The Last Watchdog

APRIL 18, 2019

A dozen years after Apple launched the first iPhone, igniting the smartphone market, the Bring Your Own Device to work phenomenon is alive and well. Related: Stopping mobile device exploits. The security issues posed by BYOD are as complex and difficult to address as ever. Meanwhile, the pressure for companies to proactively address mobile security is mounting from two quarters.

MDM 136

MDM Phishing Security Access 136

Troy Hunt

APRIL 15, 2019

Do you ever hear those stories from your parents along the lines of "when I was young." and then there's a tale of how risky life was back then compared to today. You know, stuff like having to walk themselves to school without adult supervision, crazy stuff like that which we somehow seem to worry much more about today than what we did then. Never mind that far less kids go missing today than 20 years ago and there's much less chance of them being hit by a car , circumstances are such today tha

Passwords 111

Passwords Privacy Manufacturing Access 111

Data Breach Today

APRIL 17, 2019

Cisco Talos Researchers Describe Group's Methods A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns. Experts say defenses against DNS hijacking lag.

217

217

Krebs on Security

APRIL 15, 2019

Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [ NYSE:WIT ] is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity. Wipro has refused to respond to questions about the alleged incident.

IT 259

IT Insurance Communications Phishing 259

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

The Last Watchdog

APRIL 17, 2019

It’s edifying what you can find shopping in the nether reaches of the dark web. Related: Why government encryption backdoors should never be normalized. Academic researchers from Georgia State University in the U.S. and the University of Surrey in the U.K. recently teamed up and found evidence of an emerging market for stolen and spoofed machine identities.

Marketing 103

Marketing Sales Digital transformation Encryption 103

Data Breach Today

APRIL 15, 2019

Report: Hacker Could Spoof Child's Location, View Personal Information An Australian company that markets a smartwatch designed to let parents monitor their child has taken its service offline after researchers revealed hackers could listen in on and spy on a child's location. The finding marks another damaging security finding for smartwatches.

Marketing 263

Marketing Security IT 263

Krebs on Security

APRIL 14, 2019

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “ Land Lordz ,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings. The ne’er-do-well who set up the account below has been paying $550 a month for a Land Lordz “basic plan” subscription at landlordz[.]site that helps him manage more than

Phishing 237

Phishing Authentication Paper Passwords 237

The Last Watchdog

APRIL 16, 2019

A recent poll of some 300 senior executives from U.S.-based life sciences and high-tech manufacturing companies sheds light on how digital transformation – and the rising role of third-party partners – have combined to create unprecedented operational challenges in the brave new world of digital commerce. Related: AI one-upsmanship prevails in antivirus field.

Digital transformation 103

Digital transformation Manufacturing Healthcare Compliance 103

Security Affairs

APRIL 15, 2019

Experts at Imperva discovered a new type of large-scale DDoS attack that abuses the HTML5 Ping-based hyperlink auditing feature. Experts at Imperva Vitaly Simonovich and Dima Bekerman observed a large-scale DDoS attack abusing the HTML5 Ping-based hyperlink auditing feature. The DDoS attack peaked at a massive 7,500 requests per second and delivered more than 70 million requests over a four-hour period from around 4,000 user IPs. “We recently investigated a DDoS attack which was generated

Security 111

Security IT 111

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

APRIL 17, 2019

Facebook's Cryptocurrency Folly, Scaling Security and Why Doomsday Is Temporary From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.

Blockchain 249

Blockchain GDPR Privacy Cybersecurity 249

Krebs on Security

APRIL 18, 2019

The crooks responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro , India’s third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant , new evidence suggests. The clues so far suggest the work of a fairly experienced crime group that is focused on perpetrating gift card fraud.

IT 182

IT Retail Phishing Access 182

The Last Watchdog

APRIL 18, 2019

Imposing just the right touch of policies and procedures towards mitigating cyber risks is a core challenge facing any company caught up in digital transformation. Related: Data breaches fuel fledgling cyber insurance market. Enterprises, especially, tend to be methodical and plodding. Digital transformation is all about high-velocity innovation and on-the-fly change.

Digital transformation 101

Digital transformation Security Risk Cloud 101

Security Affairs

APRIL 16, 2019

Ecuador suffered 40 million cyber attacks on websites of public institutions since the arrest of Wikileaks founder Julian Assange. Last week, WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London. after Ecuador withdrew asylum after seven years. In response to the arrest acktivist communities launched several attacks against the Ecuador government.

Government 105

Government Data breaches Communications Access 105

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

APRIL 19, 2019

Millions of Instagram Users Affected by Plain-Text Password Storage Two security issues disclosed by Facebook over the past month are worse than first thought, adding to a harrowing series of data-handling mishaps by the social network. Millions of Instagram users had their plain-text passwords stored, and 1.5 million people had their email contact lists uploaded without consent.

