July, 2019

Security Flaw Exposed Valid Airline Boarding Passes

Data Breach Today

What You Should Know About the Equifax Data Breach Settlement

Krebs on Security

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans.

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects.

Think FaceApp Is Scary? Wait Till You Hear About Facebook

WIRED Threat Level

The idea that FaceApp is somehow exceptionally dangerous threatens to obscure the real point: All apps deserve this level of scrutiny. Security Security / Privacy

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Authentication and the Have I Been Pwned API

Troy Hunt

The very first feature I added to Have I Been Pwned after I launched it back in December 2013 was the public API.

More Trending

FTC Reportedly Approves $5 Billion Facebook Fine

Data Breach Today

Settlement Stems From Cambridge Analytica Incident After a long privacy investigation, the U.S. Federal Trade Commission voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

Krebs on Security

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days.

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries.

Hackers Made an App That Kills to Prove a Point

WIRED Threat Level

Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be. Security Security / Cyberattacks and Hacks

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Pwned Passwords, Version 5

Troy Hunt

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. This wasn't so much an original work on my behalf as it was a consolidation of advice from the likes of NIST, the NCSC and Microsoft about how we should be doing authentication today.

Palantir's Surveillance Service for Law Enforcement

Schneier on Security

Motherboard got its hands on Palantir's Gotham user's manual, which is used by the police to get information on people: The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives.

FOIA 103

US Cyber Command Warns of Outlook Vulnerability Exploits

Data Breach Today

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks.

Groups 277

Who’s Behind the GandCrab Ransomware?

Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Agent Smith Android malware already infected 25 million devices

Security Affairs

‘Agent Smith’ is a new malware discovered by Check Point researchers that replaces legit Android Apps with malicious ones that infected 25 Million devices worldwide.

The Biggest Cybersecurity Crises of 2019 So Far

WIRED Threat Level

Ransomware attacks, supply chain hacks, escalating tensions with Iran—the first six months of 2019 have been anything but boring. Security Security / Cyberattacks and Hacks

Welcoming the Austrian Government to Have I Been Pwned

Troy Hunt

Early last year, I announced that I was making HIBP data on government domains for the UK and Australia freely accessible to them via searches of their respective TLDs.

Cell Networks Hacked by (Probable) Nation-State Attackers

Schneier on Security

More US Cities Battered by Ransomware

Data Breach Today

Infected City Fires IT Manager; New Victims in Florida, Georgia More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents

Party Like a Russian, Carder’s Edition

Krebs on Security

“It takes a certain kind of man with a certain reputation.

Video 210

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted

Security Affairs

Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution. On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., the organization behind the Ubuntu Linux distribution.

IT 110

The Changing Face of Data Security in Federal Government

Thales eSecurity

How should you investigate a data breach?

IT Governance

Digital Guardian recently asked a group of cyber security experts what the most important step is following a data breach. Several answered with some variation of ‘find out how it happened’.

US Journalist Detained When Returning to US

Schneier on Security

Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico.

Equifax Negotiates Potential $700 Million Breach Settlement

Data Breach Today

Deal Prepped With Feds and State Attorneys General Includes Victim Compensation Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit.

Is ‘REvil’ the New GandCrab Ransomware?

Krebs on Security

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims.

Kali Linux is now available for Raspberry Pi 4

Security Affairs

The popular operating system Kali Linux is finally available for Raspberry Pi 4, this is great news for hackers and passionate. Offensive Security has announced the availability of the popular operating system Kali Linux for Raspberry Pi 4, this is great news for hackers and security experts.

IT 108

The Simple Way Apple and Google Let Domestic Abusers Stalk Victims

WIRED Threat Level

To prove a point about common location-sharing apps, I asked my wife to use them to spy on me. Security Security / Privacy

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales eSecurity

Since the General Data Protection Regulation (GDPR) took effect on May 25th last year, data protection has become a very hot topic.

GDPR 94

Google Releases Basic Homomorphic Encryption Tool

Schneier on Security

Google has released an open-source cryptographic tool: Private Join and Compute.

British Airways Faces Record-Setting $230 Million GDPR Fine

Data Breach Today

GDPR 247

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security