Security Affairs

MARCH 30, 2019

The 20-year-old security researcher James Lee publicly disclosed details and proof-of-concept exploits for two zero-day vulnerabilities in Microsoft web browsers. The expert opted to disclose the flaw after the tech giant allegedly failed to address the zero-day issues privately he reported. The researcher reported the issues to Microsoft ten months ago, but the company did not respond to the responsible disclosure.

Access 96

Access Security 96

WIRED Threat Level

MARCH 30, 2019

Plus, Russia cracks down on VPNs, Microsoft cracks down on Iranian hackers, and more of the week's top security news.

Security 81

Security 81

Security Affairs

MARCH 30, 2019

A new cyber heist made the headlines, the victim is Bithumb, the South Korea-based cryptocurrency exchange and hackers stole $19 Million. Hackers have stolen nearly $19 million worth of cryptocurrency from Bithumb, the South Korea-based cryptocurrency exchange. The news was first reported by the Primitive Ventures’ Dovey Wan, hackers compromised a number of Bithumb’s hot EOS and XRP wallets and transferred around 3 million EOS (roughly $13 million) and 20 million XRP (~ $6 million) t

Security 93

Security IT 93

Threatpost

MARCH 30, 2019

As to how the breach happened, the company is so far keeping details tightly rolled up.

Data breaches 68

Data breaches Privacy 68

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. A research conducted by members and associates of Security Without Borders organization along with Motherboard has revealed that government spyware that infected hundreds of people through the official Google Play Store. The malware was tracked as Exodus, after the name of the command and control servers the malicious apps connected to.

Government 90

Government Marketing Compliance Communications 90

Security Affairs

MARCH 30, 2019

Cisco revealed that security patches released in January to address flaws in Small Business RV320 and RV325 routers were incomplete. Cisco revealed that security updates released in January to address vulnerabilities in Small Business RV320 and RV325 routers were not complete. The tech giant also confirmed that the flaws have been exploited in attacks in the wild.

Passwords 73

Passwords Security IT 73

InfoGovNuggets

MARCH 30, 2019

“Johnson & Johnson to Air First TV Ad for Drug That Discloses Its Price,” The Wall Street Journal , March 29, 2019. Ads to disclose monthly cost, both before and after insurance. Posting a list price! Isn’t refreshing to have a marketer tell you up front what the cost will be? Isn’t that information you’d like to have in your decision-making process?

Insurance 28

Insurance Manufacturing Compliance Marketing 28

InfoGovNuggets

MARCH 30, 2019

“The Final Minutes of Ethiopian Airlines’ Doomed Boeing 737 MAX,” The Wall Street Journal , March 30, 2019. What the cockpit voice recorder captured in the tragic crash. What Information do we collect, and why? How do we Use that? Would we collect this information even if the government didn’t require it?

Government 28

Government IT Compliance 28

InfoGovNuggets

MARCH 30, 2019

Once you decide to remove someone, who do you decide to remove and why? Are there any other factors that control your decision? “Facebook Removes Accounts Linked to Duterte’s Former Social-Media Manager,” The Wall Street Journal , March 30, 2018. Accounts removed for “coordinated inauthentic behavior.” As the platform owner, you can either open your site to all comers, or establish objective standards to limit who may and may not use your platform.

Compliance 28

Compliance Government Risk 28

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

InfoGovNuggets

MARCH 30, 2019

“Duke University Agrees to Pay $112.5 Million in Whistleblower Suit Over Grants,” The Wall Street Journal , March 25, 2019. University employee used fake data to secure federal grants. The university employee had been found to be embezzling. A whistleblower (using his brother as his attorney) sued under the False Claims Act. Not a good month for prestigious universities.

