Blockchain and Trust
Schneier on Security
FEBRUARY 12, 2019
Krebs on Security
FEBRUARY 18, 2019
The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 6, 2019
Netherlands, Germany and UK Have Logged the Most Data Breach Reports Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K. receiving the greatest number of notifications, according to the law firm DLA Piper.
The Guardian Data Protection
FEBRUARY 17, 2019
Company broke privacy and competition law and should be regulated urgently, say MPs Facebook deliberately broke privacy and competition law and should urgently be subject to statutory regulation, according to a devastating parliamentary report denouncing the company and its executives as “digital gangsters”. The final report of the Digital, Culture, Media and Sport select committee’s 18-month investigation into disinformation and fake news accused Facebook of purposefully obstructing its inquiry
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Security Affairs
FEBRUARY 27, 2019
Experts at Exploit detection service EdgeSpot detected several PDF documents that exploit a zero-day flaw in Chrome to harvest user data. Exploit detection service EdgeSpot spotted several PDF documents that exploit a zero-day vulnerability in Chrome to harvest data on users who open the files through the popular web browser. The experts initially detected the specially-crafted PDF files in December 2018.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
IBM Big Data Hub
FEBRUARY 22, 2019
Machine learning (ML) offers huge potential to help compliance and legal teams accomplish many of their most important rule tracking, employee monitoring and documentation activities.
Krebs on Security
FEBRUARY 8, 2019
A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week. The missives are raising eyebrows because they were sent only to specific anti-money laundering contacts at credit unions, and many credit union sources say they suspect the non-public data may have been somehow obtained from the National Credit Union Administration (NCUA), an independent federal agency that insures deposits at federally insured credit unions.
Data Breach Today
FEBRUARY 20, 2019
Popular Password Managers for Windows Fail to Tidy Up Before Locking Up Shop A security audit of popular password manager has revealed some concerning weaknesses. Luckily, none of the problems are showstoppers that should put people off using such applications. But the research shows that some password managers need to more thoroughly scrub data left in memory.
Adam Levin
FEBRUARY 18, 2019
Facebook’s long string of privacy scandals may (finally) have some meaningful repercussions by way of a multi-billion dollar fine from the Federal Trade Commission. The social media giant has been under investigation by the FTC since March 2018 in the wake of the Cambridge Analytica scandal, which affected 87 million users and may have been a pivotal influence in the 2016 election campaign.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
FEBRUARY 11, 2019
Security experts found a serious flaw tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O. Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O.
IT Governance
FEBRUARY 26, 2019
The shortest month of the year is over in a flash, but not before a significant number of data breaches and cyber attacks could take place. I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. At the time of publication, that’s roughly 30,000 records per minute so far this year…. As always, if I’ve missed anything please do let me know in the comments below.
WIRED Threat Level
FEBRUARY 18, 2019
With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders.
Krebs on Security
FEBRUARY 21, 2019
Fraud investigators say they’ve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message, thereby enabling fraudsters to collect it from anywhere in the world. One interesting component of this criminal innovation is a small cellphone and Bluetooth-enabled device hidden inside the contactless payment terminal of the pump, which appears to act as a Bluetooth hub that wirelessly gathers card
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
FEBRUARY 18, 2019
While Exploitable Protocols and Processes Persist, Adoption of Secure Fixes Lags The internet is composed of a series of networks built on trust. But they can be abused due to weaknesses in older protocols, such as Border Gateway Protocol and the Domain Name System, which were not designed to be secure and are now being abused for online crime and espionage.
Micro Focus
FEBRUARY 11, 2019
Over the past decade, through a combination of organic growth and M&A, Micro Focus has grown precipitously. Today, the company has thousands of employees in 43 countries worldwide, and is one of the largest pure-play enterprise software companies in the world. Yet, despite this size and growth, and likely because the company is headquartered in.
