2018

Credit Freezes are Free: Let the Ice Age Begin

Krebs on Security

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history.

Strong, streamlined and secure: How to get the most out of centralized key management

Thales Cloud Protection & Licensing

With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Whether it’s varying protection levels, differing operational techniques and policies, or juggling multiple keys, managing more than one encryption system can quickly turn into a complex web that demands time, expertise and money to manage effectively.

Cloud 162
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Legacy Content Migration: Urgent Need is Largely Invisible

Weissman's World

Fun fact: an estimated 75% of today’s content management solutions were installed before the year 2010 – meaning that most organizations are now depending upon systems that at best are dated, and at are worst dangerously close end-of-life. This being the case, you’d think that folks would be working hard to move their legacy content […]. The post Legacy Content Migration: Urgent Need is Largely Invisible appeared first on Holly Group.

GDPR: EU Sees More Data Breach Reports, Privacy Complaints

Data Breach Today

Ireland, France, Germany and UK Report Increases Since Privacy Law Took Effect The number of data breach reports filed since the EU General Data Protection Regulation went into effect has hit nearly 3,500 in Ireland, over 4,600 in Germany, 6,000 in France and 8,000 in the U.K. Regulators say more Europeans are also filing more complaints about organizations' data protection and privacy practices

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Security Breaches Don't Affect Stock Price

Schneier on Security

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

More Trending

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

The Last Watchdog

Distributed denial of service (DDoS) attacks continue to erupt all across the Internet showing not the faintest hint of leveling off, much less declining, any time soon. Related video: How DDoS attacks leverage the Internet’s DNA. To the contrary, DDoS attacks appear to be scaling up and getting more sophisticated in lock step with digital transformation; DDoS attacks today are larger, more varied and come at the targeted website from so many more vectors than ever before.

IoT 165

5 Steps to Better Security in Hybrid Clouds

Dark Reading

Following these tips can improve your security visibility and standardize management across hybrid environments

Cloud 123

Voice Phishing Scams Are Getting More Clever

Krebs on Security

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

Krebs on Security

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out. This week, the U.S.

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

The Machine Identity Crisis

Data Breach Today

We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed

What the Marriott Breach Says About Security

Krebs on Security

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised. TO COMPANIES.

How to Shop Online Like a Security Pro

Krebs on Security

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online.

Management by Magazine (InfoGov Edition)

Weissman's World

Today, on Perpective Check: The truth and consequences of your boss flipping through the pages of a magazine and saying, “I just read about [new shiny infogov object] that EVERYBODY’S using. How come we’re not??” link]. The post Management by Magazine (InfoGov Edition) appeared first on Holly Group. Information Management infogov information governance

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

How Cyber Insurance Is Changing in the GDPR Era

Data Breach Today

Privacy Breach Claims Are Rising, Says Thomas Clayton of Zurich Insurance Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance

Connecticut City Pays Ransom After Crypto-Locking Attack

Data Breach Today

Separately, a Water Utility Hit by Ryuk Ransomware Vows to Restore, Not Pay A tale of two different ransomware victims' responses: One Connecticut city says it had little choice but to pay a ransom to restore crypto-locked systems. But a North Carolina water utility hit separately says that rather than bow to criminals' demands, it will rebuild affected systems and databases

Facebook personal data use and privacy settings ruled illegal by German court

The Guardian Data Protection

Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. The court found that Facebook collects and uses personal data without providing enough information to its members for them to render meaningful consent.

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. One of more fascinating innovators in this space is 11-year-old DataLocker, based in Overland Park, Kansas. Related: How DataLocker got its start h. Co-founder Jay took a business trip to South Korea in the fall of 2007.

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

USPS Site Exposed Data on 60 Million Users

Krebs on Security

Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. Image: USPS.com. KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said he informed the USPS about his finding more than a year ago yet never received a response.

Did China Spy on Australian Defense Websites?

Data Breach Today

One Answer Is Clear: Network Re-Routing Raises Suspicions For nearly 30 months, internet traffic going to Australian Department of Defense websites flowed through China Telecom data centers, an odd and suspicious path. Why the strange routing occurred is known. But the reasons why it persisted for so long aren't

Hackers Intercepted EU Diplomatic Cables for 3 Years

Data Breach Today

Phishing Attack Against Cyprus Stole Access Passwords, New York Times Reports For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reports

First ATM 'Jackpotting' Attacks Hit US

Data Breach Today

Cash-Out Malware Called 'Ploutus' Migrates North From Mexico U.S. Secret Service alert: For the first time, malware-using fraudsters have been draining U.S. ATMs of their cash via what's known as a jackpotting or cash-out attack. Two older models of ATMs made by Diebold Nixdorf appear to have been targeted

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Facebook Security Bug Affects 90M Users

Krebs on Security

Facebook said today some 90 million of its users may get forcibly logged out of their accounts after the company fixed a rather glaring security vulnerability in its Web site that may have let attackers hijack user profiles. In a short blog post published this afternoon, Facebook said hackers have been exploiting a vulnerability in Facebook’s site code that impacted a feature called “View As,” which lets users see how their profile appears to other people.

Secret Service Warns of Surge in ATM ‘Wiretapping’ Attacks

Krebs on Security

The U.S. Secret Service is warning financial institutions about a recent uptick in a form of ATM skimming that involves cutting cupcake-sized holes in a cash machine and then using a combination of magnets and medical devices to siphon customer account data directly from the card reader inside the ATM.

Facebook Breach: Single Sign-On of Doom

Data Breach Today

Victims Need 'Single Sign-Off' in This Age of Hyper-Connected Services and Apps While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps

GovPayNow.com Leaks 14M+ Records

Krebs on Security

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

Equifax Hit With Maximum UK Privacy Fine After Mega-Breach

Data Breach Today

Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security

Sextortion Scam Wields Stolen Passwords, Demands Bitcoins

Data Breach Today

Attackers Send a Leaked Password as 'Proof' Victim Was Hacked Scammers behind an ongoing "sextortion" campaign have been emailing a legitimate password - likely from a publicly leaked list - to victims with a threat to release a compromising video of the recipient unless they pay up in bitcoins, Barracuda Networks warns

NEW TECH: Critical Start applies ‘zero-trust’ security model to managed security services

The Last Watchdog

All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That’s where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware detection, firewalls upkeep, vulnerability management and more. Related: Delivering useful intel to MSSPs. Companies are gravitating to MSSPs in a big way.