Krebs on Security

MARCH 7, 2020

The federal agency in charge of issuing.gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own.gov domain. In November’s piece It’s Way Too Easy to Get a.gov Domain Name , an anonymous source detailed how he obtained one by impersonating an official at a small town in Rho

IT 242

IT Cybersecurity Security Government 242

The Guardian Data Protection

MARCH 7, 2020

Vanessa Teague reported on a dataset of Medicare and PBS payments that was supposed to be anonymous but wasn’t A prominent university professor has quit after the health department pressured her university to stop her speaking out about the Medicare and PBS history of over 2.5 million Australians being re-identifiable online due to a government bungle.

Data breaches 137

Data breaches Metadata Government Privacy 137

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years. The flaw is currently defined as unpatchable and could be exploited by attackers to bypass hardware-enabled security technology.

Authentication 122

Authentication Encryption Security Access 122

WIRED Threat Level

MARCH 7, 2020

Plus: A J. Crew breach, CIA hacking, and more of the week's top security news.

Security 96

Security 96

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

MARCH 7, 2020

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. The company operates mainly in Russia, but also in Ukraine, Kazakhstan, Italy, Czech Republic, the United States, Canada, and South Africa.

Ransomware 111

Ransomware Computer and Electronics Mining Manufacturing 111