Data Breach Today
APRIL 3, 2020
What missteps led to hackers stealing details on 145 million Americans from Equifax in 2017? The answer to that question can be found in numerous reports and a Justice Department indictment. Security researcher Adrian Sanabria says they're essential reading for anyone responsible for cybersecurity defenses.
erwin
APRIL 3, 2020
Many organizations start an enterprise architecture practice without a specialized enterprise architecture tool. Instead, they rely on a blend of spreadsheets, Visio diagrams, PowerPoint files and the like. Under normal circumstances, this approach is difficult. In times of rapid change or crisis, it isn’t viable. Four Compelling Reasons for An Enterprise Architecture Tool.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 3, 2020
British Government and Other 'Work-From-Homers' Grapple With Remote Communications The stuck-at-home chronicles have fast become surreal, as remote workers face down a killer virus on the one hand and the flattening of their work and personal lives on the other. To help, many have rushed to adopt Zoom. And for many use cases - hint: not national security - it is a perfectly fine option.
Security Affairs
APRIL 3, 2020
Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. The ethical hacker Ryan Pickren demonstrated that it is possible to hack Apple iPhone or MacBook users by simply tricking them into visiting a website with the Safari browser. Pickren reported seven vulnerabilities to Apple that rewarded him with a $75,000 bounty.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
APRIL 3, 2020
ChristianaCare's Anahi Santiago on Telehealth Advances Amidst Pandemic Crisis Healthcare professionals are on the front line in the war against COVID-19, and their cybersecurity leaders bear unique pressure to support and secure their efforts. But amidst this crisis, Anahi Santiago, CISO of ChristianaCare Health System, also sees tremendous strides in telehealth delivery.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 3, 2020
News Reports Say Officials Investigating After Thousands Could Not Access Site Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.
Security Affairs
APRIL 3, 2020
An authenticated stored cross-site scripting (XSS) vulnerability could allow attackers to create rogue admins on WordPress sites using Contact Form 7 Datepicker plugin. Administrators of WordPress sites using the Contact Form 7 Datepicker plugin are recommended to remove or deactivate it to prevent attackers from exploiting a stored cross-site scripting (XSS) vulnerability to create rogue admins or taking over admin sessions.
Data Breach Today
APRIL 3, 2020
Researchers Determine That 19 Ecommerce Sites Have Been Targeted A Magecart group has been using a new skimmer technique to target the online checkout sites of smaller businesses in order to steal credit card data, according to RiskIQ researchers, who have spotted 19 of these malicious JavaScript attacks so far.
Hunton Privacy
APRIL 3, 2020
On April 1, 2020, the French Data Protection Authority (the “CNIL”) released guidance for employers on how to implement teleworking (the “Guidance”) as well as best practices for their employees in this context (the “Best Practices”). Guidance for Employers. According to the Guidance, employers must implement the following measures to secure their information systems: Ensuring that they have an IT charter or information security policy in place covering teleworking, or, at the very least, a set
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
APRIL 3, 2020
Researchers Say 'Vollgar' Botnet Installs Cryptominers Researchers at security firm Guardicore Labs are tracking a botnet they call Vollgar that's targeting devices running vulnerable Microsoft SQL Server databases with brute-force attacks and planting cryptominers in the infected databases.
Dark Reading
APRIL 3, 2020
Ransomware operators are aiming for bigger targets and hitting below the belt. With doxing and extortion threats added to the mix, ransomware is evolving into something even more sinister.
Data Breach Today
APRIL 3, 2020
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.
Threatpost
APRIL 3, 2020
A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
IT Governance
APRIL 3, 2020
There’s been one thing on our minds the past month: coronavirus. It appears that cyber criminals are the same, focusing all their efforts on scams that capitalise on the panic. One of the biggest risks is phishing scams – malicious messages that appear to be from a trusted source. The number of reported phishing attacks has risen by more than 600% since February , with the majority of those cashing in on people’s uncertainty and fears over the pandemic.
Dark Reading
APRIL 3, 2020
Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.
Troy Hunt
APRIL 3, 2020
I actually lost track of what week it was at the start of this video. Did I do the Aussie workshops last week? Or the week before? I know I was at home so. it's just all becoming a blur. But be that as it may, life marches on and this week like every other one before it was full of interesting cyber-things. I find the situation with Zoom in particular quite fascinating, particularly the willingness - even eagerness - that so many seem to have to throw the very tool that's bringing so many people
Schneier on Security
APRIL 3, 2020
Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers: Used properly, bug bounty platforms connect security researchers with organizations wanting extra scrutiny. In exchange for reporting a security flaw, the researcher receives payment (a bounty) as a thank you for doing the right thing.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
APRIL 3, 2020
The service's mixed messages have frustrated cryptographers, as the US government and other sensitive organizations increasingly depend on it.
Jamf
APRIL 3, 2020
Most people can and do manage many aspects of their lives on their phones; it’s the device they carry with them everywhere and use for everything. Read about how the FIDO Alliance and Jamf is hoping to change our reliance on passwords to help secure you with minimum fuss and maximum privacy.
Security Affairs
APRIL 3, 2020
RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites to steal customers’ payment card data. The experts discovered a new software skimmer, dubbed “MakeFrame,” that injects HTML iframes into web-pages to capture payment data.
WIRED Threat Level
APRIL 3, 2020
They've been patched, but the Safari vulnerabilities would have given an alarming amount of access.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Data Matters
APRIL 3, 2020
The COVID-19 global pandemic presents unique legal and practical challenges for businesses across all industries, including with respect to ongoing relationships with vendors and suppliers – whether this relates to information security, privacy compliance, business continuity and contractual issues, such as in relation to force majeure. In this webinar, we will highlight some of the key issues companies are facing when dealing with supply chain and vendor contracts, and how their concerns can be
Dark Reading
APRIL 3, 2020
Remedying the "garbage in, garbage out" problem requires an understanding of what is causing the problem in the first place.
Threatpost
APRIL 3, 2020
The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus.
Dark Reading
APRIL 3, 2020
The FBI expects attackers will target virtual environments as more organizations rely on them as a result of the COVID-19 pandemic.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
WIRED Threat Level
APRIL 3, 2020
More than 4,000 Google Play apps let developers and advertisers collect a list of the user's other installed apps, no permission needed.
Dark Reading
APRIL 3, 2020
A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.
Threatpost
APRIL 3, 2020
A group of CDNs and cloud providers are joining in on a fight against common internet routing attacks.
Expert insights. Personalized for you.
257 
Let's personalize your content