Sat.Aug 31, 2019 - Fri.Sep 06, 2019

Feds, Tech Giants Meet to Coordinate 2020 Election Security

Data Breach Today

Facebook, Google, Microsoft and Twitter Discuss Information Sharing, Coordination Representatives from the U.S.

If You Have to Ask How Much a Data Breach Costs, You Can’t Afford One

Adam Levin

According to IBM Security’s 2019 Cost of a Data Breach Report, the average time to identify and contain a breach was a whopping 279 days, and it took even longer to discover and deal with a malicious attack. The average cost of an incident was $3.9 million, and the average cost per record, $150. A malicious hacker can do serious damage to an organization. Breaches are not a cheap date. Capital One estimated the first-year cost of its recent breach would be $100-150 million.

Intelligent Resilience

Perficient Data & Analytics

The Resilience of your Intelligence. Regardless of what department or area you work in it is critical that your company is set up to handle storms and disasters that may come.

Gamification Can Transform Company Cybersecurity Culture

Threatpost

Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

A Ransomware Tale: Mayor Describes City's Decisions

Data Breach Today

Mayor of New Bedford, Mass., Offers Details at a Press Conference The mayor of New Bedford, Massachusetts, took the unusual step this week of holding a press conference to describe a recent ransomware attack and explain why the city decided not to pay the $5.3 million ransom that was demanded

More Trending

SHARED INTEL: Mobile apps are riddled with security flaws, many of which go unremediated

The Last Watchdog

The convergence of DevOps and SecOps is steadily gaining traction in the global marketplace. Some fresh evidence of this encouraging trend comes to us by way of shared intelligence from WhiteHat Security. Related: The tie between DevOps and SecOps.

Hundreds of millions of Facebook users’ phone numbers exposed online

Security Affairs

New problems to Facebook , phone numbers associated with more than 400 million accounts of the social network giant were exposed online.

Facebook: 419 Million Scraped User Phone Numbers Exposed

Data Breach Today

Social Network Says Problem Fixed, But Techcrunch Reports Many Still Accurate Facebook has confirmed that unprotected databases containing more than 419 million users' phone numbers contained data scraped from the social network.

Data 231

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Krebs on Security

Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct , an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

MY TAKE: How advanced automation of threat intel sharing has quickened incident response

The Last Watchdog

Threat intelligence sharing is such a simple concept that holds so much promise for stopping threat actors in their tracks. So why hasn’t it made more of an impact stopping network breaches?

The Doghouse: Crown Sterling

Schneier on Security

A decade ago, the Doghouse was a regular feature in both my email newsletter Crypto-Gram and my blog. In it, I would call out particularly egregious -- and amusing -- examples of cryptographic " snake oil.".

Hey Jack, How Was Your Account Hacked?

Data Breach Today

‘Satori’ IoT Botnet Operator Pleads Guilty

Krebs on Security

A 21-year-old man from Vancouver, Wash.

IoT 164

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

CVE-2019-15846 Exim mail server flaw allows Remote Code Execution

Security Affairs

A security flaw in Exim mail servers could be exploited by local or remote attackers to execute arbitrary code with root privileges.

Voice Deepfake Scams CEO out of $243,000

Adam Levin

The CEO of a UK-based energy firm lost the equivalent of $243,000 after falling for a phone scam that implemented artificial intelligence, specifically a deepfake voice.

Report: S. Korean Company's Database Leaking Business Data

Data Breach Today

Industrial Supplier DK-Lok's Unsecured Database Accesible Via Internet, Researchers Say Independent security researchers have found yet another unsecured database accessible via the internet. This time, the exposed data belongs to South Korean manufacturing company DK-Lok

Massive iPhone Hack Targets Uyghurs

Schneier on Security

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone.

Groups 101

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

US cyberattack temporarily paralyzed the ability of Iran to target oil tankers in the Gulf

Security Affairs

The United States cyber army carried out a cyberattack in June on a database used by Iran’s Islamic Revolutionary Guard Corps to plot attacks on oil tankers in the Gulf.

Black Hat/DefCon 2019: Where is Quantum?

Thales eSecurity

The weeklong “hacker summer camp” of the combined Black Hat and DefCon drew over 22,000 attendees to Las Vegas last month.

IoT 90

Alleged Capital One Hacker Pleads Not Guilty

Data Breach Today

Paige Thompson's Trial Date Tentatively Set for November Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov.

Access 214

Credit Card Privacy

Schneier on Security

Good article in the Washington Post on all the surveillance associated with credit card use. creditcards privacy surveillance

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems.

IoT 109

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

Adam Levin

As much as I love this one friend of mine, nothing is private when we’re together. You probably have a friend like this.

Foxit Software Breach Exposes Account Data

Data Breach Today

PDF and Document Developer's Breach Notification is Light on Details Foxit Software, the developer of popular PDF and document software, says user accounts were compromised in a breach.

Default Password for GPS Trackers

Schneier on Security

Many GPS trackers are shipped with the default password 123456. Many users don't change them. We just need to eliminate default passwords. This is an easy win. gps passwords tracking

Crooks stole €1.5 million from German bank OLB cloning EMV cards

Security Affairs

Criminals have stolen more than €1.5 million from the German bank OLB by cloning customer debit cards and using them to cash out user funds across Brazil. ZDnet first reported that last week cyber criminals have stolen more than €1.5

Google Wants to Help Tech Companies Know Less About You

WIRED Threat Level

By releasing its homegrown differential privacy tool, Google will make it easier for any company to boost its privacy bona fides. Security Security / Privacy

Tools 82

Texas Ransomware Responders Urge Remote Access Lockdown

Data Breach Today

Lessons Learned From Crypto-Locking Malware Attack That Hit 22 Municipalities Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration.

Access 202

Emerging security challenges for Europe’s emerging technologies

Thales eSecurity

In responding to ever-evolving threats and opportunities, enterprises today must embrace constant motion – a continuous cycle of responding to change and keeping one eye on what’s to come.

IoT 81

Android Zero-Day exploits are the most expensive in the new Zerodium price list

Security Affairs

Zero-day broker Zerodium has updated the price list for both Android and iOS exploits, with Android ones having surpassed the iOS ones for the first time.

Trends 104