Fri.Mar 01, 2019

article thumbnail

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

The Last Watchdog

There’s a frantic scramble going on among those responsible for network security at organizations across all sectors. Related: Why we’re in the Golden Age of cyber espionage. Enterprises have dumped small fortunes into stocking their SOCs (security operations centers) with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can buy.

article thumbnail

Facebook's Cryptocoin: A Disguised PayPal on a Blockchain?

Data Breach Today

Critics Question Whether Move Is Just 'Marketing Fluff' Facebook is edging closer to launching its own cryptocurrency, with a rollout expected this year, The New York Times reports. But some critics argue that the project seems more like a trendy and unnecessary redressing of a PayPal-like system with a blockchain.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Adapt or die: The only constant in technology is change

DXC Technology

Here’s a list of 10 companies. See if you can guess what they have in common. AOL Yahoo! Geocities MSN Netscape Excite Lycos Microsoft American Greetings Infoseek So how are these companies linked? They were the 10 most-visited web properties in 1998, according to Media Metrix. Now here’s another list of companies, this from Comscore […].

article thumbnail

Bridging the Cybersecurity Skills Gap

Data Breach Today

The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Cisco addressed CVE-2019-1663 RCE flaw in wireless routers

Security Affairs

Cisco addressed CVE-2019-1663 critical flaw in several wireless routers that could be exploited by attackers to remotely execute code on the impacted devices. Cisco released security updates to address a critical flaw (CVE-2019-1663) in several wireless routers that could be exploited by attackers to remotely execute code on the impacted devices. The CVE-2019-1663 flaw received a CVSS score of 9.8, the issue resides in the web-based management interface of three router models and is caused by th

Access 83

More Trending

article thumbnail

How press reacted to the data and AI news from Think 2019

IBM Big Data Hub

IBM Think 2019 brought a huge week of news for data professionals. IBM executives took to the stage and announced a wide range of new developments in the world of data and AI.

81
article thumbnail

The Challenges of Implementing Next-Generation IAM

Data Breach Today

Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.

Cloud 166
article thumbnail

Emissary Panda updated its weapons for attacks in the past 2 years

Security Affairs

Experts analyzed tools and intrusion methods used by the China-linked cyber-espionage group Emissary Panda in attacks over the past 2 years. This morning I wrote about a large-scale cyber attack that hit the I nternational Civil Aviation Organization (ICAO) in November 2016, Emissary Panda was suspected to be the culprit. Experts at Secureworks reports who investigated the incident, now reveal that the same threat actor used an array of tools and intrusion methods in attacks over the past 2 year

IT 78
article thumbnail

Data Leakage from Encrypted Databases

Schneier on Security

Matthew Green has a super-interesting blog post about information leakage from encrypted databases. It describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson. Even the summary is too much to summarize, so read it.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Security Affairs

Canadian media revealed that in November 2016, the International Civil Aviation Organization (ICAO) was a hit by a large-scale cyberattack. The security breach was discovered by an analyst at Lockheed Martin that immediately informed the organization. The expert discovered that hackers took control of two of its servers to carry out a so-called watering hole attack aimed at infecting people accessing the sites hosted on the servers. “The ICAO had been targeted by a watering hole, or an att

article thumbnail

OpenText at RSA: Detection and response from the bottom up

OpenText Information Management

It’s 2019, yet the fact still remains: attackers can compromise a network in a matter of minutes, but only a fraction of breaches are discovered as quickly. Most breaches – 68% according to the latest Verizon Data Breach Investigations Report (DBIR) – go undetected for months. The graphic below from the DBIR provides a sobering … The post OpenText at RSA: Detection and response from the bottom up appeared first on OpenText Blogs.

article thumbnail

Cybaze-Yoroi ZLab analyze GoBrut: A new GoLang Botnet

Security Affairs

Cybaze -Yoroi ZLab analyze a new GoLang botnet named GoBrut, the investigation allowed to discover that the bot supports a lot more features. Introduction. Malware written in Go programming language has roots almost a decade ago, few years after its first public release back in 2009: starting from InfoStealer samples discovered since 2012 and abused in cyber-criminal campaigns, to modern cyber arsenal like the Sofacy one.

article thumbnail

Security Pros Agree: Cloud Adoption Outpaces Security

Dark Reading

Oftentimes, responsibility for securing the cloud falls to IT instead of the security organization, researchers report.

