Data Breach Today
AUGUST 13, 2020
Cyberecurity Training Center Wants Others to Learn From Phishing Attack The SANS Institute, which is known for its cybersecurity training courses, is now planning to turn its own data breach into a teachable moment for its membership.
Hunton Privacy
AUGUST 13, 2020
Earlier this year, The Retail Equation, a loss prevention service provider, and Sephora were hit with a class action lawsuit in which the plaintiff claimed Sephora improperly shared consumer data with The Retail Equation without consumers’ knowledge or consent. The plaintiff claimed The Retail Equation did so to generate risk scores that allegedly were “used as a pretext to advise Sephora that attempted product returns and exchanges are fraudulent and abusive.”.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
AUGUST 13, 2020
Guidelines Describe Deployment Scenarios The National Institute of Standards and Technology has released the final version of its "zero trust" architecture guidelines that provide a road map for using the architecture in security programs.
erwin
AUGUST 13, 2020
For enterprise architecture, success is often contingent on having clearly defined business goals. This is especially true in modern enterprise architecture, where value-adding initiatives are favoured over strictly “foundational,” “keeping the lights on,” type duties. But what does enterprise architecture success look like? Enterprise architecture is central to managing change and addressing key issues facing organizations.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
AUGUST 13, 2020
Justice Department Describes How Groups Raised Funds The U.S. Justice Department has seized more than $2 million worth of cryptocurrency from terrorists groups who solicited donations via social media and waged fraud campaigns.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
AUGUST 13, 2020
For-Hire Hackers Tied to Attacks in Canada, U.K., Russia and Beyond Since 2018, an advanced persistent threat group dubbed RedCurl, which has served as a team of for-hire hackers specializing in corporate espionage, has hit at least 14 targets in Canada, Russia, the U.K. and beyond, says cybersecurity firm Group-IB.
Security Affairs
AUGUST 13, 2020
A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. He claims the databases contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video site, 15,000 records from the hunting site muleyfreak.com, and 24,000 user records from the Kratom site deepjunglekratom.com.
Data Breach Today
AUGUST 13, 2020
Victim Count in Magellan Health's April Ransomware Attack Still Climbing Why has the tally of major health data breaches - and the number of individuals affected - spiked in recent weeks? Here's an analysis of the latest trends.
Security Affairs
AUGUST 13, 2020
The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group. The name comes from drovo [?????
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
AUGUST 13, 2020
Fortinet's FortiGuard Labs is out with its latest Global Threat Landscape Report, and it tracks cyber adversaries exploiting the COVID-19 pandemic at a worldwide scale. The best response? A shift to proactive defense, says FortiGuard's Derek Manky, Chief, Security Insights & Global Threat Alliances.
Security Affairs
AUGUST 13, 2020
Microsoft did not properly address an elevation of privilege flaw ( CVE-2020-1509 ) in the Windows Local Security Authority Subsystem Service (LSASS). Google Project Zero researcher who discovered the elevation of privilege flaw ( CVE-2020-1509 ) in the Windows Local Security Authority Subsystem Service (LSASS) warn that Microsoft did not properly address it. “An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated atta
Data Breach Today
AUGUST 13, 2020
CISO Espen Otterstad on Enterprise Risk Management To help mitigate the risks posed by business email compromise scams that target privileged users, enterprises need to create a detailed enterprise risk management plan that spells out procedures to secure accounts, says Espen Otterstad, CISO at Norwegian telematics company ABAX AS.
IT Governance
AUGUST 13, 2020
Cyber Essentials, the UK government-assured security scheme, is a terrific way of giving you a general overview of the effectiveness of your cyber security practices. Its practical approach helps you manage basic cyber security concerns, such as detecting and preventing malware, patching software vulnerabilities, avoiding unauthorised access to systems and networks and improving secure configuration.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Threatpost
AUGUST 13, 2020
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
WIRED Threat Level
AUGUST 13, 2020
The Justice Department says that an agent of the terrorist organization operated FaceMaskCenter.com, in part of a series of cryptocurrency-related complaints.
Threatpost
AUGUST 13, 2020
A never before seen malware has been used for espionage purposes via Linux systems, warn the NSA and FBI in a joint advisory.
Data Protection Report
AUGUST 13, 2020
On 10 August, the European Commission and the US Department of Commerce confirmed that talks have begun between the EU and US for an “enhanced” Privacy Shield. This will be the third attempt to revise this framework, following the invalidation of Safe Harbor in 2015 and Privacy Shield in July 2020. Third time a charm? We’re not so sure. By way of recap, in Schrems II , the court made clear that Privacy Shield was invalid for three main reasons: US surveillance rules are disproportionate.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
AUGUST 13, 2020
Fortinet's recently released Global Threat Landscape Report shows how the perimeter is extending to the home in the first half of 2020 - and what that means for cybercrime.
Dark Reading
AUGUST 13, 2020
Some titles are hot, while others are not, amid rapidly shifting business priorities.
Threatpost
AUGUST 13, 2020
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it.
Dark Reading
AUGUST 13, 2020
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Threatpost
AUGUST 13, 2020
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
WIRED Threat Level
AUGUST 13, 2020
Amazon has patched the flaw, but its discovery underscores the importance of locking down your voice assistant interactions.
Threatpost
AUGUST 13, 2020
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
Dark Reading
AUGUST 13, 2020
Phishing emails and fake website promise help with the Small Business Administration's program that aids those affected by COVID-19.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Schneier on Security
AUGUST 13, 2020
Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE), Qatar, and Saudi Arabia, should be seen as the "simulation of scandal" deliberate attempts to direct moral judgement against their target.
Dark Reading
AUGUST 13, 2020
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.
Data Matters
AUGUST 13, 2020
Sidley partnered with Aon’s Cyber Solutions for an exclusive webinar for life sciences organizations to address developments in digital health and cybersecurity in light of some key trends affecting the industry today. The speakers discussed the latest in digital health and how to better understand and mitigate cyber risk, as well as protect life sciences organizations’ highly valuable and sensitive data.
Expert insights. Personalized for you.
362 
Let's personalize your content