Compliance 28

Compliance Government Security IT 28

InfoGovNuggets

MARCH 30, 2019

“Ill-Fated Hewlett-Packard Deal Is Back in Court,” The Wall Street Journal , March 26, 2019. HP alleges that Autonomy fraudulently inflated its financial results, leading HP to pay an hugely inflated price for the company. What controls are in place to prevent you from overpaying for a company? Isn’t that why there are such things as audited financial statements and due diligence by teams of lawyers and accountants?

Compliance 28

Compliance Government IT 28

InfoGovNuggets

MARCH 30, 2019

“Prosecutors Drop All Charges Against Actor Jussie Smollett,” The Wall Street Journal , March 26, 2019. Charges dismissed against actor accused of faking a hate crime attack. Not what you’d readily recognize as an information governance story. But think about the information used in filing the police reports and the controls in place to prevent false police and news reports and unjustified criminal convictions and punishments, and how well they worked.

Information governance 28

Information governance Compliance Government 28

InfoGovNuggets

MARCH 30, 2019

“FTC Orders Broadband Providers to Explain Data Collection Policies,” The Wall Street Journal, March 26, 2019. The government begin to explore how broadband companies handle your private information. While some have questions about whether there is any Constitutional right to privacy, penumbras notwithstanding, it is interesting to see a government agency begin to look into how some major providers are dealing with ( e.g. , handling, protecting, using) “your” informatio

Privacy 28

Privacy Data collection Compliance Government 28

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

InfoGovNuggets

MARCH 30, 2019

“SEC Addresses Cybersecurity Concerns About Stock-Investor Data,” The Wall Street Journal , March 27, 2019. SEC restricts personally identifiable information in shared investment database. How do you collect and retain enough data to enforce securities laws but not put private information at too much risk of being hacked? Don’t businesses face similar dilemmas every day, when deciding how much protection/control to put around what information in their possession and control?

Government 28

Government Cybersecurity Risk Security 28

InfoGovNuggets

MARCH 30, 2019

“Equifax, FICO Team Up to Sell Consumer Data to Banks,” The Wall Street Journal , March 28, 2019. The headline says it all. Who owns data about you, and what can others do with “your” data? Do we as consumers just accept this? Is it all information about us, and is it all private? No. If you buy a car or a computer or a gallon of gas, the other party knows a lot about that transaction, and apart from our identity, do we really care what they do with the rest of that?

Government 28

Government IT 28

InfoGovNuggets

MARCH 30, 2019

“Workers Push Back as Companies Gather Fingerprints and Retina Scans,” The Wall Street Journal , March 28, 2019. State statutes provide workers and others additional rights. Fingerprints and facial scans are information, just as much as a tax return. There are limits on how much a business can “capture” from you, and what that business can do with that information.

Compliance 28

Compliance Government 28

InfoGovNuggets

MARCH 30, 2019

“HUD Action Against Facebook Signals Trouble for Other Platforms,” The Wall Street Journal , March 29, 2019. Do ads targeting specific races/religions constitute discrimination? How does Facebook use the information it has collected? Can advertisers on Facebook pick which users get their ads, and restrict others from seeing those ads?

Government 28

Government IT Compliance 28

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

InfoGovNuggets

MARCH 30, 2019

“Key Takeaways From Attorney General’s Summary of Mueller Report,” The Wall Street Journal , March 24, 2019. AG Barr submits a 4-page summary of the much-longer Mueller report. This just deals with Governance and Information. Isn’t a summary or a digest by definition less complete than the full version? But don’t we perforce rely on summaries and outlines to allow us to function, relying on the objectivity of the author of the summary to avoid true information overloa

Government 28

Government 28

InfoGovNuggets

MARCH 30, 2019

“Journalists Face Prison Over Reporting George Pell Sex-Abuse Conviction,” The Wall Street Journal , March 26, 2019. Australian journalists defy judge’s gag order over the conviction of a Cardinal for sex abuse. Prior restraints on speech and the press are largely prohibited in the US, due to Constitutional protections. But that’s not universal.

Compliance 28

Compliance Government 28