The Last Watchdog

SEPTEMBER 19, 2019

160

160

Data Breach Today

APRIL 10, 2019

193

193

Adam Shostack

NOVEMBER 13, 2019

The more I learn about threat modeling, the more I think the toughest part is how we answer the question: “What can go wrong?” ” Perhaps that’s “finding threats.” ” Maybe it’s “discovering” or “eliciting” them. Maybe it’s analogizing from threats we know about. I’m not yet even sure what to call it. But what it does for us is valuable.

IT 62

IT Privacy 62

eSecurity Planet

MARCH 15, 2019

We define single sign-on and how SSO solutions can be implemented to make your organization more secure

IT 72

IT Security 72

Advertiser: Amplitude

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

B2B

Everteam

FEBRUARY 27, 2019

Something is exciting about diving into innovative technology and figuring out how it can improve the way you do business. The blockchain is one of those technologies and in the information management world there are some interesting ways it is helping increase data security, accountability, and transparency. Blockchain – just the basics. With many resources out there that define and describe blockchain, I’m not going to spend a lot of time defining it.

Information governance 65

Information governance Blockchain Government Records Management 65

The Falcon's View

JANUARY 28, 2019

I have a visceral reaction every time I encounter yet another article bemoaning the so-called "talent gap" or "labor gap" in cybersecurity. Having been in and out of the job market several times over the past decade (for better and, more often, for worse), I can honestly say this is utter nonsense.

Artificial Intelligence 40

Artificial Intelligence Marketing Manufacturing IT 40

Collibra

MAY 1, 2019

When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. Meanwhile, organizations are panicked about complying with the latest regulation deadline. In all of this, the customer’s relationship with both personal data privacy and the organization itself can get lost.

Personal data 62

Personal data Data Privacy GDPR Data breaches 62

Krebs on Security

AUGUST 21, 2019

Passwords 177

Passwords 177

The Last Watchdog

AUGUST 15, 2019

“All we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” This is an excerpt from a chilling ransom note Baltimore IT officials received from hackers who managed to lock up most of the city’s servers in May. The attackers demanded $76,000, paid in Bitcoin, for a decryption key. Baltimore refused to pay – choosing, instead, to absorb an estimated $18 million in recovery costs.

Ransomware 148

Ransomware Insurance Cybersecurity Authentication 148

Advertiser: UserTesting

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Risk

Data Breach Today

OCTOBER 4, 2019

Researchers: Targeted Crime Attacks Surge, Continue to Blend With Nation-State Campaigns Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks. But cybercrime attackers are increasingly running targeted campaigns, security researchers warn

Mining 181

Mining Security 181

Krebs on Security

SEPTEMBER 11, 2019

MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.

Financial Services 217

Financial Services Cloud Insurance Ransomware 217

Data Breach Today

MAY 9, 2019

Researchers: 'Fxmsp' Russian Hacking Collective Exploits Victims Via RDP and Active Directory The "Fxmsp" hacker collective has been advertising source code that it claims to have stolen from three top U.S. anti-virus software development firms, as well as remote access to the companies' neworks, warns fraud-prevention firm Advanced Intelligence

Access 219

Access IT 219

Data Breach Today

JULY 12, 2019

The Cost of 'Smart Home AI Assistants': Humans Review Audio of What People Say George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize

IT 217

IT 217

Advertisement

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Information governance

Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware.

Phishing 218

Phishing Ransomware Encryption Passwords 218

Data Breach Today

JUNE 10, 2019

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4TB of email metadata. While it's not clear if anyone accessed the data, an attacker could have seen all email being sent or received by a specific person

Metadata 217

Metadata Access Security IT 217

Data Breach Today

JULY 3, 2019

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks. Some researchers say the exploits could be tied to an Iranian-backed threat group

Government 215

Government Access 215

Data Breach Today

JANUARY 14, 2019

Offerings Abound on Darknet Forums; The Dark Overlord Seeks Multilingual Hackers Numerous cybercrime gangs continue to use darknet forums to seek fresh recruits, sell stolen data or advertise hacking services. One recent job listing from the data-leaking blackmail gang called The Dark Overlord sought technically proficient individuals who were fluent in Arabic, Chinese or German

218

218

Advertiser: ZoomInfo

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Sales

Data Breach Today

MAY 8, 2019

Suspects Accused of Receiving Bitcoins Worth Millions for Referral Fees The DeepDotWeb portal, which provided a guide to darknet marketplaces, has been shut down and its alleged administrators arrested. Police say the suspected lead administrator, an Israeli based in Brazil who has been arrested at a Paris airport, amassed bitcoins for referral fees worth millions of dollars

IT 216

IT 216

Data Breach Today

AUGUST 26, 2019

Vendors Issued Security Updates to Fix Severe Flaws Several Months Ago Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords. The exploits come despite both vendors having released patches several months ago - Pulse Secure in April, Fortinet in May

Manufacturing 214

Manufacturing Passwords Security 214

The Last Watchdog

MARCH 28, 2019

A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts. In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods.

IoT 208

IoT Mining Manufacturing Authentication 208

Krebs on Security

JULY 24, 2019

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire, and has claimed responsibility for dozens of bomb threats and “swatting” incidents, where police are tricked into visiting potentially deadly force on the target’s address.

Government 214

Government IT Security 214

Advertiser: Amplitude

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Analytics

Krebs on Security

APRIL 17, 2019

I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally I feel obligated to publish such accounts when companies respond to a breach report in such a way that it’s crystal clear they wouldn’t know what to do with a data breach if it bit them in the nose, let alone festered unmolested in some dark corner of their operations.

Data breaches 215

Data breaches Phishing Retail Passwords 215

Data Breach Today

MAY 20, 2019

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices

Paper 213

Paper Security 213

Data Breach Today

JULY 16, 2019

Amadeus Patches Check-In Software Used by Hundreds of Airlines A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed

Security 212

Security Access 212

Data Breach Today

JANUARY 9, 2019

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case

Compliance 215

Compliance GDPR 215

Advertiser: UserTesting

Product teams must increase their exposure hours with customers—seeing and hearing them. Human insights and the design thinking framework can be applied to your development cycle to help you build better products and experiences for your customers.

Data Breach Today

JUNE 14, 2019

Sharing Email Address, Phone Numbers May Be Risky, Experts Say Tens of thousands of minors on Instagram expose their email addresses and phone numbers, which child-safety and privacy experts say is worrisome. The kids have turned their profiles from personal ones to business ones, which Instagram mandates must have contact details. But is that appropriate for a child

Privacy 212

Privacy 212

Data Breach Today

APRIL 30, 2019

Researchers Locate an Unprotected 24GB Database With Names, Addresses and Incomes An unsecured database hosted on Microsoft's cloud platform contained personal information on nearly 80 million U.S. households, according to two researchers who found it. What does Microsoft have to say about the mysterious database

Cloud 212

Cloud IT 212

Data Breach Today

JULY 2, 2019

Infected City Fires IT Manager; New Victims in Florida, Georgia More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents

Ransomware 211

Ransomware IT 211