Passwords 246

Passwords Security 246

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. Marcus Hutchins, just after he was revealed as the security expert who stopped the WannaCry worm.

Manufacturing 166

Manufacturing Government Communications Ransomware 166

Schneier on Security

APRIL 15, 2019

Supply chain security is an insurmountably hard problem. The recent focus is on Chinese 5G equipment, but the problem is much broader. This opinion piece looks at undersea communications cables: But now the Chinese conglomerate Huawei Technologies, the leading firm working to deliver 5G telephony networks globally, has gone to sea. Under its Huawei Marine Networks component, it is constructing or improving nearly 100 submarine cables around the world.

Communications 103

Communications Security IT 103

Security Affairs

APRIL 13, 2019

Hackers publish personal data on thousands of US police officers and federal agents. Media outlet Techcrunch reported that a hacker group has breached several FBI-affiliated websites and leaked the stolen info online. A hacker group claims to have hacked dozens of websites affiliated with the FBI and leaked online dozens of files containing the personal details of thousands of federal agents and law enforcement officers, The hacker claimed to have stolen “over a million data” belonging to employ

Encryption 103

Encryption Ransomware Manufacturing Personal data 103

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Breach Today

APRIL 15, 2019

Blue Cross of Idaho and Palmetto Health Report Financial, Payroll Breaches Two recent data breaches at organizations in the healthcare sector illustrate that systems beyond those directly related to patient care can be at risk.

Data breaches 247

Data breaches Risk 247

DXC Technology

APRIL 15, 2019

A growing number of enterprise leaders view artificial intelligence (AI) and machine learning (ML) as transformational technologies that can enable better decision-making, increase efficiency, eliminate human error, and lower costs. For many enterprise workers, however, the relentlessly consistent performance promised by intelligent machines looms as a threat to their jobs.

Artificial Intelligence 95

Artificial Intelligence Digital transformation 95

Schneier on Security

APRIL 18, 2019

DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the process, they went so far as to compromise multiple country-code top-level domains -- the suffixes like.co.uk or.ru that end a foreign web address -- putting all the traffic of every domain in multiple co

Military 99

Military Risk IT Security 99

Security Affairs

APRIL 19, 2019

Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools. A hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked cyber-espionage group tracked as OilRig , APT34 , and HelixKitten. OilRig is an Iran-linked APT group that has been around since at least 2014, it targeted mainly organizations in the financial, government, energy, telecoms and chemical

Phishing 102

Phishing Government IT Security 102

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Data Breach Today

APRIL 16, 2019

Boston Children's Hospital is pioneering the use of Amazon's Alexa voice assist technology in the healthcare sector. John Brownstein, the hospital's chief innovation officer, discusses the security measures involved.

Security 235

Security 235

IT Governance

APRIL 14, 2019

A version of this blog was originally published on 9 November 2017. Documentation is a crucial part of any ISO 27001 implementation project, and one of the most important documents you need to complete is the SoA (Statement of Applicability). In this blog, we explain what an SoA is, why it’s important and how to produce one. What is a Statement of Applicability?

Risk 90

Risk Information Security Data breaches Security 90

Schneier on Security

APRIL 15, 2019

Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol: The design flaws we discovered can be divided in two categories. The first category consists of downgrade attacks against WPA3-capable devices, and the second category consists of weaknesses in the Dragonfly handshake of WPA3, which in the Wi-Fi standard is better known as the Simultaneous Authentication of Equals (SAE) handshake.

Passwords 99

Passwords Security Authentication Paper 99

Security Affairs

APRIL 14, 2019

FACEBOOK down: Facebook, Instagram, and Whatsapp services have gone down in Europe, US, Malaysia, and worldwide leaving millions of users furious. Facebook services including Instagram and Whatsapp are facing a widespread outage. The outage of Facebook services happens one month after the longest outage in history. Users in Europe, Malaysia and some parts of the US are not able to access to Facebook, Instagram, and Whatsapp.

Access 102

Access Security IT 102

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Data Breach Today

APRIL 17, 2019

But Does 'Flaw' in DICOM File Format Represent a Serious Risk? A "flaw" in the file format of the DICOM standard for communication of medical imaging information could be exploited to hide malware in MRI and CT scans alongside patient data, according to a new research report. But the developer of DICOM contends the feature isn't a flaw and any risks can be mitigated.

Communications 227

Communications Risk 227

Dark Reading

APRIL 15, 2019

Unknown hackers broke into databases of nonprofit and have posted online personal info on FBI, Secret Service, Capitol Police, US Park Police, others.

98

98

DXC Technology

APRIL 16, 2019

In contrast to the popular belief that technologies such as AI are going to leave skilled and unskilled workers high and dry, recent research into the effects of automation indicate it can lead to increased demand, creating new job opportunities. But without the right enterprise building blocks in place your organisation will not be able […].

IT 87

IT Artificial Intelligence Analytics Government 87