2019

MY TAKE: What everyone should know about the promise and pitfalls of the Internet of Things

The Last Watchdog

126
126

Dark Patterns: How Weaponized Usability Hurts Users

Data Breach Today

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Managed Attribution Threat Modeling

Adam Shostack

The more I learn about threat modeling, the more I think the toughest part is how we answer the question: “What can go wrong?” ” Perhaps that’s “finding threats.” ” Maybe it’s “discovering” or “eliciting” them. Maybe it’s analogizing from threats we know about. I’m not yet even sure what to call it. But what it does for us is valuable.

IT 62

What Is Single Sign-On, and How Can It Make Your Enterprise More Secure?

eSecurity Planet

We define single sign-on and how SSO solutions can be implemented to make your organization more secure

IT 50

The Top 5 Business Outcomes Companies Can Achieve From Monitoring Consolidation

In this eBook, learn what the top five business outcomes are that organizations see when leveraging Datadog's end-to-end monitoring tool.

Innovation Lab: The Role of Blockchain in Information Governance

Everteam

Something is exciting about diving into innovative technology and figuring out how it can improve the way you do business. The blockchain is one of those technologies and in the information management world there are some interesting ways it is helping increase data security, accountability, and transparency. Blockchain – just the basics. With many resources out there that define and describe blockchain, I’m not going to spend a lot of time defining it.

More Trending

A Shortage in Common Sense: The Myth of the Talent Gap

The Falcon's View

I have a visceral reaction every time I encounter yet another article bemoaning the so-called "talent gap" or "labor gap" in cybersecurity. Having been in and out of the job market several times over the past decade (for better and, more often, for worse), I can honestly say this is utter nonsense.

Why Personal Data Privacy Needs a Customer-centric Focus

Collibra

When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. Meanwhile, organizations are panicked about complying with the latest regulation deadline. In all of this, the customer’s relationship with both personal data privacy and the organization itself can get lost.

Forced Password Reset? Check Your Assumptions

Krebs on Security

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

“All we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” This is an excerpt from a chilling ransom note Baltimore IT officials received from hackers who managed to lock up most of the city’s servers in May. The attackers demanded $76,000, paid in Bitcoin, for a decryption key. Baltimore refused to pay – choosing, instead, to absorb an estimated $18 million in recovery costs.

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Malware Most Foul: Emotet, Trickbot, Cryptocurrency Miners

Data Breach Today

Researchers: Targeted Crime Attacks Surge, Continue to Blend With Nation-State Campaigns Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks. But cybercrime attackers are increasingly running targeted campaigns, security researchers warn

Mining 184

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach.

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

Krebs on Security

A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States.

Mixcloud Breach Affects 21 Million Accounts

Data Breach Today

Hashed Passwords Were Leaked; No Financial Data Exposed Digital streaming platform Mixcloud says it is the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet.

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Krebs on Security

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards.

Sales 262

It’s Way Too Easy to Get a.gov Domain Name

Krebs on Security

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a.gov domain versus a commercial one ending in.com or.org.

IT 261

Hidden Cam Above Bluetooth Pump Skimmer

Krebs on Security

Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I’d never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices.

Ransomware Attackers Leak Stolen Data

Data Breach Today

Maze Crew Reportedly Threatens to Release More of Allied Universal's Data Unless Ransom Paid Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Attackers Demand $14 Million Ransom From IT Services Firm

Data Breach Today

Incident Could Have Ripple Effect on Virtual Care Provider's 110 Healthcare Clients Virtual Care Provider Inc.,

IT 236

T-Mobile Says Prepaid Accounts Breached

Data Breach Today

Contact, Account Data for More Than 1 Million Customers Leaked T-Mobile says it suffered a breach of prepaid accounts as a result of unauthorized access to its systems. The exposed data includes names, billing addresses, phone numbers, account numbers, rate plans and more

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts. In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods.

IoT 170

Unsecured Server Exposed Records of 1.2 Billion: Researchers

Data Breach Today

Over 4 Terabytes of Data Exposed, Including Social Media Profiles, Personal Information Some 4 terabytes of data on over 1.2

Optimize the Performance of Your Serverless Functions

Run mission-critical applications on serverless without sacrificing visibility.

Restaurant Chain: Malware Infected PoS Devices

Data Breach Today

Unidentified Strain Targets Customer Payment Card Data An unidentified strain of malware appears to have infected point-of-sale machines used at certain New York restaurants owned by the chain Catch. The malware exposed customer payment card data to hackers, the company says

Sales 229

Security Firm Prosegur Hit By Ryuk Ransomware

Data Breach Today

Incident May Have Disrupted Networked Security Cameras Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur isn't revealing much detail but says it is in the process of restoring services

Dell Considering Selling RSA: Report

Data Breach Today

Company Acquired RSA as One Component of Its Purchase of EMC in 2016 Dell Technologies is considering the possible sale of its RSA security division, hoping such a deal could be worth $1 billion, according to Bloomberg, which cites "people familiar with the matter

Sales 225

To Survive a Data Breach, Create a Response Playbook

Data Breach Today

Experts Detail Essential Systems and Procedures Every Organization Needs Now Surviving a data breach requires having a plan, and experts say such plans must be continually tested, practiced and refined. Experts detail seven essential components for building an effective data breach response playboo

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

NY Payroll Company Vanishes With $35 Million

Krebs on Security

MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.

Neo-Nazi SWATters Target Dozens of Journalists

Krebs on Security

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire, and has claimed responsibility for dozens of bomb threats and “swatting” incidents, where police are tricked into visiting potentially deadly force on the target’s address.

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.