Wed.Sep 18, 2019

Justice Department Sues Snowden Over Memoir

Data Breach Today

Suit Seeks to Collect Book Profits Based on Alleged Violation of Nondisclosure Agreement The U.S.

Before He Spammed You, this Sly Prince Stalked Your Mailbox

Krebs on Security

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything.

Adoption of AI Surveillance Technology Surges

Data Breach Today

China Is Leading Supplier, But Other Countries Catching Up, Report Finds Governments are rapidly adopting AI surveillance technology to advance political goals, according to a new report from the Carnegie Endowment for International Peace.

Cracking Forgotten Passwords

Schneier on Security

Expandpass is a string expansion program. It's "useful for cracking passwords you kinda-remember." You tell the program what you remember about the password and it tries related passwords.

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Senators Urge FCC to Review Licenses for Chinese Telecoms

Data Breach Today

Concerns Raised About China Telecom and China Unicom U.S. Senators Chuck Schumer, D-N.Y., and Tom Cotton, R-Ark.,

More Trending

Victim Total Soars in County Health Data Breach

Data Breach Today

Minnesota County Says Tally is 118,000, Not 600 as Originally Reported A Minnesota county that originally reported last December that a hacking incident affected about 600 individuals now says about 118,000 may have had healthcare data exposed. What's behind the huge spike

Kubernetes’s explosive growth has come with attention paid to security and stability

DXC Technology

You may have noticed I write a lot about Kubernetes, the Cloud Native Computing Foundation (CNCF) sponsored open-source container orchestration program. That’s because I have no choice in the matter. Just like Docker turned containers into the way to run server applications, Kubernetes quickly overcame its rivals and became the way to manage containers. Practically […]. Cloud Uncategorized Kubernetes

IT 72

Lumin PDF Leak Exposed Data on 24 Million Users

Data Breach Today

Data on Users of PDF Editing Tool Found in Accessible Database Ignoring a breach disclosure can have ugly consequences. Case in point: Lumin PDF, a PDF editing tool, which saw data for much of its user base - about 24.3 million - published in an online forum late Monday. Data breach expert Troy Hunt says it's sign of the dysfunction in the breach disclosure process

Tools 131

I'm Looking to Hire a Strategist to Help Figure Out Public-Interest Tech

Schneier on Security

I am in search of a strategic thought partner: a person who can work closely with me over the next 9 to 12 months in assessing what's needed to advance the practice, integration, and adoption of public-interest technology. All of the details are in the RFP.

70

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

On Roku and Amazon Fire TV, Channels Are Watching You

WIRED Threat Level

New research shows that over 2,000 streaming apps track information about your devices—even when you tell them not to. Security Security / Privacy

The Top 'Human Hacks' to Watch For Now

Dark Reading

Social engineering is as old as mankind. But its techniques have evolved with time. Here are the latest tricks criminals are using to dupe end users

IT 88

Memory corruption flaw in AMD Radeon driver allows VM escape

Security Affairs

Experts at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that could lead to VM escape.

Video 62

Edward Snowden Sued by U.S. Over New Memoir

Threatpost

The U.S. is attempting to seize any assets related to Edward Snowden's new memoir, Permanent Record. Government Privacy CIA Data data leak Edward Snowden non disclosure agreements NSA permanent record Snowden memoir surveillance us lawsuit whistleblower

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Cryptominer Attacks Ramp Up, Focus on Persistence

Dark Reading

The latest attacks, such as Skidmap and Smominru, add capabilities to allow them to persist longer on Windows and Linux systems, surviving initial attempts at eliminating them

76

Massive Gaming DDoS Exploits Widespread Technology

Threatpost

The attack -- the 4th-largest the company has ever encountered -- leveraged WS-Discovery, which is found "everywhere.". Web Security 4th-largest of all time Akamai DDoS attack Dyn Exploit ws-discovery

How Cybercriminals Exploit Simple Human Mistakes

Dark Reading

A new report explores how attackers identify psychological vulnerabilities to effectively manipulate targets

76

IRS Emails Promise a Refund But Deliver Botnet Recruitment

Threatpost

The fake emails direct victims to log into a bogus IRS site. Malware Web Security amadey botnet cofense flawedammy rat IRS Malware analysis phishing campaign

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Experts Weigh in on the Future of HR

InfoGoTo

Most HR professionals believe that their department is meeting the needs of their organizations today, but they don’t feel they are well prepared for the near future, according to a 2019 HR.com survey.

Court Dicta in Paisley Park v. Boxill Foresees Expansion of Discoverable ESI

Hanzo Learning Center

Parties “Do Not Get to Select What Evidence They Want to Produce, or From What Sources”. social media ediscovery ESI Case Law Summary case law discovery online evidence spoliation sanctions

52

A Sense of Security: Information Overload Leads to Security Oversights

InfoGoTo

Are you guilty of working ahead on Sunday in order to get your coming week under control? According to a recent editor’s pick on LinkedIn originating from the Wall Street Journal , you’re not alone.

Court Grants Spoliation Sanctions for Defendant’s Failure to Preserve Photos of Prisoner Plaintiff: eDiscovery Case Law via JD Supra

IG Guru

The post Court Grants Spoliation Sanctions for Defendant’s Failure to Preserve Photos of Prisoner Plaintiff: eDiscovery Case Law via JD Supra appeared first on IG GURU. eDiscovery IG News Records Management Spoliation

How to Prepare for the Brazil Data Protection Law

InfoGoTo

With the new August 2020 effective date of the Brazil data protection law moving ever closer, organizations subject to its requirements may want to implement changes now, so they will be fully ready.

B2B 52

Emotet Returns from Summer Vacation, Ramps Up Stolen Email Tactic

Threatpost

The ever-changing malware is jumping in the middle of people's existing email conversations to spread itself without suspicion. Malware Web Security emotet malware old email conversations return self propagation stolen email credentials summer hiatus

A Virus Walks Into a Bar.

Dark Reading

Laughter is, well, contagious. Jokes begin in earnest at the one-minute mark

71

5 steps to incorporate ethics into your artificial intelligence strategy

Information Management Resources

In the context of the five most common AI ethics guidelines, here are five lines of questioning that IT leaders should consider when determining an AI ethics strategy. Artificial intelligence Data strategy Data management

Rethinking Responsibilities and Remedies in Social-Engineering Attacks

Threatpost

The idea that humans are the weakest link shouldn't guide the thinking on social-engineering defense.

Clever New DDoS Attack Gets a Lot of Bang for a Hacker's Buck

WIRED Threat Level

By exploiting the WS-Discovery protocol, a new breed of DDoS attack can get a huge rate of return. Security Security / Cyberattacks and Hacks

New EU Strong Customer Authentication Standards: Implications for Payment Service Providers

Data Matters

Under the revised Payment Services Directive (2015/2366) (PSD2), the European Banking Authority (EBA) and the European Commission were required to develop and adopt regulatory technical standards on strong customer authentication and common and secure open standards of communication. These regulatory technical standards were passed into EU law as Commission Delegated Regulation (EU) 2018/389 (the RTS), which entered into effect on September 14, 2019.

One Arrested in Ecuador's Mega Data Leak

Dark Reading

Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records

Data 64

Apple’s new Endpoint Security Framework

Jamf

macOS Catalina introduces a new user-mode framework called Endpoint Security. See what it is and how it impacts you

IT 63