Thu.Jul 11, 2019

article thumbnail

MongoDB Database Exposed 188 Million Records: Researchers

Data Breach Today

Data Apparently Originated in a GitHub Repository Security researchers have found yet another unsecured database that left personal data exposed to the internet. In this latest case, a MongoDB database containing about 188 million records, mostly culled from websites and search engines, was exposed, researchers say.

article thumbnail

Business Architecture and Process Modeling for Digital Transformation

erwin

At a fundamental level, digital transformation is about further synthesizing an organization’s operations and technology, so involving business architecture and process modeling is a best practice organizations cannot ignore. This post outlines how business architecture and process modeling come together to facilitate efficient and successful digital transformation efforts.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Defending Against Application Breaches

Data Breach Today

The new #1 cyber threat - attacks on the applications that power your business. Applications have become primary targets for two vastly different, but equally dangerous, types of cyberattacks. Successful application breaches can lead to financial fraud, stolen IP, and business disruption.

185
185
article thumbnail

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. According to the experts, the new versions have been active at least since 2018, one of the samples analyzed by Kaspersky was used last month in Myanmar, where local government is accused of violating

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Premera Signs $10 Million Breach Settlement With 30 States

Data Breach Today

Agreement Follows Proposed $74 Million Settlement of Class Action Lawsuit Health insurer Premera Blue Cross has signed a $10 million HIPAA settlement with the attorneys general of 30 states in the wake of a 2014 data breach that exposed personal information on more than 10.4 million individuals nationwide.

Insurance 171

More Trending

article thumbnail

Apple Issues Silent Update to Remove Old Zoom Software

Data Breach Today

Rare Move Made to Protect Against Future Exploitation Apple has taken an extraordinary move to protect its users from a yet-to-be-disclosed vulnerability that could compromise Macs that have the Zoom video conferencing software installed. It released a silent update to remove a vulnerable, left-behind local web server, which likely has a remote code execution flaw.

IT 204
article thumbnail

Agent Smith Android malware already infected 25 million devices

Security Affairs

‘Agent Smith’ is a new malware discovered by Check Point researchers that replaces legit Android Apps with malicious ones that infected 25 Million devices worldwide. Researchers at Check Point recently discovered a new variant of Android malware, dubbed Agent Smith, that has already infected roughly 25 million devices. The malware is disguised as a Google related application and exploits several known Android vulnerabilities to replace installed apps on the victim’s device with

IT 98
article thumbnail

Cybersecurity Firm McAfee Preps for Public Market Return

Data Breach Today

Firm Eyes IPO That Could Raise $1 Billion, The Wall Street Journal Reports Cybersecurity firm McAfee is reportedly planning a return to the public market, eyeing an IPO that could happen as early as later this year, raise $1 billion and value the company at $5 billion, The Wall Street Journal reports. The news comes amid a record volume of technology sector IPOs, including for Crowdstrike.

Marketing 160
article thumbnail

A new NAS Ransomware targets QNAP Devices

Security Affairs

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. NAS servers are a privileged target for hackers because they normally store large amounts of data.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Report: New Ransomware Targets QNAP Storage Devices

Data Breach Today

Attackers Demand Bitcoin Ransom After Encrypting Data A new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear and bypassing weak credentials using brute-force techniques, according to the security firm Anomali.

article thumbnail

Resetting Your GE Smart Light Bulb

Schneier on Security

If you need to reset the software in your GE smart light bulb -- firmware version 2.8 or later -- just follow these easy instructions : Start with your bulb off for at least 5 seconds. Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds Turn off for 2 seconds Turn on.

IT 92
article thumbnail

RiskIQ: Magecart Group Targeting Unsecured AWS S3 Buckets

Data Breach Today

Researchers Find Skimmers Designed to Skim Payment Data in 17,000 Domains A cybercriminal gang associated with the umbrella organization known as Magecart has been inserting malicious JavaScript into unsecured Amazon Web Service S3 buckets to skim payment card data, according to research published by RiskIQ. So far, 17,000 infected domains have been identified.

134
134
article thumbnail

Summer: A Time for Vacations & Cyberattacks?

