INDUSTRY INSIGHTS YOUR PEERS ARE READING
No one doubts that artificial intelligence (AI) and machine learning (ML) will transform cybersecurity. We just don't know how , or when. MORE
Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would pay up to $2 million for zero-click jailbreaks of Apple's iOS, $1.5 MORE
Separately, Texas City's Operations Disrupted by Crypto-Locking Ransomware Ransomware attacks continue, with the city of Del Rio, Texas, saying its operations have been disrupted by crypto-locking malware. MORE
Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards , a smartcard technology that allows users to store dozens of cards on a single device, the U.S. MORE
Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. MORE
You say you’re tired of not being able to find the information you’re looking for. You say you’re concerned the information you do find is reliable. You say you’re worried about security breaches. And you say you’re ready to do something about it. MORE
When CyberTown, USA is fully built out, it’s backers envision it emerging as the world’s premier technology hub for cybersecurity and data science. DataTribe , a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project , which broke ground last October in Port Covington, MD, once a bustling train stop on the south side of Baltimore. MORE
Readiness, Morale, Investigations and Recruitment at Risk as Standoff Persists The U.S. MORE
One profound consequence of Donald Trump’s shutdown of the federal government, now in day 33, is what a boon it is to US cyber adversaries. And moving forward, the long run ramifications are likely to be dire, indeed. Related: Welcome to the ‘golden age’ of cyber espionage. MORE
The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the U.K., MORE
A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people. It starts with an automated call that display’s Apple’s logo, address and real phone number, warning about a data breach at the company. MORE
Experts disclosed three flaws in the systemd , a software suite that provides fundamental building blocks for Linux operating systems. MORE
The heyday of traditional corporate IT networks has come and gone. In 2019, and moving ahead, look for legacy IT business networks to increasingly intersect with a new class of networks dedicated to controlling the operations of a IoT-enabled services of all types, including smart buildings, IoT-enabled healthcare services and driverless cars. Related: Why the golden age of cyber espionage is upon us. MORE
This is clever : Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks. MORE
Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. MORE
If predictions are like baseball, I’m bound to have a bad year in 2019, given how well things went the last time around. MORE
Until recently, organisations often spent almost all of their information security budget on prevention, effectively taking an all-or-nothing approach to the threat of data breaches. They either repelled the attack or faced the consequences head-on. MORE
A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS). MORE
Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware. MORE
Z-WASP attack: Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver malicious messages to recipients. MORE
Record Privacy Fine Sends Strong Signal to Data-Processing Technology Companies France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation. MORE
A gigantic trove of email addresses and passwords containing over 2 billion records has been discovered online. The breached data, dubbed “Collection #1” by cybersecurity expert Troy Hunt , is more than 87 gigabytes and contains roughly 773 million email address and 21 million unique passwords. MORE
citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown. MORE
The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, reportedly occurred last October. MORE
The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. MORE
Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. MORE
Malicious intruders have long recognized that getting their hands on privileged credentials equates to possessing the keys to the kingdom. This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. Related: California enacts pioneering privacy law. MORE
Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). . MORE
Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. MORE
The cybersecurity talent shortage is here to stay. With an estimated 1.5-2 million unfulfilled cybersecurity positions, organizations are coming to terms with the fact that no amount of creative hiring initiatives will rid them of the need of figuring out how to protect their organizations despite being short staffed. Related: Addressing the cyber skills gap. This does not mean the creative staffing solutions do not serve their purpose. MORE
Unsettling new claims have emerged about Nicholas Truglia , a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims. MORE
It’s 2019, and Steve Weissman anticipates and addresses a number of key themes for the new year: 0:44 – Metadata and database fields: ‘labels’ as the keys to … everything! 1:38 – AI and machine learning: not the same things, no matter what the marketing says 3:24 – RPA: simply workflow by another name? 4:08 […]. The post Perspective Check – Anticipation 2019 appeared first on Holly Group. MORE
Data Breach Today
JANUARY 14, 2019
Offerings Abound on Darknet Forums; The Dark Overlord Seeks Multilingual Hackers Numerous cybercrime gangs continue to use darknet forums to seek fresh recruits, sell stolen data or advertise hacking services.
Krebs on Security
JANUARY 3, 2019
A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people. It starts with an automated call that display’s Apple’s logo, address and real phone number, warning about a data breach at the company.
The Last Watchdog
JANUARY 18, 2019
The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, reportedly occurred last October.
Weissman's World
JANUARY 14, 2019
You say you’re tired of not being able to find the information you’re looking for. You say you’re concerned the information you do find is reliable. You say you’re worried about security breaches. And you say you’re ready to do something about it.
Security Affairs
JANUARY 21, 2019
A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS).
