Sat.Sep 14, 2019 - Fri.Sep 20, 2019

Researchers: Emotet Botnet Is Active Again

Data Breach Today

New Surge in Activity Spotted After Four-Month Absence Emotet, one of the most powerful malware-spreading botnets, is active again after a four-month absence, according to several security researchers who noticed a surge in activity primarily against U.S., and German targets starting on Monday

Man Who Hired Deadly Swatting Gets 15 Months

Krebs on Security

An Ohio teen who recruited a convicted serial “swatter “to fake a distress call that ended in the police shooting an innocent Kansas man in 2017 has been sentenced to 15 months in prison. Image: FBI.gov.

SHARED INTEL: How digital certificates could supply secure identities for enterprise blockchains

The Last Watchdog

Blockchain gave rise to Bitcoin. But blockchain is much more than just the mechanism behind the cryptocurrency speculation mania.

The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite

WIRED Threat Level

At the Defcon hacking conference next year, the Air Force will bring a satellite for fun and glory. Security Security / Security News

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Investigation Launched After Ecuadorian Records Exposed

Data Breach Today

More Trending

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Troy Hunt

Allow me to be controversial for a moment: arbitrary password restrictions on banks such as short max lengths and disallowed characters don't matter. Also, allow me to argue with myself for a moment: banks shouldn't have these restrictions in place anyway.

A flaw in LastPass password manager leaks credentials from previous site

Security Affairs

A flaw in LastPass password manager leaks credentials from previous site. An expert discovered a flaw in the LastPass password manager that exposes login credentials entered on a site previously visited by a user.

Justice Department Sues Snowden Over Memoir

Data Breach Today

Suit Seeks to Collect Book Profits Based on Alleged Violation of Nondisclosure Agreement The U.S.

Another Side Channel in Intel Chips

Schneier on Security

Cloud 96

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

After Six Years in Exile, Edward Snowden Explains Himself

WIRED Threat Level

In a new memoir and interview, the world’s most famous whistle-blower elucidates as never before why he stood up to mass surveillance—and his love for an internet that no longer exists. Backchannel Security

A bug in Instagram exposed user accounts and phone numbers

Security Affairs

Facebook addressed a vulnerability in Instagram that could have allowed attackers to access private user information. The security researcher @ZHacker13 discovered a flaw in Instagram that allowed an attacker to access account information, including user phone number and real name.

Access 100

Brokerage Firm Hit With $500,000 Data Breach Penalty

Data Breach Today

Commission Finds That Phillip Capital Made Series of Missteps The U.S. Commodity Futures Trading Commission has hit Philips Capital Inc.,

Cracking Forgotten Passwords

Schneier on Security

Expandpass is a string expansion program. It's "useful for cracking passwords you kinda-remember." You tell the program what you remember about the password and it tries related passwords.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

A Brutal Murder, a Wearable Witness, and an Unlikely Suspect

WIRED Threat Level

Karen Navarra was a quiet woman in her sixties who lived alone. She was found beaten to death. The neighbors didn't see anything. But her Fitbit did. Security Security / Privacy Backchannel

Drone attacks hit two Saudi Arabia Aramco oil plants

Security Affairs

Drone attacks have hit two major oil facilities run by the state-owned company Aramco in Saudi Arabia, one of them is the Abqaiq site.

Report: Encrypted Smartphone Takedown Outed Canadian Mole

Data Breach Today

After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole.

IoT and Quantum Computing’s Impact on the Federal Government

Thales eSecurity

As government agencies get back to work after summer barbeques, family vacations and once-in-a-lifetime getaways, the focus is on the priorities for the rest of 2019. Cybersecurity remains one of the top concerns and priorities for our government.

IoT 82

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

What Are Zero-Knowledge Proofs?

WIRED Threat Level

How do you make blockchain and other transactions truly private? With mathematical models known as zero-knowledge proofs. Security Security / Privacy

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Security Affairs

Researchers at Z s caler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data. .

NIST Issues Draft Guidance for Securing PACS

Data Breach Today

Tips on Keeping Picture Archiving and Communications Systems Secure New draft guidance from the National Institute of Standards and Technology aims to help healthcare organizations improve the security of picture archiving and communications systems, or PACS

Kubernetes’s explosive growth has come with attention paid to security and stability

DXC Technology

You may have noticed I write a lot about Kubernetes, the Cloud Native Computing Foundation (CNCF) sponsored open-source container orchestration program. That’s because I have no choice in the matter. Just like Docker turned containers into the way to run server applications, Kubernetes quickly overcame its rivals and became the way to manage containers. Practically […]. Cloud Uncategorized Kubernetes

IT 72

A Password-Exposing Bug Was Purged From LastPass

WIRED Threat Level

Google Project Zero found and reported a flaw in the widely used password manager. Security Security / Cyberattacks and Hacks

France and Germany will block Facebook’s Libra cryptocurrency

Security Affairs

Bad news for Facebook and its projects, France and Germany agreed to block Facebook’s Libra cryptocurrency , the French finance ministry said.

Adoption of AI Surveillance Technology Surges

Data Breach Today

China Is Leading Supplier, But Other Countries Catching Up, Report Finds Governments are rapidly adopting AI surveillance technology to advance political goals, according to a new report from the Carnegie Endowment for International Peace.

I'm Looking to Hire a Strategist to Help Figure Out Public-Interest Tech

Schneier on Security

I am in search of a strategic thought partner: a person who can work closely with me over the next 9 to 12 months in assessing what's needed to advance the practice, integration, and adoption of public-interest technology. All of the details are in the RFP.

69

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware

Threatpost

ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the certificates on the black market.

Data leak exposes sensitive data of all Ecuador ‘citizens

Security Affairs

Experts discovered a huge data leak affecting Ecuador, maybe the largest full-country leak, that exposed data belonging to 20 million Ecuadorian Citizens. Security experts at vpnMentor have discovered a huge data leak affecting Ecuador that exposed data belonging to 20 million Ecuadorian Citizens.

Data 93

US Sanctions 3 North Korean Hacking Groups

Data Breach Today

Trump Administration Cites WannaCry, Sony Pictures, Bangladesh Bank Attacks As part of the U.S. government's continuing efforts to highlight the North Korean government's cyberattacks, the U.S.

Groups 185

On Roku and Amazon Fire TV, Channels Are Watching You

WIRED Threat Level

New research shows that over 2,000 streaming apps track information about your devices—even when you tell them not to. Security Security / Privacy

Marketing Analytics Company Leaks Deep Profiles of Entire Ecuador Population

Threatpost

Julian Assange is among those impacted