The Last Watchdog

NOVEMBER 4, 2021

Filing systems, historically speaking, have been all about helping its users find information quickly. Related: GDPR and the new privacy paradigm. Europe’s General Data Protection Regulations (GDPR) changed the game. Generally, filing systems sort by date, department, topic, etc. Legacy filing systems were not built to keep track of the personal data of specific individuals primarily to be in compliance with the many data protection regulations popping up around the world.

Personal data 197

Personal data Unstructured data Privacy Data Privacy 197

Krebs on Security

NOVEMBER 4, 2021

The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a lure about a wayward package that needs redelivery. Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. One of dozens of FedEx-themed phishing sites currently being advertised via SMS spam.

Phishing 298

Phishing Insurance Passwords Privacy 298

Security Affairs

NOVEMBER 4, 2021

Cisco fixed critical flaws that could have allowed unauthenticated attackers to access its devices with hard-coded credentials or default SSH keys. Cisco has released security updates to address two critical vulnerabilities that could have allowed unauthenticated attackers to log in to affected devices using hard-coded credentials or default SSH keys.

Passwords 139

Passwords Authentication Security IT 139

Dark Reading

NOVEMBER 4, 2021

Hiring managers must rethink old-school practices to find the right candidates and be ready to engage in meaningful conversations about their company's values. Here are three ways to start.

Cybersecurity 132

Cybersecurity 132

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Schneier on Security

NOVEMBER 4, 2021

The Israeli cyberweapons arms manufacturer — and human rights violator , and probably war criminal — NSO Group has been added to the US Department of Commerce’s trade blacklist. US companies and individuals cannot sell to them. Aside from the obvious difficulties this causes, it’ll make it harder for them to buy zero-day vulnerabilities on the open market.

Manufacturing 113

Manufacturing Marketing IT Security 113

Reltio

NOVEMBER 4, 2021

Today is a monumental day in the history of Reltio. On the famous Nasdaq signage in Times Square in New York City – where some of the greatest companies of the modern era have been showcased – you will see the name Reltio. We are extremely excited about this recognition and honored to have the exchange share in the celebration of such a big moment for our company.

Cloud 111

Cloud Customer Experience IT Security 111

Security Affairs

NOVEMBER 4, 2021

A critical heap-overflow vulnerability, tracked as CVE-2021-43267, in Linux Kernel can allow remote attackers to takeover vulnerable installs. A SentinelOne researcher discovered a critical remote code execution vulnerability, tracked as CVE-2021-43267, resides in the Transparent Inter Process Communication (TIPC) module of the Linux kernel. The flaw is a critical heap-overflow issue that could lead to remote code execution and full system compromise.

Communications 105

Communications IT Security Cybersecurity 105

eSecurity Planet

NOVEMBER 4, 2021

It’s been an active week for security vulnerabilities, with MITRE and the U.S. Cybersecurity & Infrastructure Agency (CISA) revealing hundreds of critical vulnerabilities. CISA ordered federal agencies to patch a list of nearly 300 vulnerabilities , and encouraged private organizations to fix them too. CISA said the list will be updated as any vulnerability meets three criteria: The vulnerability has an assigned Common Vulnerabilities and Exposures (CVE) ID.

Computer and Electronics 105

Computer and Electronics Access Risk IoT 105

Data Matters

NOVEMBER 4, 2021

This article originally appeared in Law360 on November 3, 2021. Sidley lawyers Brenna Jenny and Sujit Raman recently published an article in Law360 entitled How To Minimize FCA Cyber Fraud Enforcement Risk , which analyzes the implications of DOJ’s recent formation of a Civil Cyber-Fraud Initiative to use the FCA to pursue cybersecurity-related fraud.

Cybersecurity 88

Cybersecurity Manufacturing Compliance Government 88

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

NOVEMBER 4, 2021

The US government offers up to a $10,000,000 reward for information leading to the identification or arrest of DarkSide gang members. The US government wants to dismantle the DarkSide ransomware operation and its rebrands and it is offering up to a $10,000,000 reward for information leading to the identification or arrest of members of the gang in key leadership position s. “The U.S.

Ransomware 101

Ransomware Government Encryption Communications 101

Threatpost

NOVEMBER 4, 2021

The bug (CVE-2021-43267) exists in a TIPC message type that allows Linux nodes to send cryptographic keys to each other.

121

121

Hunton Privacy

NOVEMBER 4, 2021

On October 21, 2021, the Consumer Financial Protection Bureau (“CFPB”) issued orders to Google, Apple, Facebook, Amazon, Square and PayPal requesting detailed information about their business practices in relation to payment systems they operate. The CFPB issued the orders pursuant to its statutory authority under the Consumer Financial Protection Act.

