Krebs on Security

MARCH 8, 2019

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal , it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday.

Authentication 260

Authentication Passwords Security Access 260

Data Breach Today

MARCH 8, 2019

Former Patient Coordinator Wrongfully Disclosed Patient Information A former patient coordinator at UPMC, a medical center in Pittsburgh, has pleaded guilty to wrongfully disclosing health information in a rare case involving criminal prosecution for violating HIPAA.

219

219

Weissman's World

MARCH 8, 2019

This 3-Minute Drill troubleshoots a typical municipality’s information challenges as it strives to meet its Open Government commitment. TL:DR Chances are the documents you need are hard to find and are hard to validate because: They’re in different departments, scattered all across the city; They’re in different computer systems; and As often as not, they’re […].

Government 120

Government IT Information governance 120

Data Breach Today

MARCH 8, 2019

Ann Ruckstuhl of Unisys Says Women Are Key to Solving Sector's Talent Shortage How are we doing on hiring more women in the technology sector? Ann Sung Ruckstuhl of Unisys says that from a demographic representation standpoint, we should be doing far better because of the demonstrable benefits to the business that women bring.

184

184

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

IT Governance

MARCH 8, 2019

2018 saw some of the biggest data breaches yet , with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. It was also the year of the GDPR (General Data Protection Regulation) , which changed the way organisations handle customers’ personal data and introduced hefty fines for non-compliance.

Data breaches 109

Data breaches GDPR Personal data Compliance 109

Security Affairs

MARCH 8, 2019

The American multinational software company Citrix disclosed a security breach, according to the firm an international cyber criminals gang gained access to its internal network. The American multinational software company Citrix is the last victim of a security breach, according to the company an international cyber criminal gang gained access to its internal network, Hackers were able to steal business documents, but its products or services were impacted by the attack.

Security 101

Security Passwords Data breaches Access 101

Hunton Privacy

MARCH 8, 2019

On February 26, 2019, the European Data Protection Board (the “EDPB”) presented its first overview of the GDPR’s implementation and the roles and means of the national supervisory authorities to the European Parliament (the “Overview”). The Overview provides key statistics relating to the consistency mechanism among national data protection authorities (“DPAs”), the cooperation mechanism of the EDPB, the means and powers of the DPAs and enforcement of the GDPR at the national level.

GDPR 88

GDPR Data breaches Personal data Marketing 88

Security Affairs

MARCH 8, 2019

Experts found an unprotected server exposing online 4 MongoDB databases belonging to the email validation company Verifications.io. A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million records. The archive includes 808,539,849 records containing: emailrecords = 798,171,891 records emailWithPhone = 4,150,600 records businessLeads = 6,217,358 records.

Archiving 101

Archiving Phishing Compliance Marketing 101

DXC Technology

MARCH 8, 2019

Drones have been around for a few years now, but the truth is their usefulness largely has been limited to providing visual information to users in the form of photos and video captured by their onboard digital cameras. That’s great if you’re a photographer, need to inspect an inaccessible piece of equipment or some farm […].

Artificial Intelligence 88

Artificial Intelligence IoT 88

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

MARCH 8, 2019

Google this week revealed a Windows zero-day that is being actively exploited in targeted attacks alongside a recently fixed Chrome flaw. Google this week disclosed a Windows zero-day vulnerability that is being actively exploited in targeted attacks alongside a recently addressed flaw in Chrome flaw ( CVE-2019-5786). The Windows zero-day vulnerability is a local privilege escalation issue in the win32k.sys kernel driver and it can be exploited for security sandbox escape. “It is a local p

Compliance 86

Compliance Security IT 86

IBM Big Data Hub

MARCH 8, 2019

The IBM Hybrid Data Management Platform provides simplicity and control in one package for your hybrid architecture needs or journey to the cloud.

Cloud 89

Cloud 89

Dark Reading

MARCH 8, 2019

FBI informed Citrix this week of a data breach that appears to have begun with a 'password spraying' attack to steal weak credentials to access the company's network.

Data breaches 82

Data breaches Passwords Access 82

Security Affairs

MARCH 8, 2019

Malware researchers from Trend Micro have spotted a new piece of malware dubbed SLUB that leverages GitHub and Slack for C&C communications. Malware researchers at Trend Micro have spotted a new backdoor dubbed SLUB that abuse GitHub and Slack for command and control (C&C) communications. According to the experts, the SLUB backdoor (Backdoor.Win32.SLUB.A) was only used in targeted attacks by sophisticated threat actors.

