Data Breach Today
SEPTEMBER 24, 2018
Massive Credit Bureau Stored Users' Plaintext Passwords in Testing Environment Massive, well-resourced companies are still using live customer data - including their plaintext passwords - in testing environments, violating not just good development practices but also privacy laws. That's yet another security failure takeaway from last year's massive Equifax breach.
Krebs on Security
SEPTEMBER 24, 2018
If you’re thinking of donating money to help victims of Hurricane Florence , please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent. For the past two weeks, KrebsOnSecurity has been monitoring dozens of new domain name registrations that include the terms “hurricane” and/or “flor
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 24, 2018
More Than 3 Million Users' DMs Leaked to Third Parties Twitter has fixed a bug that sometimes sent a user's direct messages not only to the specified recipient, but also to unrelated external developers. The social networking service is notifying more than 3 million affected users and has requested that unintended recipients delete the messages.
The Last Watchdog
SEPTEMBER 24, 2018
The recent hack of social media giant Reddit underscores the reality that all too many organizations — even high-visibility ones that ought to know better — are failing to adequately lock down their privileged accounts. Related: 6 best practices for cloud computing. An excerpt from Reddit’s mea culpa says it all: “On June 19, we learned that between June 14 and June 18, an attacker compromised a few of our employees’ accounts with our cloud and source code hosting providers.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
SEPTEMBER 24, 2018
$230,000 in Penalties After Two Insider Breaches A HIPAA-related enforcement case in Massachusetts involving two insider breaches alleges a trail of missteps, including failure to take prompt action after receiving tips about potential misuse of patient information. What can other entities learn from the mistakes?
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 24, 2018
Check Point's Robert Falzon on Preparing for the Changes to Come The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face. Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them.
Security Affairs
SEPTEMBER 24, 2018
Researchers from ReversingLabs and Cisco Talos have uncovered a new Adwind campaign that targets Linux, Windows, and macOS systems. Security experts from ReversingLabs and Cisco Talos have spotted a new Adwind campaign that targets Linux, Windows, and macOS systems. Adwind is a remote access Trojan (RAT), the samples used in the recently discovered campaign are Adwind 3.0 RAT and leverage the Dynamic Data Exchange (DDE) code injection attack on Microsoft Excel.
Data Breach Today
SEPTEMBER 24, 2018
Kenrick Bagnall of Toronto Police on How to Be Prepared for Cybercrime Kenrick Bagnall, a former IT executive who is now a detective constable with the Toronto Police, offers unique insights on public/private partnerships and how enterprises can work better with investigators in the event of a breach.
Security Affairs
SEPTEMBER 24, 2018
A security researcher discovered a bug affecting Firefox on Mac, Linux, and Windows that could crash the browser and in some cases the underlying OS. The security researcher Sabri Haddouche from Wire discovered a bug that affects Firefox on Mac, Linux, and Windows that could crash the browser and in some cases the underlying PC. Haddouche was focusing its analysis on vulnerabilities that affect major browsers (Chrome, Safari (WebKit), and Firefox), he published his findings on the Browser Rea
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
SEPTEMBER 24, 2018
Michael Lynch of InAuth on Leveraging Device and User Data to Combat to Mitigate the Threat With the abundance of PII available on the dark web, there has been an explosion of synthetic identity fraud. Michael Lynch of InAuth discusses how device and user data can be leveraged to combat the fraudulent opening of new accounts.
John Battelle's Searchblog
SEPTEMBER 24, 2018
Or, Will Nature Just Shrug Its Shoulders? If you pull far enough back from the day to day debate over technology’s impact on society – far enough that Facebook’s destabilization of democracy, Amazon’s conquering of capitalism, and Google’s domination of our data flows start to blend into one broader, more cohesive picture – what does that picture communicate about the state of humanity today?
Data Breach Today
SEPTEMBER 24, 2018
The biggest security budget in the business cannot save you from also suffering one of the biggest breaches. The key is: Do you have the right skills and technology deployed to defend your critical assets? Michael Malone and Ben Johnson of Datashield, an ADT company, make the case for outsourcing.
