Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows.

Analysis: Threat Posed by Pro-Iranian Hackers

Data Breach Today

Wiper Malware, Bank Disruptions Feature in Iran's Asymmetric Hacking Playbook Launching online attacks remains a potent tool in the Iranian government's geopolitical playbook. Security experts are urging U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Why we should all now focus on restoring stability to US-Iran relations

The Last Watchdog

As tensions escalate between the U.S. and Iran it’s vital not to lose sight of how we arrived at this point. Related: We’re in the golden age of cyber spying Mainstream news outlets are hyper focused on the events of the past six days. A Dec.

Microsoft provides mitigation for actively exploited CVE-2020-0674 IE Zero-Day

Security Affairs

Microsoft published a security advisory to warn of an Internet Explorer (IE) zero-day vulnerability (CVE-2020-0674) that is currently being exploited in the wild.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Speaking of: The Paper Clip’s Digital Equivalent

Weissman's World

In the physical world, paper clips are an important source of context, as their use suggests that the pieces of paper they clip together are somehow related. But what is their digital equivalent? And what does this mean in terms of identifying how many documents those pieces of paper represent, the relative importance of the […]. The post Speaking of: The Paper Clip’s Digital Equivalent appeared first on Holly Group. governance metadata infogov information management

Paper 120

More Trending

Artificial Personas and Public Discourse

Schneier on Security

Presidential campaign season is officially, officially , upon us now, which means it's time to confront the weird and insidious ways in which technology is warping politics. One of the biggest threats on the horizon: artificial personas are coming, and they're poised to take over political debate.

11 cyber security predictions for 2020

IT Governance

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. Keeping aware of the latest cyber threats and the best solutions to combat them will put organisations in a better position to prevent attacks.

IoT 83

Eliminate the Password, Eliminate the Password Problem.

The Security Ledger

Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like?

Promiscuous Cookies and Their Impending Death via the SameSite Policy

Troy Hunt

Cookies like to get around. They have no scruples about where they go save for some basic constraints relating to the origin from which they were set.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

U.S. Federal Website Defaced by Pro-Iranian Hackers

Adam Levin

A federal website was defaced with pro-Iranian messaging in what is believed to be retaliation for the U.S. drone strike that killed one of Iran’s top military commanders.

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password.

Router Cryptojacking Campaigns Disrupted

Data Breach Today

20,000 Hacked MikroTik Routers in Southeast Asia Were Malware-Infected Nearly 16,000 malware-infected MicroTik routers in Southeast Asia have been scrubbed of Coinhive cryptojacking code, which mines for monero, thanks to an international police operation.

Mining 205

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

Cyberattacks are becoming more prevalent, and their effects are becoming more disastrous. To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Iranian Threat Actors: Preliminary Analysis

Security Affairs

Nowadays Iran’s Cybersecurity capabilities are under the microscope, experts warn about a possible infiltration of the Iranian government. Nowadays Iran’s Cybersecurity capabilities are under microscope, many news sites, gov.

MicroServices: Today’s data science gold rush

Thales eSecurity

Microservices are changing how organizations are doing business. And nowhere was this more clear than at KubeCon in San Diego last year. Microservices 1 is a powerful technology that is the kernel for modern cloud architecture, and it’s going to drive how people build, manage and deploy secure apps.

Windows 10 Has a Security Flaw So Severe the NSA Disclosed It

WIRED Threat Level

In a shift toward transparency, the National Security Agency announced a bug that could have left over 900 million PCs vulnerable to attack. Security Security / Cyberattacks and Hacks

IT 83

Critical Windows Vulnerability Discovered by NSA

Schneier on Security

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

3 Problems That Data and Analytics Can Help Solve in Healthcare

Perficient Data & Analytics

I’m often asked how data and analytics can help to solve key industry problems in healthcare. With that in mind, three key industry issues rise to the top of the list. Cost of Care Delivery. The cost of care delivery is at the center of the problems facing the healthcare Industry.

BELGIUM:  Belgian DPA fines for cookie non-compliance and warns other companies to act in compliance

DLA Piper Privacy Matters

By Patrick Van Eecke, Frederik Ringoot and Gilles Hachez. The Belgian Data Protection Authority issued a fine of 1% of the annual turnover of the company for not acting in compliance with the cookie rules, despite the corrective actions undertaken by the company.

The Difficulty of Disclosure, Surebet247 and the Streisand Effect

Troy Hunt

This is a blog post about disclosure, specifically the difficulty with doing it in a responsible fashion as the reporter whilst also ensuring the impacted organisation behaves responsibly themselves.

Mainframe Transformation awaits @SHARE in Texas

Micro Focus

As a native Texan, I am excited to help host this event in my backyard of Fort Worth, Texas, on February 23-28. A short drive to the venue beats a long flight hands down. Why ‘Cowtown’? Fort Worth got its nickname “Cowtown” in the 1800s as it became the center of the cattle drives, and. View Article.

IT 70

Senators Prod FCC to Act on SIM Swapping

Krebs on Security

Hackers Increasingly Probe North American Power Grid

Data Breach Today

But Electric Sector, Driven by Regulators, Has Been Adapting, Experts Say Hackers have been increasingly probing the North American power grid for weaknesses, but the industry - driven in part by regulators - is increasingly able to identify and repel attackers, industrial cybersecurity experts say

Top 10 Data Governance Trends for 2020: Data’s Real Value Comes Into Focus


Understanding the data governance trends for the year ahead will give business leaders and data professionals a competitive edge … Happy New Year! Regulatory compliance and data breaches have driven the data governance narrative during the past few years.

Two PoC exploits for CVE-2020-0601 NSACrypto flaw released

Security Affairs

Researchers published proof-of-concept (PoC) code exploits for a recently-patched CVE-2020-0601 flaw in the Windows operating system reported by NSA.

HSMs: Facilitating Key Management in a Hybrid Cloud Environment

Thales eSecurity

Organizations are actively working to prevent data breaches by encrypting their sensitive information. Encryption isn’t a foolproof security measure, however.

ROT 66

The Mandalorian Is the Only Smart Soldier in the Star Wars Galaxy

WIRED Threat Level

It took decades, but the galaxy finally has a tactical and operational genius. . Security Security / Security News

IT 83

5G Security

Schneier on Security

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access.

Catches of the month: Phishing scams for January 2020

IT Governance

Want to stay up to date with the latest phishing scams ? Our ‘catches of the month’ feature reviews the most prominent attacks across the web, explaining how they occurred and the steps you should take to stay safe.

Jacksonville law firm brings order to its content with cloud-based document management

OpenText Information Management

Legal professionals need to be able to easily access critical documents at a moment’s notice, but the ever-growing volumes of information makes the challenge of managing it seemingly insurmountable. The Office of General Counsel (OGC) for the City of Jacksonville, Florida was no exception.