Thu.Jun 28, 2018

article thumbnail

Plant Your Flag, Mark Your Territory

Krebs on Security

Many people, particularly older folks, proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — including everything from utilities and mobile phones to retirement benefits and online banking services. The reasoning behind this strategy is as simple as it is alluring: What’s not put online can’t be hacked.

Paper 185
article thumbnail

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

The Last Watchdog

The use of an additional form of authentication to protect the accessing of a sensitive digital system has come a long way over the past decade and a half. Most individuals today are nonplussed when required, under certain circumstances, to retrieve a one-time passcode, pushed out in a text message to their smartphone, and then typing the passcode to gain access to a privileged account.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Marketing Firm Exposes 340 Million Records on US Consumers

Data Breach Today

2 Terabyte Database Includes Up To 150 Fields With US Consumers' Data A computer security researcher has discovered a vast marketing database containing 340 million records on U.S. consumers. The database is the latest in a long line of databases to have been left exposed to the internet without authentication, thus putting people's personal data at risk.

Marketing 186
article thumbnail

Conquering Chaos in Process Implementation

Gimmal

Below is a blog post by Gimmal Director of Services Karen Goode. Karen is a valuable leader within our Services organization whose passion for process and project execution has driven some of our most successful implementations. Below, she discusses how an effective project execution framework can help organizations see through the chaos of project management and ensure consistency, efficiency, and repeatability throughout all of their processes.

84
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Ticketmaster Breach Traces to Embedded Chatbot Software

Data Breach Today

Hacker Modified JavaScript Chatbot to Scrape Customers' Card Payment Details Ticketmaster is warning customers that it suffered a data breach after an attacker modified its third-party chatbot software to steal customers' payment card details. Software provider Inbenta Technologies says Ticketmaster should never have been running the JavaScript software on a payments page.

More Trending

article thumbnail

Cybercrime Groups and Nation-State Attackers Blur Together

Data Breach Today

North Korean Hackers are 'Rational Actors,' Ex-Intelligence Chief Warns "This is not a crazy state; this is a rational state pursuing rational objectives." So said Robert Hannigan, former head of Britain's GCHQ intelligence service, when describing North Korea in a wide-ranging talk at the Infosecurity Europe conference that also touched on Russian hacking and cybercrime.

113
113
article thumbnail

California Unanimously Passes Historic Privacy Bill

WIRED Threat Level

The law will give Californians more control over the data that companies collect on them than ever before.

Privacy 100
article thumbnail

Feds Crack Down on Darknet Vendors of Illicit Goods

Data Breach Today

DHS Agents Posed as Money Launderers, Helping Suspects Cash Out Cryptocurrency Federal authorities have arrested more than 35 suspects on charges that include selling illicit substances via darknet marketplaces - such as AlphaBay, Dream and Hansa - thanks in part to undercover agents posing as cryptocurrency money launderers. Authorities say the year-long investigation is continuing.

100
100
article thumbnail

National Archives Updates Progress on ICE Records Disposition

National Archives Records Express

This post has been crossposted from the AOTUS Blog. The proposed Immigration and Customs Enforcement (ICE) records schedule for records related to detainees held in ICE detention facilities (DAA-0567-2015-0013) has received significant attention in the media and by concerned individuals. Because of the ongoing interest in this schedule, NARA is providing this update on the status of the review.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Police Scotland needs to invest millions in cyber security

IT Governance

Police Scotland needs to invest £206 million in its computer systems to adequately tackle the threat of cyber crime, according to the force’s deputy chief officer. Appearing before the SPA (Scottish Police Authority) board last month, David Page said the necessary improvements were now seven years overdue. He added: What we try to be very clear on here is the risk of not doing this.

article thumbnail

Manipulative Social Media Practices

Schneier on Security

The Norwegian Consumer Council just published an excellent report on the deceptive practices tech companies use to trick people into giving up their privacy. From the executive summary: Facebook and Google have privacy intrusive defaults, where users who want the privacy friendly option have to go through a significantly longer process. They even obscure some of these settings so that the user cannot know that the more privacy intrusive option was preselected.

Privacy 63
article thumbnail

Enterprise SaaS – and threats to your data

Thales Cloud Protection & Licensing

Results from the 2018 Thales Data Threat Report. *Source – Dataset for 2018 Thales Data Threat Report. High SaaS usage – and with Sensitive Data. In the 2018 Thales Data Threat Report , one fact that came through very clearly is that SaaS usage by enterprises is high, and so is their use of SaaS with sensitive data. This sensitive data use in SaaS environments today is a real problem.

article thumbnail

Ticketmaster data breach: up to 40,000 UK customers affected

IT Governance

The popular ticket sales and distribution company Ticketmaster has notified the users of its UK site that their personal information may have been accessed by an unauthorised third party. Payment information is also understood to have been compromised. According to the BBC , as many as 40,000 UK customers – who include users of the Ticketmaster International, GETMEIN!

