Advice

SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

The Last Watchdog

Digital commerce has come to revolve around two types of identities: human and machine. Great effort has gone into protecting the former, and yet human identities continue to get widely abused by cyber criminals. By comparison, scant effort has gone into securing the latter. This is so in spite of the fact that machine identities are exploding in numbers and have come to saturate digital transformation. Related: IoT exposures explained I’ve conversed several times with Jeff Hudson about this.

sudo flaw allows any users to run commands as Root on Linux

Security Affairs

Experts discovered a security policy bypass issue in the Sudo utility that is installed as a command on almost every Linux and Unix system. The Sudo utility that is installed as a command on almost every Linux and Unix system is affected by a security policy bypass issue tracked as CVE-2019-14287.

Thoma Bravo to Buy Sophos for $3.9 Billion

Data Breach Today

Sophos Board Will 'Unanimously Recommend' Deal to Shareholders Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based based security company Sophos in a $3.9 billion deal, the two companies announced Monday.

Sales 194

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

An iTunes Bug Let Hackers Spread Ransomware

WIRED Threat Level

FBI overreach, hacker payback, and more of the week's top security news. Security Security / Security News

SHARED INTEL: How NTA/NDR systems get to ‘ground truth’ of cyber attacks, unauthorized traffic

The Last Watchdog

The digital footprints of U.S. consumers’ have long been up for grabs. No one stops the tech giants, media conglomerates and online advertisers from intensively monetizing consumers’ online behaviors, largely without meaningful disclosure. Related: The state of ransomware Who knew that much the same thing routinely happens to enterprises?

Cloud 113

Factoring 2048-bit Numbers Using 20 Million Qubits

Schneier on Security

This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It's interesting work, but I don't want overstate the risk.

Paper 112

'Silent Librarian' Revamps Phishing Campaign: Proofpoint

Data Breach Today

Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

How a Bitcoin Trail Led to a Massive Dark Web Child-Porn Site Takedown

WIRED Threat Level

Federal investigators focused not on offensive hacking efforts or surveilling communications, but on the transactions using cryptocurrency. Security Security / Security News

Approaching the Reverse Engineering of a RFID/NFC Vending Machine

Security Affairs

Security expert Pasquale Fiorillo demonstrates how to hack n RFID/NFC Vending Machine. The affected vendor did not answer to my responsible disclosure request, so I’m here to disclose this “hack” without revealing the name of the vendor itself.

Cracking the Passwords of Early Internet Pioneers

Schneier on Security

Lots of them weren't very good : BSD co-inventor Dennis Ritchie, for instance, used "dmac" (his middle name was MacAlistair); Stephen R.

Cybercrime Tool Prices Continue to Rise on Darknet Sites

Data Breach Today

Payment Card and Passport Data Are Most Sought-After Commodities, Report Finds The prices for specific types of cybercriminal tools on darknet sites continue to rise, according to a recent analysis by security firm Flashpoint.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Facebook Sweetens Deal for Hackers to Catch Security Bugs

WIRED Threat Level

The company is turbocharging its bug bounty to try to stop the next data leak before it happens. Security Security / Security News

A new Mac malware dubbed Tarmac has been distributed via malvertising campaigns

Security Affairs

Confiant researchers have discovered a new Mac malware dubbed Tarmac distributed via malvertising campaigns in the US, Italy, and Japan. Security experts at Confiant have discovered a new Mac malware dubbed Tarmac that is distributed via malvertising campaigns in the US, Italy, and Japan.

Can smart cities be secured and trusted?

Thales eSecurity

It is the year 2030, and you have had another busy day. As you finish what you thought would be your last espresso and grab your laptop to leave work, your colleague tells you that you need to stay late for an urgent meeting. Panic sets in, but you push past it and put a plan into motion.

Stung by Takedowns, Criminals Tap Distributed Dark Markets

Data Breach Today

Law enforcement success inevitably sparks criminals to become more innovative, including shifting from centralized markets - such as Hansa and Wall Street Market - to encrypted and distributed marketplaces, says the University of Surrey's Alan Woodward

When Using Cloud, Paranoia Can Pay Off

Dark Reading

Journalists are increasingly concerned about what cloud providers may access or share with governments - and companies should worry as well

Cloud 93