SB Archives - Security Boulevard

Another Cloud Storage Leak Exposes Verizon IT Files

by Lucian Constantin on September 22, 2017

Security researchers have found yet another Amazon S3 storage container with sensitive data that was publicly accessible to anyone on the internet. The S3 bucket contained around 100MB of data, including internal files, usernames, passwords and email messages from U.S. telecommunications provider Verizon Wireless. Many of the files were associated with an internal middleware application
Read more

Cyberlaw SB Spotlight

Uber, Waymo and Their Billion-Dollar Showdown

by Christopher Burgess on September 22, 2017

The ongoing court saga between Alphabet’s Waymo and Uber concerning the alleged intellectual property theft by Uber continues to evolve. Those on the couch with popcorn have not been disappointed. The most recent revelation to spill from the court proceedings is the amount Alphabet has invested in its autonomous car research and development: $1.1 billion.
Read more

Data Security Featured Malware News SB Vulnerabilities

CCleaner Supply Chain Attack Targeted Technology Companies

by Lucian Constantin on September 21, 2017

New evidence shows the hackers who infected the installers for the popular CCleaner system optimization tool were primarily targeting the program’s business users. There are also links between the malware code and a well-known Chinese cyber-espionage group. The malware-infected installers for 32-bit versions of CCleaner and CCleaner Cloud released in August were installed on more
Read more

Governance, Risk & Compliance SB

What’s Your eDiscovery Process?

by Don Macvittie on September 21, 2017

When you buy/build a house, do you set up completely separate garages—one for cars, one for bikes, one for pickups, one for boats? No. Because itemized storage isn’t the goal. You also don’t make your motorcycle more like a bike so they can share the same garage space, because they’re similar but different tools. We
Read more

Cloud Security Data Security Malware News SB Spotlight Vulnerabilities

Like Equifax, Thousands of Companies Use Vulnerable Apache Struts Versions

by Lucian Constantin on September 20, 2017

U.S. credit monitoring bureau Equifax has been heavily criticized for its failure to patch a known critical vulnerability in the Apache Struts web development framework, an oversight that led to a massive data breach affecting 143 million people. A new report shows that poor patch management practices are common in enterprise environments and that Equifax
Read more

CISO Suite SB Spotlight

5 Essential Duties CISOs Dread

by Ericka Chickowski on September 20, 2017

CISOs are highly paid and short-lived in their positions for a reason. It’s a relentlessly difficult job to do well, requiring a unique mix of skills to pull it off successfully. Great CISOs need to have the technical chops to know whether their team is effectively managing infrastructure and to keep abreast of cyberthreats that
Read more

Cyberlaw Data Security SB Spotlight Threats & Breaches

Russian Criminal Monetized Identity Theft for $50 Million

by Christopher Burgess on September 19, 2017

With the plethora of data breaches that have occurred over the past five years reaching a crescendo with the Equifax breach, it should surprise no one that a criminal’s end goal is the use of identity theft to effect monetization. Yes, each piece of personal identifying data, financial data or medical information on an individual
Read more

Application Security Blogs Featured SB

CCleaner Performance Optimization Comes with a Side of System Compromise

by Tony Bradley on September 18, 2017

Anyone who has used a computer running the Windows operating system knows that performance seems to deteriorate over time, and it can be helpful to clean things up and optimize the system every once in a while. CCleaner is a popular free software product developed for just that purpose. Unfortunately, it seems CCleaner itself was
Read more

Malware News SB Spotlight Threats & Breaches

Attackers Use Undocumented Word Feature to Fingerprint Victims’ Software

by Lucian Constantin on September 18, 2017

Attackers are taking advantage of an undocumented feature in Microsoft Word to gather information about potential victims by using seemingly harmless documents that have no active code embedded in them. The technique was discovered by researchers from Kaspersky Lab in OLE2-formatted documents distributed as attachments to spearphishing emails. The files abused a feature called INCLUDEPICTURE
Read more

Blogs Data Security Governance, Risk & Compliance SB Spotlight

The EU’s Looming GDPR Privacy Regulation Should Be Scaring You

by Scot Finnie on September 18, 2017

If your company does business in any of the 28 member countries of the European Union, privacy is about to become a fierce preoccupation for the C-suite, thanks to the EU’s forthcoming General Data Protection Regulation (GDPR). According to a recent Trend Micro survey, 79 percent of business leaders who have read the requirements of
Read more

Page 1 of 312 3 »