Dark Reading
SEPTEMBER 24, 2018
The change is a complete departure from Google's previous practice of keeping sign-in for Chrome separate from sign-ins to any Google service.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
SEPTEMBER 24, 2018
Not only are we now seeing the most powerful DDoS attacks ever recorded, but they also are leveraging the ever-growing army of IoT devices. Gary Sockrider of NETSCOUT Arbor offers advice for detection and defense.
Data Matters
SEPTEMBER 24, 2018
The expert committee set up by the Government of India recently published a new draft data privacy draft bill called the Personal Data Protection Draft bill 2018 along with a detailed companion report. This significant development brings India closer to a comprehensive law for personal data protection. The draft bill is modelled on the European Union’s General Data Protection Regulation ( GDPR ).
Data Breach Today
SEPTEMBER 24, 2018
Qadium's Matt Kraning on Lessons Learned From Review of Top Financial Networks Financial service organizations have networks that are larger and more dynamic than ever - and so are their network security risks. Matt Kraning of Qadium shares the results of a new review and how organizations can respond to it.
Security Affairs
SEPTEMBER 24, 2018
Cisco has patched a critical vulnerability in the Cisco Video Surveillance Manager (VSM) could be exploited by an unauthenticated remote attacker to gain root access. Cisco has fixed a critical vulnerability in the Cisco Video Surveillance Manager software running on some Connected Safety and Security Unified Computing System (UCS) platforms. The flaw could give an unauthenticated, remote attacker the ability to execute arbitrary commands as root on targeted systems.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Hunton Privacy
SEPTEMBER 24, 2018
Recently, the UK Information Commissioner’s Office (“ICO”) fined credit rating agency Equifax £500,000 for failing to protect the personal data of up to 15 million UK individuals. The data was compromised during a cyber attack that occurred between May 13 and July 30, 2017, which affected 146 million customers globally. Although Equifax’s systems in the U.S. were targeted, the ICO found the credit agency’s UK arm, Equifax Ltd, failed to take appropriate steps to ensure that its paren
Dark Reading
SEPTEMBER 24, 2018
At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.
WIRED Threat Level
SEPTEMBER 24, 2018
The latest update to Google's browser has riled privacy advocates by appearing to log people in without their explicit permission.
IT Governance
SEPTEMBER 24, 2018
Organisations are beginning to acknowledge the threat of data breaches, but they aren’t doing enough to prevent them, a UK government report has found. According to the Cyber Security Breaches Survey 2018 , 74% of businesses and 53% of charities say that their organisation’s senior management considers cyber security a high priority, but only 30% of businesses and 24% of charities said board members or trustees have any kind of cyber security responsibility.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Information Management Resources
SEPTEMBER 24, 2018
It is now three months since the European Union’s General Data Protection Regulation came into effect, and anxieties about the legislation, which flowed through our industries before its implementation, remain commonplace.
Threatpost
SEPTEMBER 24, 2018
Chrome users are now automatically signed into the browser if they're signed into any other Google service, such as Gmail.
OpenText Information Management
SEPTEMBER 24, 2018
During a recent American Marketing Association and OpenText™ Hightail webinar, content strategy consultant/expert Noz Urbina outlined one of the biggest marketing challenges today: making content contextually appropriate on any channel. “Everybody wants relevant content, and they want it across many devices and channels,” Urbina says. “But organizations aren’t really built that way.
WIRED Threat Level
SEPTEMBER 24, 2018
The latest batch of hardware-based tokens from Yubico will eventually let you skip the password altogether.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
SEPTEMBER 24, 2018
While the concept may sound appealing, it's rife with drawbacks and dangers.
Threatpost
SEPTEMBER 24, 2018
There are currently no mitigations for the Firefox attack, a researcher told Threatpost.
Dark Reading
SEPTEMBER 24, 2018
For cybercriminals, the Dark Web grows more profitable every day.
Expert insights. Personalized for you.
214 
Let's personalize your content