Data Breach Today
APRIL 3, 2020
What missteps led to hackers stealing details on 145 million Americans from Equifax in 2017? The answer to that question can be found in numerous reports and a Justice Department indictment. Security researcher Adrian Sanabria says they're essential reading for anyone responsible for cybersecurity defenses.
erwin
APRIL 3, 2020
Many organizations start an enterprise architecture practice without a specialized enterprise architecture tool. Instead, they rely on a blend of spreadsheets, Visio diagrams, PowerPoint files and the like. Under normal circumstances, this approach is difficult. In times of rapid change or crisis, it isn’t viable. Four Compelling Reasons for An Enterprise Architecture Tool.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 3, 2020
British Government and Other 'Work-From-Homers' Grapple With Remote Communications The stuck-at-home chronicles have fast become surreal, as remote workers face down a killer virus on the one hand and the flattening of their work and personal lives on the other. To help, many have rushed to adopt Zoom. And for many use cases - hint: not national security - it is a perfectly fine option.
Security Affairs
APRIL 3, 2020
Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. The ethical hacker Ryan Pickren demonstrated that it is possible to hack Apple iPhone or MacBook users by simply tricking them into visiting a website with the Safari browser. Pickren reported seven vulnerabilities to Apple that rewarded him with a $75,000 bounty.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
Data Breach Today
APRIL 3, 2020
ChristianaCare's Anahi Santiago on Telehealth Advances Amidst Pandemic Crisis Healthcare professionals are on the front line in the war against COVID-19, and their cybersecurity leaders bear unique pressure to support and secure their efforts. But amidst this crisis, Anahi Santiago, CISO of ChristianaCare Health System, also sees tremendous strides in telehealth delivery.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 3, 2020
News Reports Say Officials Investigating After Thousands Could Not Access Site Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.
Security Affairs
APRIL 3, 2020
An authenticated stored cross-site scripting (XSS) vulnerability could allow attackers to create rogue admins on WordPress sites using Contact Form 7 Datepicker plugin. Administrators of WordPress sites using the Contact Form 7 Datepicker plugin are recommended to remove or deactivate it to prevent attackers from exploiting a stored cross-site scripting (XSS) vulnerability to create rogue admins or taking over admin sessions.
Data Breach Today
APRIL 3, 2020
Researchers Determine That 19 Ecommerce Sites Have Been Targeted A Magecart group has been using a new skimmer technique to target the online checkout sites of smaller businesses in order to steal credit card data, according to RiskIQ researchers, who have spotted 19 of these malicious JavaScript attacks so far.
Hunton Privacy
APRIL 3, 2020
On April 1, 2020, the French Data Protection Authority (the “CNIL”) released guidance for employers on how to implement teleworking (the “Guidance”) as well as best practices for their employees in this context (the “Best Practices”). Guidance for Employers. According to the Guidance, employers must implement the following measures to secure their information systems: Ensuring that they have an IT charter or information security policy in place covering teleworking, or, at the very least, a set
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
APRIL 3, 2020
Researchers Say 'Vollgar' Botnet Installs Cryptominers Researchers at security firm Guardicore Labs are tracking a botnet they call Vollgar that's targeting devices running vulnerable Microsoft SQL Server databases with brute-force attacks and planting cryptominers in the infected databases.
Dark Reading
APRIL 3, 2020
Ransomware operators are aiming for bigger targets and hitting below the belt. With doxing and extortion threats added to the mix, ransomware is evolving into something even more sinister.
Data Breach Today
APRIL 3, 2020
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.
Threatpost
APRIL 3, 2020
A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
IT Governance
APRIL 3, 2020
There’s been one thing on our minds the past month: coronavirus. It appears that cyber criminals are the same, focusing all their efforts on scams that capitalise on the panic. One of the biggest risks is phishing scams – malicious messages that appear to be from a trusted source. The number of reported phishing attacks has risen by more than 600% since February , with the majority of those cashing in on people’s uncertainty and fears over the pandemic.
Troy Hunt
APRIL 3, 2020
I actually lost track of what week it was at the start of this video. Did I do the Aussie workshops last week? Or the week before? I know I was at home so. it's just all becoming a blur. But be that as it may, life marches on and this week like every other one before it was full of interesting cyber-things. I find the situation with Zoom in particular quite fascinating, particularly the willingness - even eagerness - that so many seem to have to throw the very tool that's bringing so many people
Dark Reading
APRIL 3, 2020
Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.
Schneier on Security
APRIL 3, 2020
Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers: Used properly, bug bounty platforms connect security researchers with organizations wanting extra scrutiny. In exchange for reporting a security flaw, the researcher receives payment (a bounty) as a thank you for doing the right thing.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
WIRED Threat Level
APRIL 3, 2020
The service's mixed messages have frustrated cryptographers, as the US government and other sensitive organizations increasingly depend on it.
Jamf
APRIL 3, 2020
Most people can and do manage many aspects of their lives on their phones; it’s the device they carry with them everywhere and use for everything. Read about how the FIDO Alliance and Jamf is hoping to change our reliance on passwords to help secure you with minimum fuss and maximum privacy.
Security Affairs
APRIL 3, 2020
RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites to steal customers’ payment card data. The experts discovered a new software skimmer, dubbed “MakeFrame,” that injects HTML iframes into web-pages to capture payment data.
WIRED Threat Level
APRIL 3, 2020
They've been patched, but the Safari vulnerabilities would have given an alarming amount of access.
Advertisement
While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.
Data Matters
APRIL 3, 2020
The COVID-19 global pandemic presents unique legal and practical challenges for businesses across all industries, including with respect to ongoing relationships with vendors and suppliers – whether this relates to information security, privacy compliance, business continuity and contractual issues, such as in relation to force majeure. In this webinar, we will highlight some of the key issues companies are facing when dealing with supply chain and vendor contracts, and how their concerns can be
Dark Reading
APRIL 3, 2020
Remedying the "garbage in, garbage out" problem requires an understanding of what is causing the problem in the first place.
WIRED Threat Level
APRIL 3, 2020
More than 4,000 Google Play apps let developers and advertisers collect a list of the user's other installed apps, no permission needed.
Dark Reading
APRIL 3, 2020
The FBI expects attackers will target virtual environments as more organizations rely on them as a result of the COVID-19 pandemic.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Threatpost
APRIL 3, 2020
The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus.
Dark Reading
APRIL 3, 2020
A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.
Threatpost
APRIL 3, 2020
A group of CDNs and cloud providers are joining in on a fight against common internet routing attacks.
Expert insights. Personalized for you.
258 
Let's personalize your content