Wed.Dec 26, 2018

article thumbnail

GUEST ESSAY: The case for engaging in ‘threat hunting’ — and how to do it effectively

The Last Watchdog

Modern cyber threats often are not obvious – in fact it is common for them to lurk inside a business’ systems for a long time without anyone noticing. This is referred to as ‘dwell time’, and a recent report from the Ponemon Institute indicates that the average dwell time is 191 days. Related podcast: The re-emergence of SIEMs. In an ideal world there would no dwell time at all, and threats would be identified before they can penetrate business’ defenses.

IT 147
article thumbnail

QR Codes: The future with no security shake up

Thales Cloud Protection & Licensing

( Originally posted on Cards International). To reach its tipping point, cashless payment technology has come on a long way since the first magnetic stripe card almost 50 years ago. The development of chip and PIN addressed concerns over security, before the emergence of contactless catered to consumer demands for greater convenience. Today, a new stage in the evolution of payments is growing in popularity.

Security 100
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Security Affairs

Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. The campaign targeted organizations in the US and the UK, the attackers have been abusing Google Cloud Storage to deliver payload. The spam campaign uses messages including links that point to archive files such as.zip or.gz.

Cloud 92
article thumbnail

3 Steps for Cybersecurity Leaders to Bridge the Gender Equality Gap

Dark Reading

By encouraging female participation through education and retaining this interest through an inclusive culture and visible role models, we can begin to close the skill and gender gap in cybersecurity.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Human Rights by Design

Schneier on Security

Good essay: " Advancing Human-Rights-By-Design In The Dual-Use Technology Industry ," by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses can do far more than these basic measures. They could adopt a "human-rights-by-design" principle whereby they commit to designing tools, technologies, and services to respect human rights by default, rather than permit abuse or exploitation as part of their business model.

GDPR 78

More Trending

article thumbnail

Experts discovered a critical bug in Schneider Electric Vehicle Charging Stations

Security Affairs

A critical vulnerability affects Schneider Electric electric vehicle charging stations, the EVLink Parking systems. EVlink Parking charging solutions are usually in parking environments, including offices, hotels, supermarkets, fleets, and municipals. According to the company, the issue is tied to a hard-coded credential bug that could be exploited by attackers to gain access to the system.

Access 78
article thumbnail

10 Top Container and Kubernetes Security Vendors

eSecurity Planet

Containers can get applications running quickly, but that convenience comes with a number of security concerns. Here are the container security vendors that can help.

article thumbnail

Attackers Use Google Cloud to Target US, UK Banks

Dark Reading

Employees at financial services firms hit with an email attack campaign abusing a Google Cloud storage service.

Cloud 84
article thumbnail

Department of Commerce Updates Privacy Shield FAQs to Clarify Applicability to UK Personal Data

Hunton Privacy

On December 20, 2018, the Department of Commerce updated its frequently asked questions (“FAQs”) on the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks (collectively, the “Privacy Shield”) to clarify the effect of the UK’s planned withdrawal from the EU on March 29, 2019. The FAQs provide information on the steps Privacy Shield participants must take to receive personal data from the UK in reliance on the Privacy Shield after Brexit.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Spending Spree: What's on Security Investors' Minds for 2019

Dark Reading

Cybersecurity threats, technology, and investment trends that are poised to dictate venture capital funding in 2019.

article thumbnail

Twistlock: Container Security Product Overview and Analysis

eSecurity Planet

Twistlock's container security platform goes beyond containers to secure the entire cloud native stack, from the host OS to serverless functions.

article thumbnail

Top 2018 Security and Privacy Stories

Threatpost

The top cybersecurity and privacy trends that biggest impact in 2018.

Privacy 82
article thumbnail

Organizations need to rethink their data architectures and strategies

Information Management Resources

Emerging technologies, dwindling resources, and rapidly increasing data requirements will drive the need to re-evaluate our data architecture and strategy.

60
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Qualys Container Security: Product Overview and Analysis

eSecurity Planet

An in-depth look at Qualys Container Security, which discovers, tracks and secures containers from the DevOps pipeline to runtime deployments.

article thumbnail

Artificial intelligence enthusiasm outpacing adoption, study finds

Information Management Resources

Artificial intelligence and machine learning have become essential for organizations to stay competitive. But adoption is lagging even among key decision-makers championing change.

article thumbnail

Capsule 8: Container Security Product Overview and Analysis

eSecurity Planet

Capsule8 provides a real-time, zero-day attack detection platform capable of automatically disrupting attacks.

article thumbnail

19K Orange Livebox Modems Open to Attack

Threatpost

A simple flaw allows attackers to derive WiFi credentials with little effort.

65
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Sysdig: Container Security Product Overview and Analysis

eSecurity Planet

Our in-depth look at the Sysdig cloud-native intelligence platform, which monitors and secures millions of containers across hundreds of enterprises.

article thumbnail

i-Sigma Board Adopts New PRISM International Mission Statement

IG Guru

After many iterations and considerable wrangling, the i-SIGMA Board of Directors has approved a new Mission Statement for PRISM International. “The mission statement of any organization serves as the filter by which the Board determines the merits of its efforts,” say i-SIGMA Co-Chair Christopher Jones. “As a result, it deserves considerable thought and a broad […].

IT 40
article thumbnail

Aporeto: Container Security Product Overview and Analysis

eSecurity Planet

Aporeto's container security platform uses application context to enforce authentication, authorization, and encryption policies.

article thumbnail

The opportunities and challenges of a freelance data scientist

Information Management Resources

Richard Bradford shares his experiences of working as a freelance data scientist and gives advice for others considering the freelance route.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

StackRox: Container Security Product Overview and Analysis

eSecurity Planet

An in-depth look at the StackRox Container Security Platform, which provides security across the entire container life cycle.

article thumbnail

8 key tech themes from 2018

Information Management Resources

Similar to 2017, a common thread is disillusionment about technology or the companies behind it.

IT 32
article thumbnail

Aqua Security: Container Security Product Overview and Analysis

eSecurity Planet

The Aqua Container Security Platform supports Linux and Windows containers and on-premises and cloud environments.

article thumbnail

It’s Not Facebook’s Fault: Our Shadow Internet Constitution

John Battelle's Searchblog

Those of us fortunate enough to have lived through the birth of the web have a habit of stewing in our own nostalgia. We’ll recall some cool site from ten or more years back, then think to ourselves (or sometimes out loud on Twitter ): “Well damn, things were way better back then.” Then we shut up. After all, we’re likely out of touch, given most of us have never hung out on Twitch.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Alert Logic: Container Security Product Overview and Analysis

eSecurity Planet

Alert Logic uses machine learning, data analytics and expert analysis to quickly detect container threats.

article thumbnail

How China Helped Make the Internet Less Free in 2018

WIRED Threat Level

Tech companies, democratic governments, and civil society need to work together to fight back against growing surveillance and censorship online.

article thumbnail

Anchore: Container Security Product Overview and Analysis

eSecurity Planet

Anchore offers open source, cloud and on-premises versions of its container security platform.