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Thinking Through the WP Engine Acquisition of StudioPress

PerezBox

As a fun thought exercise I decided to think through the WP Engine and Studio Press acquisition. Specifically, what I would do, and think they will do, with the new. Read More. The post Thinking Through the WP Engine Acquisition of StudioPress appeared first on PerezBox.

53
article thumbnail

The importance of data curation in information management

Information Management Resources

We envision a world where data from all sources is defined, organized, timely, consistent, reliable and available for all needs. I propose we develop the practice and strategies to bring it to fruition.

IT 57
article thumbnail

Redefining Security with Blockchain

Dark Reading

Blockchain offers a proactive approach to secure a new generation of digital platforms and services for both enterprises and individuals.

article thumbnail

Develop your knowledge

OpenText Information Management

“We can only develop systems when we have first, developed our own knowledge!” The IT industry requires engineers/developers to constantly learn new things. There are new technologies, languages, frameworks, architectures, libraries and APIs appearing constantly. Developers need to stay up to date with this fast-paced industry to expand their knowledge effectively in order to improve the business and personal development.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Protection of Personal Data Now a Constitutional Right in Chile

Hunton Privacy

As reported in BNA Privacy Law Watch , a new law makes data protection a constitutional right in Chile. The measure, which was enacted by the National Congress of Chile, lists “protection of one’s personal data” as an individual right under the Constitution’s Article 19. As a result of this measure, Chilean courts must expedite privacy-related cases under constitutional protect.

article thumbnail

Ticketmaster Chat Feature Leads to Credit-Card Breach

Threatpost

Name, address, email address, telephone number, payment details and Ticketmaster login details were potentially compromised for tens of thousands of customers.

article thumbnail

65% of Resold Memory Cards Still Pack Personal Data

Dark Reading

Analyzed cards, mainly from smartphones and tablets, contained private personal information, business documentation, audio, video, and photos.

article thumbnail

Why the Ticketmaster UK Breach Could Happen to Your Organization

Adam Levin

Event ticketing giant Ticketmaster UK experienced an ongoing data breach affecting 40,000 people over the last several months, many of whom have since fallen victim to scams. The breach was disclosed by the company on June 23, and included a full range of customer information, including names, addresses, phone numbers, payment data, logins and passwords.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Rewards Points Targeted by Teens in Hack of 500K Accounts

Threatpost

The two teens used the rewards points built up in the accounts to make purchases, before selling the account credentials on the Dark Web.

47
article thumbnail

How blockchain is like an HOA—it’s all about the governance

CGI

How blockchain is like an HOA—it’s all about the governance. michael.hardy@…. Thu, 06/28/2018 - 12:43. In my last blog post , I introduced ACT-IAC’s Blockchain Playbook for the U.S. federal government , drafted by a collaborative team of industry and government leaders. As part of the team helping to draft portions of the playbook, I came to realize the importance of a sharing mindset to the success of blockchain initiatives.

article thumbnail

5 Tips for Choosing a Document Scanning Vendor

Armstrong Archives

Beginning a new project with an imaging vendor should be the start of a successful partnership. However, before diving straight in, there are several factors you may need to consider. After all, document scanning is an intensive task, so finding the right partner is essential. Below are five questions to guide your search: 1. Is the vendor customer service oriented?

article thumbnail

Continuum Interview

Adam Shostack

Continuum has released a video of me and Stuart Winter-Tear in conversation at the Open Security Summit: “At the recent Open Security Summit we had the great pleasure of interviewing Adam Shostack about his keynote presentation “A seat at the table” and the challenge of getting security involved in product and application design. We covered numerous topics from the benefits brought to business by threat modeling to pooping unicorns.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

California Enacts Sweeping New Comprehensive Privacy Legislation

HL Chronicle of Data Protection

California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018. Unlike existing state and federal privacy legislation that has generally focused on specific sectors or privacy issues, the California Consumer Privacy Act of 2018 ( AB 375 ), applies broadly to businesses that collect personal information about California consumers and aims to create significant new consumer privacy rights.

Privacy 40
article thumbnail

What OpenText Content Suite users can’t miss this July in Toronto

OpenText Information Management

We can’t wait for OpenText™ Enterprise World 2018 to start. And we’ve brought back something that was so popular with Content Suite users last year – smaller, tailored sessions where expert resources discuss specific product features and use cases, helping customers to fast-track their knowledge and skills. Choose from three types of Expo Theater sessions mapped to your user … The post What OpenText Content Suite users can’t miss this July in Toronto appeared first on Ope

ECM 40
article thumbnail

5 Document Management Mistakes to Avoid

Archive Document Data Storage

Failing to manage your documents efficiently and securely can cost your organisation time, money, and legal problems. Is your document management plan up to par? Here are five common document management mistakes to avoid. Mistake 1: Not Following a Retention Schedule. This may sound like a no-brainer, but many organisations don’t know what documents to keep, how long to store them, and when they should be destroyed.