Data Breach Today
JANUARY 25, 2019
How can a large healthcare delivery system efficiently handle identity and access management for thousands of clinicians and other users of patient data? Robert Siebenthaler of PeaceHealth explains how his organization, which operates 10 medical centers, has developed a fine-tuned, role-based approach.
Krebs on Security
JANUARY 25, 2019
The U.S. Justice Department has filed criminal charges against three U.S. men accused of swatting, or making hoax reports of bomb threats or murders in a bid to trigger a heavily armed police response to a target’s address. Investigators say the men, aged 19 to 23, all carried out the attacks with the help of Tyler Barriss , a convicted serial swatter whose last stunt in late 2018 cost Kansas man his life.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JANUARY 25, 2019
Restricted Data Access Required by Anti-Money Laundering and Anti-Terrorism Laws Massive data brokers - Equifax, Experian, Illion and others - are leveraging Australia's electoral roll, which is a tightly held and valuable batch of data. While this little-known practice might sound alarming, in fact it's required under Australia's anti-money laundering and anti-terrorism rules.
Security Affairs
JANUARY 25, 2019
The security expert Dirk- jan Mollema with Fox-IT discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user with a mailbox to become a Domain Admin. The experts described the attack scenario in a blog post and published a proof-of-concept code. “In most organisations using Active Directory and Exchange, Exchange servers have such high privileges that being an Administrator on an Exchange server is enough to escalate to Domain Admin.” wrot
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
JANUARY 25, 2019
The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
JANUARY 25, 2019
At AIIM, we believe that every organization is on — or should be on — a Digital Transformation journey. How effectively you navigate this journey relies on how adept your organization is at combatting the rising tide of information chaos. This requires new strategies and skills that extend beyond traditional ECM. We call this modern approach Intelligent Information Management.
WIRED Threat Level
JANUARY 25, 2019
David Carroll has been locked in a legal war to force the infamous company to turn over its files on him. He’s won a battle, but the struggle continues.
John Battelle's Searchblog
JANUARY 25, 2019
This is an edited version of a series of talks I first gave in New York over the past week, outlining my work at Columbia. Many thanks to Reinvent, Pete Leyden, Cap Gemini, Columbia University, Cossette/Vision7, and the New York Times for hosting and helping me. Prelude. I have spent 30-plus years in the tech and media industries, mainly as a journalist, observer, and founder of companies that either make or support journalism and storytelling.
Adam Levin
JANUARY 25, 2019
Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes. One of the larger threats outlined in the report was the Emotet Trojan, a sophisticated malware program capable of data theft, network monitoring, and propagating itself onto other vulnerable systems, and the Trickbot Trojan that steals passwords and browser histories from infected machines.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Schneier on Security
JANUARY 25, 2019
Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems. Furthering the debate, Nate Cardozo and Seth Schoen of EFF explain how this sort of backdoor can be detected: In fact, we think when the ghost feature is active -- silently inserting a secret eavesdropping member into an otherwise end-to-end encrypted conversation in the manner described by the GCHQ authors -- it could be detected (by the target as well as certain third parties) with at least fou
Security Affairs
JANUARY 25, 2019
Security experts from Cybaze -Yoroi ZLab investigated two malicious spam campaigns delivering Java RAT that show some similarities. Introduction. During the last weeks, the Cybaze-Yoroi ZLab researchers identified infection attempts aimed to install RAT malware directed to the naval industry sector. The malicious email messages contained a particular Adwind /JRat variant delivered via several methods tailored to lure the target company.
Dark Reading
JANUARY 25, 2019
Recent statistics show just how much credential stealing has become a staple in the attacker playbook.
Security Affairs
JANUARY 25, 2019
Security experts observed two distinct campaigns distributing the Ursnif malware , one of them also delivered the GandCrab ransomware. Experts pointed out that the cybercrime gangs behind the two campaigns are different, but they discovered many similarities in them. Attackers spread phishing messages using weaponized Microsoft Word document and leverages Powershell to deliver fileless malware.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
JANUARY 25, 2019
Security pros know all too well that following basic privacy guidelines can cut down on human errors that can lead to serious security breaches.
eSecurity Planet
JANUARY 25, 2019
We review nine of the top web application firewall (WAF) products to help you protect web-facing applications.
Jamf
JANUARY 25, 2019
Founded in 2013, the Jamf Nation Global Foundation (JNGF) was created to enrich the communities where we live and work.
Dark Reading
JANUARY 25, 2019
In a talk at the World Economic Forum, Microsoft's CEO voiced support for GDPR and expressed hope the United States creates a similar approach to privacy.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
JANUARY 25, 2019
Facebook's effort to combine its major chat platforms could create minefields for users who rely on end-to-end encryption.
Dark Reading
JANUARY 25, 2019
In cybersecurity, as in history, security leaders who forget the lessons of the past will be doomed to repeat them.
Troy Hunt
JANUARY 25, 2019
So it's been a bit of a crazy week. I got onto the plane in Australia on Thursday evening just as Europe was waking up to the news of the 773M email address credential stuffing list I loaded into HIBP. And then the flood began; blog comments, emails, tweets - it was an absolute deluge. I spent the flight fielding the ones I could, landed in Oslo and dealt with more on the way up the mountain then frankly, got there and tuned out.
Hunton Privacy
JANUARY 25, 2019
On December 29, 2018, the UK Information Commissioner’s Office announced that Elizabeth Denham, UK Information Commissioner, was awarded a CBE for her services to protecting information. Denham’s award was announced in the United Kingdom’s 2019 New Year’s Honours list. This honor reflects Denham’s achievements as the UK Information Commissioner and the enhanced leadership, visibility and impact that she has brought to the role and the Office.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Information Management Resources
JANUARY 25, 2019
A lot has been written about AI over the last year, but much of what has been offered for public consumption has been superficial and, in some cases, misleading.
Dark Reading
JANUARY 25, 2019
The nation suspects Russia's hand in the attacks, which seem aimed at disrupting the upcoming presidential election.
Threatpost
JANUARY 25, 2019
LabKey Server version 18.3.0-61806.763, released on January 16, patches all three issues, so users should update as soon as possible.
OpenText Information Management
JANUARY 25, 2019
The landscape of digital forensic investigations is continually evolving. Skilled investigators are in high demand and organizations need to ensure their investigative staff are properly trained with the latest tools, techniques and best practices. That’s why OpenText™ offers a training program that fits the needs of any investigator. Whether you’re just beginning your career or are a … The post Learn digital forensic skills to advance your career appeared first on OpenText Blogs.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Information Management Resources
JANUARY 25, 2019
Proposed legislation in Oregon would ban the unauthorized sale of de-identified healthcare data and enable individuals to have control over their information.
Threatpost
JANUARY 25, 2019
From a massive GDPR fine on a big tech company, to an emergency government security alert, here are the top security stories of the week.
Hunton Privacy
JANUARY 25, 2019
The Illinois Supreme Court ruled today that an allegation of “actual injury or adverse effect” is not required to establish standing to sue under the Illinois Biometric Information Privacy Act, 740 ILCS 14 (“BIPA”). This post discusses the importance of the ruling to current and future BIPA litigation. The Illinois Supreme Court rendered a decision on January 25, 2019, that gives the green light to certain plaintiffs seeking redress under the BIPA.
Expert insights. Personalized for you.
197 
Let's personalize your content