Daymark
APRIL 2, 2019
For many of us, a rock-solid business continuity/disaster recovery (BC/DR) plan can mean the difference between a good night’s sleep and living in constant fear of impending doom. Hyperbole aside, many BC/DR plans are under-tested, under-architected, and misunderstood by businesses. Sure, you may have a copy of your data at a secondary site, but how do you know it’s accessible to applications in the event of a failover?
The Last Watchdog
APRIL 5, 2019
The Cloud Access Security Broker (CASB) space is maturing to keep pace with digital transformation. Related: CASBs needed now, more than ever. Caz-bees first took shape as a cottage industry circa 2013 to 2014 in response to a cry for help from companies reeling from new Shadow IT exposures : the risk created by early-adopter employees, quite often the CEO, insisting on using the latest smartphone and Software-as-a-Services tools, without any shred of security vetting.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 3, 2019
Third-Party Apps Left Facebook Users' Data Accessible in the Cloud Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
Krebs on Security
APRIL 4, 2019
An alleged top boss of a Romanian crime syndicate that U.S. authorities say is responsible for deploying card-skimming devices at Automated Teller Machines (ATMs) throughout North America was arrested in Mexico last week on firearms charges. The arrest comes months after the accused allegedly ordered the execution of a former bodyguard who was trying to help U.S. authorities bring down the group’s lucrative skimming operations.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Weissman's World
APRIL 3, 2019
Being an information consultant/analyst is a lot like being a parent in that I get to watch companies come into the world, struggle to gain acceptance, and learn to be a force unto themselves (or not). I’m not sure Alfresco yet represents a capital-F force, but after spending two intensive days with their executives, customers, […]. The post 4 Signs Alfresco Is All Growed Up appeared first on Holly Group.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 1, 2019
Hackers Targeted Servers Storing Data on 3.1 Million Customers Toyota Motor Corp. has reported its second data breach in the past five weeks. The latest incident, revealed Friday, may have exposed data on as many as 3.1 million customers.
Krebs on Security
APRIL 2, 2019
Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. Its author maintains Orcus is a legitimate R emote A dministration T ool that is merely being abused, but security experts say it includes multiple features more typically seen in malware known as a R emote A ccess T rojan.
The Last Watchdog
APRIL 3, 2019
Companies are embracing hybrid cloud deployments like never before, mixing and matching on-premises IT systems with off-premises cloud services. Related: Machine identities present wide open attack vector. To accomplish this, they must grant and manage access privileges to human identities: remote employees, third-party suppliers and far-flung customers.
Security Affairs
APRIL 2, 2019
Attackers Store Malware in Hidden Directories of Compromised HTTPS Sites. Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. Crooks are utilizing hidden “well-known” directories of HTTPS sites running WordPress and Joomla websites to store and serve malicious payloads.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
APRIL 1, 2019
Coveware Says 'Dream Market' Site Shut Down, Hampering Ransomware Attackers Arrests made last week by European, U.S. and other law enforcement agencies appear to have led to the closure of the "Dream Market" dark web site, which, in turn, disrupted certain ransomware attacks, according to an analysis by incident response firm Coveware.
Krebs on Security
MARCH 31, 2019
For the second year in a row, denizens of a large German-language online forum have donated more than USD $250,000 to cancer research organizations in protest of a story KrebsOnSecurity published in 2018 that unmasked the creators of Coinhive , a now-defunct cryptocurrency mining service that was massively abused by cybercriminals. Krebs is translated as “cancer” in German.
Hunton Privacy
APRIL 5, 2019
On January 25, 2019, Nigeria’s National Information Technology Development Agency (“NITDA”) issued the Nigeria Data Protection Regulation 2019 (the “Regulation”). Many concepts of the Regulation mirror the EU General Data Protection Regulation (“GDPR”). Key elements of the Regulation include: Application : The Regulation applies to all residents of Nigeria, all citizens of Nigeria residing outside of Nigeria and all organizations processing personal data of such individuals.
Security Affairs
APRIL 4, 2019
The German chemicals giant Bayer confirmed that of a cyber attack, it confirmed the incident but clarified that no data has been stolen. The chemicals giant Bayer is the last victims of a cyber attack, it confirmed the incident, but pointed out the hackers haven’t stolen any data. According to the company, at the beginning of 2018, it detected an intrusion that linked to Winnti threat actors, a group of Chinese APTs belonging to the Beijing intelligence apparatus, Groups under the Winnti u
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
APRIL 3, 2019
Nkeng Amin Will Serve Substantial Prison Term A 31-year-old Maryland man will serve time in prison for his leadership role in a business email compromise scheme that netted him and five others $4.2 million from 13 victims over a two-year period.
