November, 2019

Patch Tuesday, November 2019 Edition

Krebs on Security

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and programs that run on top of it.

IT 130

New Ransomware-as-a-Service Offered at Deep Discount: Report

Data Breach Today

McAfee: Creators of 'Buran' Ask for Smaller Percentage of Ransoms Collected A new ransomware-as-a-service model dubbed "Buran" that targets vulnerabilities in certain devices running Windows is offered at a deep discount to help the malware spread faster, according to McAfee researchers

MY TAKE: How blockchain technology came to seed the next great techno-industrial revolution

The Last Watchdog

Some 20 years ago, the founders of Amazon and Google essentially set the course for how the internet would come to dominate the way we live.

So, what did I think of ARMA InfoCon 2019? Here, let me tell you!

Weissman's World

ARMA InfoCon 2019 was an eye-opener, thanks in large part to a healthy injection of information governance into the proceedings. Thanks, no doubt, to the merger of the Information Coalition with ARMA last year.)

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

The Growing Presence (and Security Risks) of IoT

Thales eSecurity

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today.

More Trending

Retailer Leaked Hundreds of Internal Passwords on Pastebin

Krebs on Security

Privacy Analysis: Google Accesses Patient Data on Millions

Data Breach Today

Massive Research Project With Ascension Health System Raises Concerns A newly disclosed collaboration between Google and the massive Ascension healthcare system that the partners say is designed to improve patient care is raising serious privacy concerns.

Access 130

SHARED INTEL: What can be done — today — to keep quantum computing from killing encryption

The Last Watchdog

There’s little doubt that the shift to quantum computing will open new horizons of digital commerce. But it’s also plain as day that the mainstreaming of quantum processing power will profoundly exacerbate cybersecurity exposures. Related: The ‘post quantum crytpo’ race is on This isn’t coming as any surprise to IT department heads.

Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild

Security Affairs

Microsoft’s Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

How Adopting A Zero Trust Mentality Is Positive When It Comes To Staying Secure In the Cloud

Thales eSecurity

In a previous blog post ( [link] ) we explored the relationship between GPDR and applications in the cloud. Trust is generally the foundation and basis of any good relationship, but when it comes to protecting your organization, sometimes a Zero Trust mentality is your best bet.

CSO Spotlight: Terence Runge


Article by IDG Connect. Read the recent interview that Terence Runge, the new CISO at Reltio had with IDG Connect. Terence brings more than 20 years’ security best practices experience in high tech, cloud services, and software development.

Cloud 52

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Krebs on Security

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits.

Microsoft Will Apply California's Privacy Law Nationwide

Data Breach Today

Company's Move Could Influence Other Technology Companies Microsoft will apply the core rights of the California Consumer Privacy Act across all its customers in the U.S., which could nudge other technology companies in the same direction as online privacy becomes an increasing concern.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

NEW TECH: Silverfort deploys ‘multi-factor authentication’ to lock down ‘machine identities’

The Last Watchdog

From the start, two-factor authentication, or 2FA , established itself as a simple, effective way to verify identities with more certainty. Related: A primer on IoT security risks The big hitch with 2FA, and what it evolved into – multi-factor authentication, or MFA – has always been balancing user convenience and security.

Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings

WIRED Threat Level

Speculative execution attacks still haunt Intel, long after researchers told the company what to fix. Security Security / Cyberattacks and Hacks

Facebook is secretly using iPhone’s camera as users scroll their feed

Security Affairs

New problems for Facebook, it seems that the social networking giant is secretly using the camera while iPhone users are scrolling their feed. Is this another privacy issue for Facebook?

AI, Records, and Accountability

ARMA International

This article is part of a collaboration between ARMA and AIEF and is included in Information Management Magazine, ARMA-AIEF Special Edition , which will be available for download in mid-November. A printed version of the special issue will be available as well, for a nominal fee. Introduction.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

Krebs on Security

Banking industry giant NCR Corp. [ NYSE: NCR ] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight , an online banking platform used by hundreds of financial institutions.

Labour Party Hit by Massive Online Attack Attempt

Data Breach Today

No Systems Compromised, But Campaigning Disrupted, UK Party Officials Report The U.K. Labour Party says its systems were hit by a large-scale online attack that disrupted access to some campaigning systems, but led to no breach.

Access 130

NEW TECH: Can an ‘operational system of record’ alleviate rising knowledge worker frustrations?

The Last Watchdog

An undercurrent of discontent is spreading amongst knowledge workers in enterprises across the United States and Europe. Related: Phishing-proof busy employees White collar employees today have amazingly capable communications and collaboration tools at their beck and call. Yet the majority feel unsatisfied with narrow daily assignments and increasingly disconnected from the strategic goals of their parent organization.

B2B 100

Kofax Enhances Industry-Leading Intelligent Automation Platform with New AI Capabilities, Helping Organizations Work Like Tomorrow—Today

Document Imaging Report

New Natural Language Processing (NLP) and Machine Learning (ML) Enable Digital Dexterity when Automating Operations. Irvine, CA – Nov.

Mexican state-owned oil company Pemex hit by ransomware

Security Affairs

On S unday , the Mexican state-owned oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware. On Sunday, a piece of the DoppelPaymer ransomware infected systems of the Mexican state-owned oil company Petróleos Mexicanos (Pemex) taking down part of its network.

#COBOL60: Your COBOL questions, answered – Part Three

Micro Focus

At a recent Micro Focus-sponsored virtual event, more than 300 COBOL community members celebrated its 60th anniversary and by posing over 90 questions to our expert panel.

IT 52

As 5G Rolls Out, Troubling New Security Flaws Emerge

WIRED Threat Level

Researchers have identified 11 new vulnerabilities in 5G—with time running out to fix them. Security Security / Security News

Election Interference Notification Protocols Unveiled

Data Breach Today

White House Describes Framework for Notifying Public of 2020 Election Interference The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released


All About Machine Learning with Oracle Analytics

Perficient Data & Analytics

Perficient Presents at Oracle OpenWorld 2019 – Live from the show floor, a director in our analytics team delivers an overview of the machine learning capabilities of Oracle Analytics Cloud with its built-in ML algorithms. Machine Learning is a science that existed for several decades.

Labour Party hit by “sophisticated” cyber attack

IT Governance

The Labour Party’s campaign website has suffered a “sophisticated and large-scale” cyber attack, a spokesperson has said. Security procedures had “slowed down” some election campaign activities, but the party believes that no sensitive data was compromised.