Weekend Reads 052920

Data breach notifications are meant to tell you what happened, when and what impact it may have on you. —Zack Whittaker

If “experience is merely the name men gave to their mistakes,” as Oscar Wilde puts it in The Picture of Dorian Gray, then the more we know about the threats we face and how we react to these threats, the better our chances are of keeping our data secure and our company’s name out of the headlines for all the wrong reasons. —Anastasios Arampatzis

Whenever a popular web interface gets any kind of significant visual change, a lot of people react with confusion, dismay, and even anger. —Angela Lashbrook

MicrosoftMicrosoft is creating a new kind of Office document. Instead of Word, Excel, or PowerPoint, the company has created Lego blocks of Office content that live on the web. The tables, graphs, and lists that you typically find in Office documents are transforming into living, collaborative modules that exist outside of traditional documents. —Tom Warren

First of all, I’d like to discourage you from adding security gimmicks to your product. You are no more likely to come up with an exciting new security feature on your own as you are a miracle cure for the covid. Your sales and marketing people may get excited about the feature, and they may get the customer excited about it too, but the excitement won’t last.

Academics from École Polytechnique Fédérale de Lausanne (EPFL) disclosed a security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device, exposing over a billion of modern devices to hackers. —Ravie Lakshmanan

Named Ramsay, ESET says this malware toolkit appears to have been designed with features to infect air-gapped computers, collect Word and other sensitive documents in a hidden storage container, and then wait for a possible exfiltration opportunity. —Catalin Cimpanu

Jay-Z isn’t happy. In fact, the 50-year-old rapper and father of three sounds like he’s flipping out in a way you’ve never heard before. You’d have to go back to Jay during his early-2000s feud with Nas to hear him anywhere close to this incensed. Only this time he’s not rapping. He’s ranting. —Luke Dormehl

In this final part of the series, I discuss why everyone should consider reviewing their OPSEC (Operations Security), not just those with something to hide.

Identity access management is the process of verifying information to identify a user. This information is used to authenticate the identity of an individual, and in the process of authentication, the user is given authorized access and to perform certain tasks or to access information. Access management is about what networks, systems, applications, and data that the identified user can access and control. —Steve Tipton