Krebs on Security

JULY 23, 2018

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. A YubiKey Security Key made by Yubico. The basic model featured here retails for $20. Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in

Phishing 218

Phishing Security Authentication Passwords 218

Data Breach Today

JULY 23, 2018

Russians Tied to Hack Attacks, But 'Two-Factor' No Silver Bullet, Google Warns Spear phishing attacks are in the news again following the Justice Department's indictment of Russian military intelligence officers for alleged attacks against U.S. politicians and county and state election boards. Here's how to play better phishing defense.

Phishing 167

Phishing Military 167

The Last Watchdog

JULY 23, 2018

If you’re not familiar with how Facebook, Twitter and YouTube make it so easy for you and me to easily access cool content they’ve collected and stored behind their respective firewalls, then you might think “API” is a trendy type of beer. In fact, API stands for Application Programming Interface, the indispensable technology that makes it possible for software applications to exchange data across the Internet.

Digital transformation 104

Digital transformation Security Encryption Authentication 104

Data Breach Today

JULY 23, 2018

Bigger Organizations 'Have Invested Wisely' in Breach Prevention. What About Smaller Ones? Hacker attacks are still dominating the data breaches added to the official federal tally so far this year. But compared to the mega-breaches of past years, this year's biggest hacks have been relatively small. Some security experts offer theories for why that's the case.

Data breaches 157

Data breaches Security 157

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

AIIM

JULY 23, 2018

In “ The State of Intelligent Information Management: Getting Ahead of the Digital Transformation Curve ,” AIIM made the case that every organization is on – or should be on! – a Digital Transformation journey. The heart of this Transformation journey is understanding, anticipating, and redefining internal and external customer experiences. AIIM believes that Digital Transformation effectiveness is imperiled by a rising tide of information chaos and confusion, and that rising tide of information

Digital transformation 86

Digital transformation Customer Experience Blockchain Paper 86

IT Governance

JULY 23, 2018

The GDPR. We’ve all heard a great deal about it over the last few months, and your inbox has probably been filled to bursting with privacy policy updates from every company you’ve ever bought from. The General Data Protection Regulation, which came into force in May 2018, has reformed the laws around processing the personal data of EU residents. It also requires all public bodies and many private entities to appoint a DPO (data protection officer).

GDPR 68

GDPR Personal data Compliance Privacy 68

Data Breach Today

JULY 23, 2018

Cisco's Michelle Dennedy on theSignificance of New Privacy Laws Barely one month after the enforcement date of the EU's General Data Protection Regulation, California passed its own landmark new data privacy legislation. Cisco Chief Privacy Officer Michelle Dennedy discusses this new law and what it says about the business value of data privacy.

Privacy 100

Privacy GDPR Data Privacy IT 100

IT Governance

JULY 23, 2018

The EU GDPR (General Data Protection Regulation) is very much alive and kicking. However, despite the number of leaked records in June amounting to 145,942,680, the nation seems to be waiting with bated breath to see what will happen next. What steps will the ICO (Information Commissioner’s Office) take to ensure organisations adhere to the Regulation?

GDPR 63

GDPR Data breaches Phishing Risk 63

Data Breach Today

JULY 23, 2018

Lastline CEO Chris Kruegel on How to Get to the Heart of Defending Critical Data Breach defense is a strategic business issue for most enterprises, but too many cybersecurity solutions rely more on flash than substance, says Lastline CEO Chris Kruegel. It's time to start talking about true breach defense.

Data breaches 100

Data breaches Cybersecurity IT 100

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

IT Governance

JULY 23, 2018

If your organisation is an OES ( operator of essential services ) and within the scope of the NIS Regulations (The Network and Information Systems Regulations 2018), you must register with your relevant competent authority by 20 August 2018. The NIS Regulations became UK law on 10 May 2018. It transposes the NIS Directive (Directive on security of network and information systems) into national law and applies to certain organisations that offer services to EU organisations and residents and that

Compliance 61

Compliance Security IT 61

Data Breach Today

JULY 23, 2018

FBI's Elvis Chan on How to Deter Foreign Meddling in Fall Vote With the topic of election security buzzing, Elvis Chan of the FBI has two primary concerns about the upcoming midterm elections: The cybersecurity of the election systems and protecting people from the influence of foreign adversaries such as Russia.

Security 100

Security Cybersecurity 100

Schneier on Security

JULY 23, 2018

The 1Password password manager has just introduced "travel mode," which allows you to delete your stored passwords when you're in other countries or crossing borders: Your vaults aren't just hidden; they're completely removed from your devices as long as Travel Mode is on. That includes every item and all your encryption keys. There are no traces left for anyone to find.

Passwords 55

Passwords Encryption IT 55

Data Breach Today

JULY 23, 2018

IBM's Shaked Vax on Validating Digital Identities with Physical Identities to Protect Accounts In the wake of so many mega-breaches, new account fraud is easier to perpetrate than account takeovers. This puts new pressure on enterprises to know their digital customers, as well as to authenticate their identities and activities, says Shaked Vax of IBM Security.