Cloud 90
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Four reasons to consider a centralized filing system

TAB OnRecord

To centralize or not to centralize? It is one of the most common questions in records management. While physically separate file collections can create extra work in terms of management and file retrieval, many records managers are reluctant to adopt a centralized system. Not only does it require a lot of work, it also has the potential to disrupt business activities.

article thumbnail

A guide to the PCI DSS’s vulnerability scanning and penetration testing requirements

IT Governance

Organisations that handle payment card information are legally required to regularly scan and test their systems, but too few understand that these are separate things. Any organisations that process, transmit or store cardholder data must comply with the PCI DSS (Payment Card Industry Data Security Standard). This is a complex set of requirements, which includes the need to conduct regular vulnerability scans and penetration tests to identify weaknesses that could be exploited by cyber criminal

article thumbnail

Security Experts, Not Users, Are the Weakest Link

Dark Reading

CISOs: Stop abdicating responsibility for problems with users - it's part of your job.

article thumbnail

2019 RSA Conference Preview: An Insider's Guide to What's Hot

eSecurity Planet

Wondering what to see at the 2019 RSA Conference? Our preview of the world's largest cybersecurity conference will point you in the right direction.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Encryption Offers Safe Haven for Criminals and Malware

Dark Reading

The same encryption that secures private enterprise data also provides security to malware authors and criminal networks.

article thumbnail

Digital transformation escalates compliance challenges

Thales Cloud Protection & Licensing

Digital transformation is changing the face of the modern data-driven enterprise. The 2019 Thales Data Threat Report-Global Edition found that 97% of organizations surveyed are implementing digital transformation with 37% reporting aggressive transformation. Digital transformation is essential for enterprises to serve customers better, improve operational efficiency and ultimately create key competitive advantages.

article thumbnail

How the Fourth Industrial Revolution will disrupt data management

Information Management Resources

Robotics, artificial intelligence, 3D printing. These technologies are all helping to fuel the Fourth Industrial Revolution, the impact of which will create a seismic shift in how businesses compete and succeed.

article thumbnail

10 Vendors Set to Innovate at RSA Conference 2019

eSecurity Planet

Hundreds of vendors exhibit at the annual cybersecurity event, but only 10 are finalists in the 2019 Innovation sandbox contest. Find out who they are.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Threatpost

Using an on-again, off-again strategy of C2 communication helps it hide from researchers.

article thumbnail

UK: The ICO and the FCA Agree on Strengthened Co-operation and Collaboration

DLA Piper Privacy Matters

The Information Commissioner’s Office ( ICO ) has announced that it has signed an updated Memorandum of Understanding ( MoU ) with the Financial Conduct Authority ( FCA ). This MoU establishes a framework for cooperation, coordination and information sharing between the two parties. The MoU sets out the principles of collaboration and the legal framework governing the sharing of relevant information and intelligence.

article thumbnail

Adobe Patches Critical ColdFusion Vulnerability With Active Exploit

Threatpost

Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product.

IT 67
article thumbnail

From the Trenches – Deploying Airline Baggage Tracking around the globe

RFID Global Solution, Inc.

From the Trenches – Deploying Airline Baggage Tracking Infrastructure at 120 airports worldwide. Each year, Delta customers check more than 120 million bags as they travel. In 2016, Delta became the first airline to roll out RFID bag tags and provide customers with real-time tracking of their bags throughout their travel experience. RFID Global teamed with IBM to lead the design and deployment of a solution comprised of 4,600 scanners, 3,800 RFID printers and 600 pier and claim readers, integrat

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Podcast: RSA Conference 2019 Preview

Threatpost

The Threatpost team talks about the biggest cybersecurity stories, trends and research we'll see at RSA this year.

article thumbnail

The Top Reasons Your Business Needs a File Retention and Storage Plan

Archive Document Data Storage

You can’t throw documents in boxes, tuck them away in a closet, and expect success for your business. Halfhearted document management practices lead to lost productivity, unnecessary audits, and regulatory non-compliance. Here are several reasons your business needs a good file storage and management plan. Reduced Costs. For many organisations, regulatory requirements dictate how long documents must be kept for.

article thumbnail

Four ways content services drives a more Intelligent and Connected Enterprise

OpenText Information Management

Digital information is exploding across the enterprise. Integrating content services can dramatically improve efficiencies and achieve better business outcomes, connecting digital content to enterprise systems where business users can easily access and use it. Content services build on your organization’s existing ECM platform to make it more flexible and holistic — creating information flows that … The post Four ways content services drives a more Intelligent and Connected Enterprise appe