Privacy 97

Privacy Access IT Information Security 97

Threatpost

NOVEMBER 4, 2021

NSO Group plans to fight the trade ban, saying it's "dismayed" and clinging to the mantra that its tools actually help to prevent terrorism and crime.

IT 107

IT Government Security 107

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

NOVEMBER 4, 2021

The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of 306 actively exploited vulnerabilities and has issued a binding operational directive ordering US federal agencies to address them within specific timeframes and deadlines.

Cybersecurity 97

Cybersecurity Risk Security IT 97

eSecurity Planet

NOVEMBER 4, 2021

Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred to the rival LockBit site. This followed reports that Russia may or may not be cracking down on ransomware groups, which followed reports that the REvil group had its servers taken over by law enforcement.

Ransomware 92

Ransomware Systems administration Cybersecurity Phishing 92

Security Affairs

NOVEMBER 4, 2021

CISA urges vendors to address BrakTooth flaws after researchers have released public exploit code and a proof of concept tool for them. US CISA is urging vendors to address BrakTooth flaws after security researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against potential Bluetooth exploits. “On November 1, 2021, researchers publicly released a BrakTooth proof-of-concept (PoC) tool to test Bluetooth-enabled devices against potential Blueto

Manufacturing 91

Manufacturing Security IT Information Security 91

Dark Reading

NOVEMBER 4, 2021

A security tool monitoring OT devices needs to do so without disrupting operations, which is why the Self-Learning AI acts only on information obtained by passive monitoring of the network.

Security 91

Security 91

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

IG Guru

NOVEMBER 4, 2021

Check out this publication from the Standford Libarary. The post The Lighting the Way project team is pleased to announce the publication of The Lighting the Way Handbook: Case Studies, Guidelines, and Emergent Futures for Archival Discovery and Delivery, edited by Mark A. Matienzo and Dinah Handel appeared first on IG GURU.

Archiving 87

Archiving Libraries Education 87

Dark Reading

NOVEMBER 4, 2021

The acquisition provides customers of JD Edwards, along with Oracle EBS and Oracle Cloud, with expanded capabilities for data masking, threat detection and response, and real-time analytics across multiple ERP applications.

Compliance 82

Compliance Analytics Security Cloud 82

Threatpost

NOVEMBER 4, 2021

The Magecart threat actor uses a browser script to evade detection by researchers and sandboxes so it targets only victims’ machines to steal credentials and personal info.

IT 80

IT Security 80

Dark Reading

NOVEMBER 4, 2021

It's the latest in a series of clever brand impersonation scams that use multiple vectors to lure victims.

Phishing 102

Phishing IT 102

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Rocket Software

NOVEMBER 4, 2021

Last month, ASG, a Rocket company, held its annual partner and customer event, EVOLVE 21. The event was an opportunity to celebrate ASG joining the Rocket family and featured new product releases, exciting updates, a magic show, music, meditation, customer stories and more. The biggest news was that Rocket’s co-founder and CEO, Andy Youniss, announced that Milan Shetti, current Rocket president, will add CEO to his title as of November 5th.

Digital transformation 71

Digital transformation Metadata Government Customer Experience 71

eDiscovery Daily

NOVEMBER 4, 2021

Even before the pandemic started, working from home was on the rise. The trend allowed employees to be both productive and comfortable. Like any change, the transition to remote work was met with some skepticism. Many worried that limited in-person interaction would negatively impact work relations and company culture. Another concern was that employees wouldn’t get their work done at home.

e-Discovery 77

e-Discovery Privacy Data Privacy Personal data 77

Dark Reading

NOVEMBER 4, 2021

The State Department offers multimillion-dollar rewards for information related to the leaders and members involved in DarkSide ransomware.

Ransomware 83

Ransomware 83

Threatpost

NOVEMBER 4, 2021

Invest and practice: Grant Oviatt, director of incident-response engagements at Red Canary, lays out the key building blocks for effective IR.

Cloud 75

Cloud Security 75

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

NOVEMBER 4, 2021

A new survey explains why nearly all organizations experience API security problems to varying degrees.

Security 81

Security 81

Threatpost

NOVEMBER 4, 2021

A fake Steam pop-up prompts users to ‘link’ Discord account for free Nitro subs.

Security 92

Security 92

Dark Reading

NOVEMBER 4, 2021

ThreadFix v3.1 delivers fastest speed for AppSec automation and remediation.

Security 68

Security 68