Schneier on Security
JANUARY 18, 2019
The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the U.K.,
|
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
|
|
Krebs on Security
JANUARY 8, 2019
Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition.
The Last Watchdog
JANUARY 7, 2019
When CyberTown, USA is fully built out, it’s backers envision it emerging as the world’s premier technology hub for cybersecurity and data science. DataTribe , a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project , which broke ground last October in Port Covington, MD, once a bustling train stop on the south side of Baltimore.
IT Governance
JANUARY 21, 2019
Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). .
Security Affairs
JANUARY 20, 2019
Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device.
Schneier on Security
JANUARY 8, 2019
No one doubts that artificial intelligence (AI) and machine learning (ML) will transform cybersecurity. We just don't know how , or when.
Krebs on Security
JANUARY 23, 2019
The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents.
The Last Watchdog
JANUARY 14, 2019
Malicious intruders have long recognized that getting their hands on privileged credentials equates to possessing the keys to the kingdom. This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. Related: California enacts pioneering privacy law.
Adam Levin
JANUARY 15, 2019
citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown.
Security Affairs
JANUARY 10, 2019
Experts disclosed three flaws in the systemd , a software suite that provides fundamental building blocks for Linux operating systems.
Schneier on Security
JANUARY 21, 2019
This is clever : Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks.
Data Breach Today
JANUARY 11, 2019
Readiness, Morale, Investigations and Recruitment at Risk as Standoff Persists The U.S.
Krebs on Security
JANUARY 15, 2019
Unsettling new claims have emerged about Nicholas Truglia , a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims.
The Last Watchdog
JANUARY 7, 2019
The heyday of traditional corporate IT networks has come and gone. In 2019, and moving ahead, look for legacy IT business networks to increasingly intersect with a new class of networks dedicated to controlling the operations of a IoT-enabled services of all types, including smart buildings, IoT-enabled healthcare services and driverless cars. Related: Why the golden age of cyber espionage is upon us.
John Battelle's Searchblog
JANUARY 2, 2019
If predictions are like baseball, I’m bound to have a bad year in 2019, given how well things went the last time around.
Security Affairs
JANUARY 22, 2019
Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu.
Schneier on Security
JANUARY 17, 2019
Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would pay up to $2 million for zero-click jailbreaks of Apple's iOS, $1.5
Data Breach Today
JANUARY 22, 2019
Record Privacy Fine Sends Strong Signal to Data-Processing Technology Companies France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation.
The Last Watchdog
JANUARY 22, 2019
The cybersecurity talent shortage is here to stay. With an estimated 1.5-2 million unfulfilled cybersecurity positions, organizations are coming to terms with the fact that no amount of creative hiring initiatives will rid them of the need of figuring out how to protect their organizations despite being short staffed. Related: Addressing the cyber skills gap. This does not mean the creative staffing solutions do not serve their purpose.
Weissman's World
JANUARY 3, 2019
It’s 2019, and Steve Weissman anticipates and addresses a number of key themes for the new year: 0:44 – Metadata and database fields: ‘labels’ as the keys to … everything! 1:38 – AI and machine learning: not the same things, no matter what the marketing says 3:24 – RPA: simply workflow by another name? 4:08 […]. The post Perspective Check – Anticipation 2019 appeared first on Holly Group.
Security Affairs
JANUARY 11, 2019
Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware.
Adam Levin
JANUARY 18, 2019
A gigantic trove of email addresses and passwords containing over 2 billion records has been discovered online. The breached data, dubbed “Collection #1” by cybersecurity expert Troy Hunt , is more than 87 gigabytes and contains roughly 773 million email address and 21 million unique passwords.
Data Breach Today
JANUARY 15, 2019
Separately, Texas City's Operations Disrupted by Crypto-Locking Ransomware Ransomware attacks continue, with the city of Del Rio, Texas, saying its operations have been disrupted by crypto-locking malware.
Krebs on Security
JANUARY 10, 2019
Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards , a smartcard technology that allows users to store dozens of cards on a single device, the U.S.
The Last Watchdog
JANUARY 23, 2019
One profound consequence of Donald Trump’s shutdown of the federal government, now in day 33, is what a boon it is to US cyber adversaries. And moving forward, the long run ramifications are likely to be dire, indeed. Related: Welcome to the ‘golden age’ of cyber espionage.
IT Governance
JANUARY 3, 2019
Until recently, organisations often spent almost all of their information security budget on prevention, effectively taking an all-or-nothing approach to the threat of data breaches. They either repelled the attack or faced the consequences head-on.
Security Affairs
JANUARY 12, 2019
Z-WASP attack: Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver malicious messages to recipients.
113 
Let's personalize your content