Tue.Mar 19, 2019

Mirai Botnet Code Gets Exploit Refresh

Data Breach Today

Users of Mirai Likely Seek Enterprise-Class Bandwidth, Says Palo Alto Networks Mirai, the powerful malware that unleashed unprecedented distributed denial-of-service attacks in 2016, has never gone away.

IT 190

NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs

The Last Watchdog

Security information and event management, or SIEM, could yet turn out to be the cornerstone technology for securing enterprise networks as digital transformation unfolds. Related: How NSA cyber weapon could be used for a $200 billion ransomware caper. Exabeam is a bold upstart in the SIEM space. The path this San Mateo, CA-based vendor is trodding tells us a lot about the unfolding renaissance of SIEMs – and where it could take digital commerce.

NSA Pitches Free Reverse-Engineering Tool Called Ghidra

Data Breach Today

For the Record, There's No Backdoor,' NSA's Rob Joyce Tells RSA Conference Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system.

Tools 169

BEST PRACTICES: 6 physical security measures every company needs

The Last Watchdog

It has never been more important to invest in proper security for your business. Laws surrounding the personal data of individuals such as the General Data Protection Regulation (GDPR) put the onus on companies to ensure that both digital and physical copies of data are secure at all times. Related: Shrinking to human attack vector.

Access 113

Gearbest Database Leaks 1.5 Million Customer Records

Data Breach Today

White Hat Hackers Expose Lax Security Practices at Chinese Online Retailer An unprotected database belonging to Chinese e-commerce site Gearbest exposed 1.5

Retail 167

The Evidence That Could Impeach Donald Trump

WIRED Threat Level

Nancy Pelosi’s comments about impeachment acknowledge a political reality: Nothing the Mueller probe has revealed so far has moved the GOP substantially. Security

More Trending

Triton

Schneier on Security

Good article on the Triton malware which targets industrial control systems. cyberattack cybersecurity defense infrastructure malware zeroday

New JNEC.a Ransomware delivered through WinRAR exploit

Security Affairs

A new strain of ransomware tracked as JNEC.a is spreading through an exploit that triggers the recently discovered vulnerability in WinRAR.

Manage Your Dark Content and Increase Compliance

Everteam

It’s a simple problem that every organization has – finding and managing dark data – information spread across the organization, often hidden in systems and repositories.

Webinar: Taking the risk out of application modernization with integrated DevOps

Rocket Software

On February 27 th , Rocket VP of Solutions Sales, Dan Magid, alongside Senior Sales Engineer, Charles Jones, hosted a webinar about the risks of application modernization, and how to minimize them with integrated DevOps.

RSA Conference 2019: What You Need to Know by Dan Lohrmann

IG Guru

The 2019 version of RSA Conference in San Francisco has come and gone. Here are some of the product and session highlights, major themes and excellent resources to dig deeper into myriad cybersecurity and technology topics.

Most firms lack control of, confidence in their own data

Information Management Resources

A majority of organizations are struggling to unlock the true potential of data because of a lack of control, leaving many with untrusted data that undermines business innovation and customer interactions. Data management Data strategy Data discovery

Data 65

Data As Experience: Context Is King

Perficient Data & Analytics

This is a continuation of my Data As Experience Series. The last post was on the Customer Role. Context: Why It’s Important. You cannot create a great report or insight without first taking into account a user’s context. Where they are and what they are doing should influence what you create for them. Remember that the purpose of analytics is to enable your end users with the power of information.

Data 43

9 top Internet of Things trends for 2019

Information Management Resources

Commercial applications, edge computing, machine phishing and real-time data access are among the top trends that will drive IoT strategies. Internet of things Data management Data strategy

Stealing Corporate Funds Still Top Goal of Messaging Attacks

Dark Reading

Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile

IT 60

Why artificial intelligence needs a reality check

Information Management Resources

The use of artificial intelligence is overhyped—some experts believe that IA or “information augmentation” is the proper first step. Artificial intelligence Machine learning Data strategy

Bridging the gap between AWS Lambda and other clouds: TriggerMesh

DXC Technology

If you want to do serverless computing today chances are you’re using Amazon Web Services (AWS) Lambda. Which is fine if you’re wedded to AWS, but if you’d rather use another cloud or run a hybrid cloud, AWS-specific Lambda may not be ideal. Enter TriggerMesh Knative Lambda Sources (KLASS), which offers a way to bridge […]. Cloud AWS lambda serverless TriggerMesh