Authentication 100

Authentication Security 100

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JULY 23, 2018

The U.S. government should opt to carry out hack backs as retaliation against the massive attacks against organizations in the US private sector. The U.S. government should opt to carry out hack backs as retaliation against the massive attacks against organizations in the US private sector, and when appropriate, the military’s hacking unit should hit back, this is what three experts said at a panel organized by APCO.

IT 56

IT Military Government Risk 56

IT Governance

JULY 23, 2018

An organisation’s policies are at the heart of its business operations. They detail exactly how employees should handle certain issues, ensuring that everybody is on the same page and following agreed best practices. Effective policies are all the more important now that the EU GDPR (General Data Protection Regulation) is in place. Dave Rickard, technical director at CIPHER Security, says the GDPR has emphasised the need for data protection policies.

GDPR 51

GDPR Passwords Encryption Phishing 51

Security Affairs

JULY 23, 2018

Researchers from the University of California, Riverside (UCR) have devised a new Spectre CPU side-channel attack called SpectreRSB. SpectreRSB leverage the speculative execution technique that is implemented by most modern CPUs to optimize performance. Differently, from other Spectre attacks, SpectreRSB recovers data from the speculative execution process by targeting the Return Stack Buffer (RSB). “rather than exploiting the branch predictor unit, SpectreRSB exploits the return stack b

Paper 54

Paper Access IT Security 54

Dark Reading

JULY 23, 2018

The open-source Data Transfer Project, intended to simplify and protect data transfer across apps, comes at a sensitive time for many of the participating organizations.

49

49

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

JULY 23, 2018

Sony fixed 2 remotely exploitable flaws in Sony IPELA E Series Network Camera products that could be exploited to execute commands or arbitrary code. Sony addressed two remotely exploitable flaws in Sony IPELA E Series Network Camera products that could be exploited to execute commands or arbitrary code on affected devices. The first vulnerability, tracked as CVE-2018-3937, is a command injection issue that affects the measurementBitrateExec features implemented in the IPELA E Series Network Cam

Security 53

Security IoT IT 53

OpenText Information Management

JULY 23, 2018

At our recent OpenText™ Enterprise World 2018, there was a great deal of talk about two things: how companies have digitally transformed their business and how Enterprise Information Management (EIM) is changing to help digital business succeed both today and in the future by being intelligent and connected businesses. Connected is synonymous with the car … The post It’s time to rethink EIM in the automotive sector appeared first on OpenText Blogs.

Digital transformation 45

Digital transformation Customer Experience IT 45

Security Affairs

JULY 23, 2018

Researchers at CSE Cybsec ZLab analyzed a malicious code involved in a long-term espionage campaign in Syria attributed to Chinese APT27 group. A few days ago, the security researcher Lukas Stefanko from ESET discovered an open repository containing some Android applications. The folder was found on a compromised website at the following URL: hxxp://chatsecurelite.uk[.]to.

Security 49

Security IT 49

Dark Reading

JULY 23, 2018

The new London Protocol from the Certificate Authority Security Council/Browser Forum aims to minimize the possibility of phishing activity on high-value identity websites.

Ransomware 44

Ransomware Phishing Security 44

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

JULY 23, 2018

Ford, Toyota, GM and Tesla among car companies impacted by leaky backup service used by third-party firm.

Privacy 59

Privacy Security 59

eSecurity Planet

JULY 23, 2018

UTM appliances offer a quick path to comprehensive security for SMBs, but features differ among vendors. Here's a comprehensive look at top UTM solutions.

Security 46

Security 46

The Security Ledger

JULY 23, 2018

In this week’s podcast: a report out last week from The Institute for the Future makes clear that state sponsored trolling has gone global and is now a go-to tool for repressive regimes worldwide, constituting a new form of human rights abuse. Ben Nimmo of The Atlantic Council joins us to discuss. Also: ransomware is one of the most. Read the whole entry. » Related Stories Podcast Episode 91: Fighting Fake News with or without Facebook and whats with all the Cryptojacking?

Ransomware 40

Ransomware Communications IT Security 40

Dark Reading

JULY 23, 2018

Upcoming Black Hat talk will detail software vulnerabilities that can put private cryptocurrency wallets and currency exchange services at risk.

Risk 44

Risk 44

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Threatpost

JULY 23, 2018

Facebook is launching an investigation into whether Crimson Hexagon’s collection of public user data was a violation of its data policies.

Analytics 44

Analytics IT Privacy Security 44

Dark Reading

JULY 23, 2018

The scheme targeted US residents with fraudulent phone calls and conned victims out of hundreds of millions of dollars.

47

47

eSecurity Planet

JULY 23, 2018

We review WatchGuard's Firebox unified threat management (UTM) solutions, which offer enterprise-grade security at a price small organizations can afford.

Security 40

Security 40