Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. Yesterday was a perfect example of that with 2 separate noteworthy stories adorning my early morning Twitter feed. The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing

Passwords 94

Passwords Education Data breaches Security 94

The Last Watchdog

NOVEMBER 5, 2018

Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden privacy pitfalls in every day technology. Related: Europe tightens privacy rules. From smart phones, to smart TVs, location services, and speech capabilities, often times user data is stored without your knowledge.

Privacy 131

Privacy Sales Access Big data 131

Data Breach Today

NOVEMBER 5, 2018

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack. Insurance firm Beazley says cyber claims for ransomware have increased in recent months, with the healthcare sector hardest hit.

Ransomware 245

Ransomware Insurance 245

Krebs on Security

NOVEMBER 7, 2018

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out. This week, the U.S.

Authentication 278

Authentication Communications IT Security 278

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

IT Governance

NOVEMBER 7, 2018

All organisations experience disruptions, whether that’s from a cyber attack, IT failure, weather event or something else, and they need to be prepared. The longer it takes to address an issue, the more the costs will spiral and the harder it will be to recover. A disaster recovery plan gives organisations a process for responding to a variety of incidents.

Insurance 113

Insurance Risk Data breaches Government 113

Data Breach Today

NOVEMBER 7, 2018

Privacy Breach Claims Are Rising, Says Thomas Clayton of Zurich Insurance Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance.

Insurance 266

Insurance GDPR Privacy IT 266

Krebs on Security

NOVEMBER 9, 2018

A Connecticut man who’s earned bug bounty rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that leveraged these same flaws to sell their customers’ personal data, KrebsOnSecurity has learned. In May 2018, ZDNet ran a story about the discovery of a glaring vulnerability in the Web site for wireless provider T-Mobile that let anyone look up customer home addresses and account PINs.

Sales 196

Sales Personal data Access Marketing 196

AIIM

NOVEMBER 6, 2018

How do you make SharePoint and Office 365 deliver value as an intelligent information management platform? That's what we sought to find out when we first contacted SharePoint expert, Rob Bogue. Rob basically eats, breathes, and sleeps SharePoint, so we knew he'd be the perfect one to work with. Over the following months, we worked with Rob to develop an online course designed to teach you about Implementing Intelligent Information Management on SharePoint and Office 365.

Libraries 89

Libraries Access 89

Security Affairs

NOVEMBER 9, 2018

VMware released security patches for a critical virtual machine (VM) escape vulnerability that was recently discovered at a Chinese hacking contest. VMware has released security patches for a critical virtual machine (VM) escape vulnerability (CVE-2018-6981 and CVE-2018-6982) that was recently discovered by the researcher Zhangyanyu at the Chinese GeekPwn2018 hacking contest.

Security 110

Security Cloud IT 110

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

NOVEMBER 7, 2018

'Unauthorized Entry' to Some Accounts Exposes Account Details and Statements HSBC bank is warning some of its U.S. customers that their personal data was compromised in a breach, although it says it's detected no signs of fraud following the "unauthorized entry." Security experts say the heist has all the hallmarks of a credential-stuffing attack campaign.

Data breaches 233

Data breaches Personal data Security IT 233

IT Governance

NOVEMBER 6, 2018

Disasters happen, whether it’s a cyber attack, flood, power outage, road closure or any other type of disruption. And when it strikes, your organisation needs to be ready to implement its business continuity and disaster recovery plans. . You might have been taught that these are two names for the same thing (they are often used interchangeably), but there’s a big difference.

Government 97

Government IT Security 97

AIIM

NOVEMBER 9, 2018

Life for the owner of a startup can be stressful and filled with rapid-fire choices that can hobble progress and add an undue burden. Luckily for startup owners everywhere automation has become a ubiquitous technology and is innovating in the business sector every day. This technology brings with it the possibility for owners to run a business in a cost-effective way without sacrificing productivity.

Communications 89

Communications Marketing Sales Digital transformation 89

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. According to the BBC, crooks are offering for sale on underground criminal forums the private messages of 81,000 hacked Facebook accounts. “The perpetrators told the BBC Russian Service that they had detail

Sales 106

Sales Data breaches Encryption Authentication 106

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

NOVEMBER 8, 2018

Company Says Medicare Supplemental Plan Policyholders Among Those Impacted Bankers Life is notifying more than 566,000 individuals, including Medicare supplemental insurance policyholders, that their personal information was exposed in a hacking incident. Employee credentials were compromised, enabling unauthorized access to certain company websites containing personal data.

Insurance 206

Insurance Personal data Access 206

IT Governance

NOVEMBER 6, 2018

Disasters happen, whether it’s a cyber attack, flood, power outage, road closure or any other type of disruption. And when it strikes, your organisation needs to be ready to implement its business continuity and disaster recovery plans. . You might have been taught that these are two names for the same thing (they are often used interchangeably), but there’s a big difference.