Security Affairs
FEBRUARY 18, 2019
Most of us know MITRE and the ATT&CK framework that they have come up with. What a splendid job they have done for the cyber security community by bringing most of the key attack vectors under an organized framework that segregates these attack vectors in various stages of a typical attack. Moreover, not only they have orchestrated the key attack vectors but the mitigation and detection guidance for each attack vector are also part of this framework.
IT Governance
FEBRUARY 1, 2019
Follow our advice to successfully manage risks and respond to a variety of information security incidents. Any day during which you find out that you’ve been breached will be bad. But do you know what would be worse? Realising three days later that you’ve missed the deadline for reporting the incident to your supervisory authority. Under the GDPR (General Data Protection Regulation) , organisations have 72 hours from the moment they become aware of a breach to report the incident.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
FEBRUARY 21, 2019
Roman Dobrokhotov has been playing a dangerous game for a Russian reporter: identifying agents of the GRU military intelligence agency.
Krebs on Security
FEBRUARY 12, 2019
Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever. Founded in 2001 and based in Milwaukee, Wisc., VFEmail provides email service to businesses and end users.
Data Breach Today
FEBRUARY 8, 2019
Latest in a Series of Substantial HHS Penalties for Violations Federal regulators have hit a California-based healthcare provider with a $3 million HIPAA settlement related to two breaches involving misconfigured IT. It's the latest in a recent series of hefty penalties issued in HIPAA cases.
OpenText Information Management
FEBRUARY 25, 2019
This year, OpenText™ sent our first official delegation of talented female employees from our Hyderabad and Bangalore offices to the Grace Hopper Celebration India (GHCI). As Asia’s largest gathering of women technologists, GHCI provided our delegation with incredible learning and networking opportunities. I had the pleasure of joining our inaugural Indian delegation to GHCI in … The post Celebrating diversity and women in technology in India appeared first on OpenText Blogs.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Security Affairs
FEBRUARY 21, 2019
Security experts at BitDefender have released a new version of the GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5. Security experts at BitDefender have released a new version of the GandCrab decryptor that could be used to decrypt versions of GandCrab 1, 4 and 5, including the latest version 5.1. The GandCrab decryptor is available for free from BitDefender and from the NoMoreRansom project.
Schneier on Security
FEBRUARY 26, 2019
A research group at NATO's Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise -- we don't know what country they were from -- to demonstrate the power of the attack technique. Over four weeks, the researchers developed fake pages and closed groups on Facebook that looked like they were associated with the military exercise, as well as profiles impersonating service members both real and imagined.
John Battelle's Searchblog
FEBRUARY 25, 2019
If the latest tech revelations have proven anything, it’s that the endless cycle of jaw-dropping headlines and concomitant corporate apologetics has changed exactly nothing. Over and over, the pattern repeats. A journalist, researcher, or concerned citizen finds some appalling externality associated with one of our largest technology platforms.
Krebs on Security
FEBRUARY 4, 2019
Godaddy.com , the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal.
Advertisement
Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.
Data Breach Today
FEBRUARY 28, 2019
'Authorized Third Party' Responsible for Leak, Company Says An "authorized third party" exposed a Dow Jones database with more than 2.4 million records of risky businesses and individuals on a public server without password protection. The incident points to the importance of proper vendor risk management, security experts say.
National Archives Records Express
FEBRUARY 25, 2019
We are pleased to announce the release of our Blockchain White Paper. The white paper began as an internal effort to assist NARA staff in learning more about the technology and how agencies are using it. While it includes a very high-level overview of the technical aspects of blockchain, it is useful to records managers because it explores the various implications for Federal electronic records management programs.
Security Affairs
FEBRUARY 6, 2019
Google patched a critical flaw in its Android OS that allows an attacker to send a specially crafted PNG image file to hack a target device, Opening an image file on your smartphone could allow attackers to hack into your Android device due to three critical vulnerabilities, CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988. The flaws affect millions of Android devices running versions of the Google OS, ranging from Android 7.0 Nougat to the latest Android 9.0 Pie.
Let's personalize your content