Communications 79

Communications Authentication IT Security 79

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Schneier on Security

MARCH 8, 2019

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S. and other governments labeled the NotPetya attack as an action by the Russian military their claim was excluded under the "hostile or warlike action in time of peace or war" exemption.

Insurance 78

Insurance Cybersecurity Military Government 78

Security Affairs

MARCH 8, 2019

Zero-day broker firm Zerodium is offering up to $500,000 for VMware ESXi (vSphere) and Microsoft Hyper-V vulnerabilities. Exploit acquisition firm Zerodium is offering up to $500,000 for VMware ESXi and Microsoft Hyper-V vulnerabilities. The company is looking for exploits that allow guest-to-host escapes in default configurations to gain full access to the host.

Access 71

Access Government Security IT 71

Schneier on Security

MARCH 8, 2019

Yesterday at the RSA Conference, I gave a keynote talk about the role of public-interest technologists in cybersecurity. (Video here ). I also hosted a one-day mini-track on the topic. We had six panels, and they were all great. If you missed it live, we have videos: How Public Interest Technologists are Changing the World : Matt Mitchell, Tactical Tech; Bruce Schneier, Fellow and Lecturer, Harvard Kennedy School; and J.

Cybersecurity 69

Cybersecurity Government Security IT 69

Threatpost

MARCH 8, 2019

As smart devices permeate our lives, Google sends up a red flag and shows how the underlying systems can be attacked.

Privacy 85

Privacy 85

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

OpenText Information Management

MARCH 8, 2019

Gender balance is not just a women’s issue, it’s a business issue. As VP of the Global Partners and Alliances team at OpenText, I know first-hand the importance of creating balanced and diverse teams. I firmly believe that strong leaders have strong teams, and it takes a diverse set of voices, opinions and experiences to … The post Balance for better at OpenText HQ appeared first on OpenText Blogs.

IT 67

IT 67

erwin

MARCH 8, 2019

For regulatory compliance (e.g., GDPR) and to ensure peak business performance, organizations often bring consultants on board to help take stock of their data assets. This sort of data governance “stock check” is important but can be arduous without the right approach and technology. That’s where data governance comes in …. While most companies hold the lion’s share of operational data within relational databases, it also can live in many other places and various other formats.

Government 65

Government Metadata GDPR Compliance 65

Troy Hunt

MARCH 8, 2019

Heaps of stuff going on this week with all sorts of different bits and pieces. I bought a massive new stash of HIBP stickers (1ok oughta last. a few weeks?), I'll be giving them out at a heap of upcoming events, I was on the Darknet Diaries podcast (which is epic!) plus there's more insights into the ShareThis data breach and the ginormous verifications.io incident.

Data breaches 64

Data breaches IT 64

Collibra

MARCH 8, 2019

This year we are celebrating International Women’s Day by sharing details about a new group we launched over the past year: Women of Collibra. International Women’s Day is a time when we come together as a global community to celebrate the achievements of women around the world. And while there is much to celebrate, it’s also a time to recognize how much work is still left to do.

IT 64

IT 64

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Threatpost

MARCH 8, 2019

International cybercriminals likely exploited weak passwords on an internal network, the FBI said.

Passwords 84

Passwords Cloud Security 84

Thales Cloud Protection & Licensing

MARCH 8, 2019

Today is International Women’s Day – an important day at Thales. Not only are we celebrating all the hard-working women in our company, but we are also taking this opportunity to acknowledge all women globally with our commitment to creating a more gender-balanced world. This year’s theme, Balance for Better, stands to take action for equality and celebrate women’s achievements.

Education 54

Education IT Security 54

Threatpost

MARCH 8, 2019

Between operational technology and open source, the supply chain is rapidly expanding - and companies that can't keep up will be the next security targets, said experts at RSA Conference 2019.

Security 59

Security IT 59

Dark Reading

MARCH 8, 2019

Card-present fraud is down, but attackers continue to find new strategies, and consumers are paying the price.

75

75

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

WIRED Threat Level

MARCH 8, 2019

Meltdowns like the Chrome zero day bug show why enabling auto-updates can be the wisest choice for many consumers.

Security 74

Security 74

Dark Reading

MARCH 8, 2019

Check Point researchers investigate security risks and point to implications for medical IoT devices.

IoT 77

IoT Security Risk 77

Micro Focus

MARCH 8, 2019

First off, there are some fantastic musical role models out there helping to change the mindset of women, one power ballad at a time, so thanks must go to Florence for the inspiring song behind the title and titles used in this #InternationalWomansDay blogpost. ‘It’s always darkest before the dawn’ In celebration of International Women’s.

IT 52

IT 52