Government 97

Government IT Security 97

Data Matters

NOVEMBER 5, 2018

Rapid advances in automation have the potential to disrupt a number of sectors, perhaps none more so than the automobile industry. The U.S. Department of Transportation (DOT) has accordingly announced its intention to take “active steps to prepare for the future by engaging with new technologies to ensure safety without hampering innovation.” Most recently, on October 4, 2018, DOT issued Preparing for the Future of Transportation: Automated Vehicles 3.0 (AV 3.0), its third round of guidance on

Cybersecurity 87

Cybersecurity Government Communications Privacy 87

Security Affairs

NOVEMBER 9, 2018

According to the head of the Federal Investigation Agency’s (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach. Almost all Pakistani banks were affected by a recent security breach, the shocking news was confirmed by the head of the Federal Investigation Agency’s (FIA) cybercrime wing. “According to a recent report we have received, data from almost all Pakistani banks has been reportedly hacked,” FIA Cybercrimes Director retired Capt Mohammad

Sales 106

Sales Security Access IT 106

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Breach Today

NOVEMBER 8, 2018

Another Secure Service - As Allegedly Marketed to Criminals - Fails to Deliver Once again, a supposedly secure service allegedly marketed to criminals has proven to have limits. Dutch police have busted a "cryptophone" operation, allowing them to decrypt more than 258,000 encrypted chat messages, leading to a drug lab bust, 14 arrests and the seizure of cash, drugs and weapons.

Encryption 200

Encryption Marketing Security 200

IT Governance

NOVEMBER 8, 2018

Whether you’re creating a disaster recovery or business continuity plan, you must conduct a risk assessment and a BIA (business impact analysis). These processes inform your decision making and are often grouped together because they tackle similar issues, but don’t think you can get away with doing only one. Think of them instead as two parts of a whole.

Risk 90

Risk Government IT 90

Schneier on Security

NOVEMBER 9, 2018

This is a new thing : The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that's used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape. This feels like an example of the US's new strategy of actively harassing foreign government actors.

Government 92

Government Security 92

Security Affairs

NOVEMBER 4, 2018

The author of the infamous Kraken ransomware has released a new version of the malicious code and launched a RaaS distribution program on the Dark Web. Researchers from Recorded Future’s Insikt Group and McAfee’s Advanced Threat Research team have discovered a new version of the malware that is offered through a RaaS distribution program on the Dark Web.

Ransomware 104

Ransomware Security IT 104

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Data Breach Today

NOVEMBER 7, 2018

Card Details From 22 Banks Appeared On Underground Market Pakistan says the nation's banks have not been hacked, but are taking defensive steps after nearly 20,000 payment card details appeared for sale online. The State Bank of Pakistan says banks are implementing restrictions on international transactions.

Sales 189

Sales Marketing 189

IT Governance

NOVEMBER 5, 2018

When you begin your BCP (business continuity plan) project, it’s a good idea to produce a checklist of tasks. This helps you stay on top of your progress during what will almost certainly be a long process. To give you an idea of what your checklist should consist of, we’ve created this three-step guide. Assemble the team. You’ll want a team of employees to take primary responsibility for the BCP.

Risk 90

Risk Ransomware Government Access 90

Schneier on Security

NOVEMBER 8, 2018

This is really just to point out that computer security is really hard : Almost as soon as Apple released iOS 12.1 on Tuesday, a Spanish security researcher discovered a bug that exploits group Facetime calls to give anyone access to an iPhone users' contact information with no need for a passcode. [.]. A bad actor would need physical access to the phone that they are targeting and has a few options for viewing the victim's contact information.

Access 91

Access Security 91

Security Affairs

NOVEMBER 9, 2018

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy. Included in the breaches were Italy’s National Research Center , The Institute for Education Technologies , the ILIESI Institute for the European Intellectual Le

Passwords 103

Passwords Archiving Mining Education 103

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Data Breach Today

NOVEMBER 6, 2018

Separately, Thoma Bravo Moves to Acquire Veracode Software From Broadcom Symantec has announced not one but two acquisitions of private cybersecurity firms: Javelin Networks and Appthority. Meanwhile, a private equity firm announced that it will acquire application security testing firm Veracode from Broadcom for $950 million in cash.

Cybersecurity 188

Cybersecurity Security IT 188

IT Governance

NOVEMBER 5, 2018

When you begin your BCP (business continuity plan) project, it’s a good idea to produce a checklist of tasks. This helps you stay on top of your progress during what will almost certainly be a long process. To give you an idea of what your checklist should consist of, we’ve created this three-step guide. Assemble the team. You’ll want a team of employees to take primary responsibility for the BCP.

Risk 90

Risk Ransomware Government Access 90

Schneier on Security

NOVEMBER 6, 2018

Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data

Encryption 91

Encryption Security IT 91