Cloud 40

Success with the IoT starts with understanding 'Thing Management'

Information Management Resources

Most organizations think of asset management as the practice of tracking and managing IT devices such as routers, switches, laptops and smartphones. But that’s now only part of the picture. Internet of things Data strategy Device security

IoT 60

“I Can’t Believe It’s Not Live!” Why Native-Format Web Archives Make for Persuasive Evidence

Hanzo Learning Center

Every litigator yearns for that Perry Mason moment, when we calmly introduce the critical evidence that abruptly changes the course of our trial. Our dog-loser case transforms, as if by magic, into a rock-solid winner winner chicken dinner. via GIPHY. social media native format web archive WARC PDF website evidence website capture dynamic web capture online evidence dynamic format dynamic web evidence web archiving screenshot

Data center company Cologix said to seek $500M investor

Information Management Resources

Cologix Inc., the data center company backed by Stonepeak Infrastructure Partners, is seeking a $500 million equity injection from a new institutional investor. Data storage Data management Data warehouses

Data 60

New Mirai Version Targets Business IoT Devices

Dark Reading

The notorious Internet of Things botnet is evolving to attack more types of devices - including those found in enterprises

IoT 52

Cathay to mine personal data to tailor to premium flyers

Information Management Resources

The airline is logging the travel habits of lucrative business-class flyers, such as when they want their seat laid flat, in a bid to individually tailor flights for them. Data mining Data visualization Customer data Data management

ThreatList: DDoS Attack Sizes Drop 85 Percent Post FBI Crackdown

Threatpost

The FBI's crackdown on 15 DDoS-for-hire sites appears to have had an impact on DDoS attacks, the average size for which dropped 85 percent in the fourth quarter of 2018, a new report found. IoT Most Recent ThreatLists Vulnerabilities Web Security DDoS DDoS-for-hire Denial of Service FBI HTTPS SSDP Amplification attack UDP attack

IoT 52

Facebook told to face up to extremism after New Zealand attack

Information Management Resources

Pressure is building on Facebook Inc. and other social media platforms to stop hosting extremist propaganda including terrorist events, after Friday’s deadly attacks on two mosques in New Zealand were live-streamed. Social media Data security Facebook

Researcher Says NSA’s Ghidra Tool Can Be Used for RCE

Threatpost

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users. Vulnerabilities Web Security attack exploit ghidra NSA Open Source project Proof of Concept reverse engineering tool vulnerability XXE

Tools 52

Crowdsourced vs. Traditional Pen Testing

Dark Reading

A side-by-side comparison of key test features and when best to apply them based on the constraints within your budget and environment

50

Norsk Hydro Calls Ransomware Attack ‘Severe’

Threatpost

When asked if the company plans to pay the ransom, its CFO said its main strategy is to use the backup data stored in the system. Critical Infrastructure Hacks aluminum cyberattack lockergoga ransomware norsk hydro Ransomware Attack

What constitutes disclosure?

InfoGovNuggets

“Is Your ETF Conflicted?,” ” The Wall Street Journal , March 12, 2019. JP Morgan discloses conflicts between itself and people buying into one of its funds in a 47-page brochure brochure. Yes, knowing about conflicts your investment adviser may have is a good thing – it’s useful information.

Everglades National Park Commission Papers

Archives Blogs

Dew in the morning, NPSphoto, G.Gardner. In our current climate of growing environmental concern, the. condition and protection of national parks has become a recurring part of our. 24-hour news cycle. Everglades National Park is Florida’s most famous national.

Paper 26

DocuWorld Europe 2019 – The Latest News

Docuware

DocuWorld Europe will be kicking off in just under three weeks (April 9-11, 2019, Sa Coma / Mallorca).

DTU and TU Delft develop stress adapted orthotropic infill for 3D printing

3ders

A team of researchers at the Technical University of Denmark (DTU) and Delft University of Technology (TU Delft) has developed a new method for generating stress adapted orthotropic infill for 3D printing. 3D Printing Technology

0

Worlds largest 3D construction printer is coming to Saudi Arabia in 2019

3ders

Saudi Arabia's Elite for Construction & Development Company has purchased what has been described as the world's largest 3D construction printer from Danish firm Cobod International. 3D Printers

0