Dark Reading
APRIL 3, 2019
In a time of disruption in the security and tech worlds, cybersecurity professionals can't afford to become complacent - even in the face of a skills shortage.
IT Governance
APRIL 3, 2019
Toyota has disclosed a data breach that may have affected up to 3.1 million customers. It’s the second time the car manufacturer has been breached in the last five weeks. In a statement released on 29 March 2019, the organisation confirmed that several of its Asian subsidiaries were targeted by criminal hackers. It said that it is taking the situation seriously and will implement security measures at dealers and the entire Toyota group.
Security Affairs
APRIL 2, 2019
The privilege escalation vulnerability ( CVE-2019-0211 ) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems. An important privilege escalation vulnerability ( CVE-2019-0211 ) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems via scoreboard manipulation.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
APRIL 5, 2019
Group-IB Researchers Analyze the Latest Global Trends JavaScript sniffers - specialized malware that skims credit card information and other data from online shopping - are becoming far more prevalent, with several cybercriminal groups using the malware to target victims all over the world, a new analysis by Moscow-based security firm Group-IB finds.
Dark Reading
APRIL 2, 2019
New data from ISC(2) shows younger women are making more money than in previous generations in the field - but overall gender pay disparity persists.
OpenText Information Management
APRIL 4, 2019
The OpenText™ Partner Awards, presented annually at OpenText Enterprise World (EW), recognize our global Partners for their commitment to helping customers transform and maximize the potential of the intelligent and connected enterprise. The award winners exemplify top-performing Partners who are dedicated to helping our joint customers get the most out of their OpenText solutions. 2019 … The post OpenText announces winners of the 2019 Partner Awards at Enterprise World appeared first on O
Security Affairs
APRIL 5, 2019
Security experts at Rapid7 have discovered that over 2 million Apache HTTP servers are still affected by the CVE-2019-0211 critical privilege escalation flaw. An important privilege escalation vulnerability ( CVE-2019-0211 ) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems via scoreboard manipulation.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Data Breach Today
APRIL 2, 2019
Attack Comes After Others That Targeted Counties Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents.
DLA Piper Privacy Matters
APRIL 2, 2019
By Ewa Kurowska-Tober and Magdalena Koniarska . On 25 March 2019, the Polish data protection authority (DPA) (referred to in Polish as “PUODO”) announced the imposition of the first GDPR-related fine in Poland. A data controller was fined approximately PLN 1 million (approx. EUR 230,415 ) for a failure to comply with the information obligation set forth in Article 14 of the GDPR.
Schneier on Security
APRIL 4, 2019
Researchers have been able to fool Tesla's autopilot in a variety of ways, including convincing it to drive into oncoming traffic. It requires the placement of stickers on the road. Abstract: Keen Security Lab has maintained the security research work on Tesla vehicle and shared our research results on Black Hat USA 2017 and 2018 in a row. Based on the ROOT privilege of the APE (Tesla Autopilot ECU, software version 18.6.1), we did some further interesting research work on this module.
Security Affairs
APRIL 3, 2019
The huge trove of Facebook user data was amassed and stored online on unprotected cloud servers by third-party Facebook app developers. Definitively I can tell you that this is an awful period for Facebook and its users. We first read about an embarrassing incident involving the social network giant that asked some newly-registered users to provide the passwords to their email accounts to confirm their identity … this is absurd.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Data Breach Today
APRIL 2, 2019
Hector Monsegur on Making the Transition From Hacktivist to Researcher Why trust a former black hat? Hector Monsegur, a former member of LulzSec, describes his transition from hacktivist to researcher.
IT Governance
APRIL 2, 2019
Anyone with an interest in information security will have encountered ISO 27001 , the international standard that describes best practice for an ISMS (information security management system). However, you might not be as familiar with ISO 27002. It’s a supplementary standard that provides advice on how to implement the security controls listed in Annex A of ISO 27001.
Schneier on Security
APRIL 4, 2019
This is a pretty awful story of how Andreas Gal, former Mozilla CTO and US citizen, was detained and threatened at the US border. CBP agents demanded that he unlock his phone and computer. Know your rights when you enter the US. The EFF publishes a handy guide. And if you want to encrypt your computer so that you are unable to unlock it on demand, here's mu guide.
Expert insights. Personalized for you.
72 
Let's personalize your content