Dark Reading

About a third of cybersecurity professionals believe that their companies see more cyberattacks during the summer, but the survey data does not convince on the reasons for the perception of a summer bump.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Legal Implications of the AMCA Data Breach

Data Breach Today

The relationship between American Medical Collection Agency and its laboratory clients affected by the company's data breach will be closely examined as breach-related lawsuits progress, says attorney Paul Hales, a HIPAA specialist, who explains why.

article thumbnail

Data Center Changes Push Cyber Risk to Network's Edge

Dark Reading

Changes in fundamental enterprise architectures coupled with shifts in human resources mean that companies are considering new risks to their infrastructure.

Risk 88
article thumbnail

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. The first vulnerability, tracked as CVE-2019-1132, affects the Win32k component and could be exploited to run arbitrary code in kernel mode.

article thumbnail

UK ICO Publishes New Guidance on the Use of Cookies and Similar Technologies

Data Matters

On 3 July 2019, the UK’s Information Commissioner’s Office (“ICO”) published new guidance on cookies and similar technologies (“Guidance”) in conjunction with a new blog post: “Cookies – what does ‘good’ look like?” which aims to provide “myth-busting” advice on common cookies uncertainties. You can find a full copy of the new guidance here and a link to the ICO’s blog post here.

GDPR 68
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

Intel Patch Tuesday updates for July 2019 address a serious flaw in Processor Diagnostic Tool and minor issue in the Solid State Drives (SSD) for Data Centers (DC). Intel’s Patch Tuesday security updates for July 2019 address a serious flaw in the Processor Diagnostic Tool and another issue in the Solid State Drives (SSD) for Data Centers (DC). The “high severity” vulnerability in the Processor Diagnostic Tool is tracked as CVE-2019-11133, it was rated with a CVSS score of 8.2 and Prior affects

article thumbnail

How to Catch a Phish: Where Employee Awareness Falls Short

Dark Reading

Advanced phishing techniques and poor user behaviors that exacerbate the threat of successful attacks.

Phishing 101
article thumbnail

Understanding macOS Catalina and Jamf Connect

Jamf

With the announcement of macOS Catalina for on-premises Active Directory users at 2019 WWDC, Jamf is pleased to report that Jamf Connect is still working exactly as it has in the past.

IT 75
article thumbnail

Everteam Solutions for Enhanced Cyber Security

Everteam

Data is changing the face of the world. It’s not just a buzzword we hear often and read about while browsing the internet, data today is the most valuable asset of any organization, business and industry. Having this value and playing this massive role, data must be well managed and highly secured, especially that today’s data is digitized and stored in virtual repositories that might become vulnerable and risky with the fast evolvement of technology.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

APT Groups Make Quadruple What They Spend on Attack Tools

Dark Reading

Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge.

88
article thumbnail

Wimbledon surfaces data insights for fan engagement

IBM Big Data Hub

The All England Lawn Tennis Club (AELTC) loves their data. During The Championships, Wimbledon , last year alone, IBM collected 4.5 million tennis data points covering every point in every match. In fact, the All England Club has data going all the way back to when The Championships started in 1877.

70
article thumbnail

Most Organizations Lack Cyber Resilience

Dark Reading

Despite increasing threats, many organizations continue to run with only token cybersecurity and resilience.

article thumbnail

OpenText Enterprise World 2019 – Day Two

OpenText Information Management

Muhi Majzoub gave his traditional technology-focused keynote in Toronto, emphasizing OpenText’s ongoing commitment to customer choice, partnership, and the good that technology can bring the world Day two of Enterprise World 2019 in Toronto kicked off with Muhi Majzoub, EVP, Engineering and Cloud Services at OpenText™ giving his traditional roundup of highlights from the past … The post OpenText Enterprise World 2019 – Day Two appeared first on OpenText Blogs.

Cloud 66
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The Security of Cloud Applications

Dark Reading

Despite the great success of the cloud over the last decade, misconceptions continue to persist. Here's why the naysayers are wrong.

Cloud 80
article thumbnail

Apple Disables Walkie-Talkie App Due to Eavesdropping Flaw

Threatpost

Apple has disabled the Walkie Talkie app from its Apple Watch products after a vulnerability was discovered enabling bad actors to eavesdrop on iPhone conversations.

IT 68
article thumbnail

Alaris E1000 Series Scanners Win Prestigious BLI Pick Award

Info Source

ROCHESTER, N.Y., July 11, 2019 – Following rigorous testing, including an extensive durability assessment and evaluation of key attributes such as usability, image quality and value, Keypoint Intelligence – Buyers Lab (BLI) has selected the Alaris E1000 Series Scanner as winner of the Summer 2019 Pick award for Outstanding Scanner for SMBs.