Data Breach Today
OCTOBER 17, 2018
Initiatives in UK and California Aim to Deep-Six Poor IoT Security Practices With at least 20 billion new consumer devices set to be internet-connected by 2020, initiatives in the U.K. and California are trying to ensure that as many IoT devices as possible will be out-of-the-box secure, for starters by not shipping with default passwords.
The Last Watchdog
OCTOBER 17, 2018
Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure. And yet two recent disclosures highlight just how brittle the military’s cyber defenses remain in critical areas. By extension these developments are yet another reminder of why constantly monitoring and proactively defending business networks must be a prime direct
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
OCTOBER 17, 2018
But Why Is Conducting a Risk Analysis So Challenging for So Many Organizations? The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis. But why is conducting a risk assessment so challenging for so many?
AIIM
OCTOBER 17, 2018
A great project development team can only be great with the right tools. Through the numerous project management methodologies and top-down inferences, there is one constant; management tools. Even the best managers can’t work efficiently without them. They range from the micro to the macro and cover all of the aspects of a project’s lifecycle. They create an atmosphere of greater cooperation and productivity.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
OCTOBER 17, 2018
Organizations can effectively rely on managed security services providers to take care of many tasks, but certain strategic security functions must be handled in-house, says Sid Deshpande, research director at Gartner.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
OCTOBER 17, 2018
Oracle has just released a security update to prevent 2.3 million servers running the RPCBIND service from being used in amplified DDoS attacks. The flaw was discovered by the Brazilian researcher Mauricio Corrêa, founder of Brazilian security company XLabs. The exploitation of this vulnerability could cause major problems on the Internet. “A proof of concept (POC) made in only one XLabs server generated a traffic of 69 gigabits per second,” Mauricio told Cibersecurity.net.br.
Dark Reading
OCTOBER 17, 2018
In what could be a precursor to future attacks, GreyEnergy is targeting critical infrastructure organizations in Central and Eastern Europe.
Security Affairs
OCTOBER 17, 2018
The Libssh library is affected by a severe flaw that could be exploited by attackers to completely bypass authentication and take over a vulnerable server. The Secure Shell (SSH) implementation library, the Libssh, is affected by a four-year-old severe vulnerability that could be exploited by attackers to completely bypass authentication and take over a vulnerable server without requiring a password.
Dark Reading
OCTOBER 17, 2018
To succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
OCTOBER 17, 2018
Researchers from the Silesian University of Technology in Poland discovered several flaws that could be exploited to take over some D-Link routers. A group of researchers from the Silesian University of Technology in Poland has discovered three vulnerabilities in some models of D-Link routers that could be chained to take full control over the devices.
Dark Reading
OCTOBER 17, 2018
With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
Security Affairs
OCTOBER 17, 2018
Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here ). The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy.
Threatpost
OCTOBER 17, 2018
The flaw impacted patients with pacemakers, implantable defibrillators, cardiac resynchronization devices and insertable cardiac monitors.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
OCTOBER 17, 2018
VMware has addressed a critical arbitrary code execution flaw affecting the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion products. VMware has released security updated to fix a critical arbitrary code execution vulnerability (CVE-2018-6974) in the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion solutions.
Threatpost
OCTOBER 17, 2018
The vendor only plans to patch two of the eight impacted devices, according to a researcher.
Dark Reading
OCTOBER 17, 2018
Cybercrime is easy and rewarding, making it a perfect arena for criminals everywhere.
Threatpost
OCTOBER 17, 2018
A “critical water utility” was hit by a recent ransomware attack, significantly impeding the service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority (ONWASA) said in a Monday release that a “sophisticated ransomware attack… has left the utility with limited computer capabilities.” While customer data […].
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Hunton Privacy
OCTOBER 17, 2018
On October 11, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted comments to the UK Information Commissioner’s Office (“ICO”) in response to its call for views on creating a regulatory sandbox. The regulatory sandbox concept is intended to provide a supervised safe space for piloting and testing innovative products, services, business models or delivery mechanisms in the real market, using the personal data of real individuals.
Dark Reading
OCTOBER 17, 2018
A new SEC investigative report urges public organizations to keep cyberthreats in mind when implementing internal accounting tools.
OpenText Information Management
OCTOBER 17, 2018
The employment landscape is in flux, impacted by forces that are transforming the workplace and introducing new ways to work. The most powerful of these forces? Shifting demographics in the workplace, digital technology and globalization. We are at a tipping point where in the next three to five years, the workforce will be predominantly made … The post New Ways To Work appeared first on OpenText Blogs.
Threatpost
OCTOBER 17, 2018
The update includes one critical flaw in Oracle GoldenGate with a CVSS 3.0 score of 10.0.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
OpenText Information Management
OCTOBER 17, 2018
At OpenText™ Enterprise World 2018, we demonstrated that OpenText is now a true applications AND platform company with the announcement of two new applications: Legal Center and Quality Center. Now available in beta, OpenText Quality is designed to meet the needs of the highly-regulated life sciences industry, and OpenText Legal is a cloud EIM app … The post Innovations in applications appeared first on OpenText Blogs.
Information Management Resources
OCTOBER 17, 2018
Today, data science is being more widely applied than ever, and data science is recognized as both an art and a science. This is a dramatic – and exciting – change from how data science was viewed when I started my career.
WIRED Threat Level
OCTOBER 17, 2018
Security researchers have discovered a new instance code associated with APT1, a notorious Chinese hacking group that disappeared in 2013.
Information Management Resources
OCTOBER 17, 2018
ContinuousNEXT is the future evolution of concepts that Gartner Research has introduced in recent years that will build momentum through digital transformation and beyond.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Hunton Privacy
OCTOBER 17, 2018
On October 23, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP will host an official side event on The Concept of “Fairness” in Data Protection at the 40th International Conference of Data Protection and Privacy Commissioners in Brussels, Belgium. The event will run twice and feature two sets of panelists. More information can be found on the event registration page.
Dark Reading
OCTOBER 17, 2018
The software updates from Oracle address a record number of vulnerabilities.
HL Chronicle of Data Protection
OCTOBER 17, 2018
Late last month, California Governor Jerry Brown signed the first US Internet of Things (IoT) cybersecurity legislation: Senate Bill 327 and Assembly Bill 1906. Starting on January 1, 2020, manufacturers of regulated connected devices are required to equip such devices with “reasonable security features” designed to protect a connected device and any information it holds from “unauthorized access, destruction, use, modification, or disclosure.
Expert insights. Personalized for you.
204 
Let's personalize your content