Tue.Jul 09, 2019

article thumbnail

Moving From Vulnerability Management to Vulnerability Response

Data Breach Today

Syra Arif of ServiceNow on Essential Steps Shifting from vulnerability management to vulnerability response is becoming increasingly important, says Syra Arif of ServiceNow, who describes three essential steps.

252
252
article thumbnail

[Podcast] Finding Success at the Intersection of Content Services, Cloud, and Analytics

AIIM

Over the past few years, we’ve seen the Enterprise Content Management (ECM) industry go through some significant changes. Many would say it goes even deeper than change and have been calling it a metamorphosis. In nature, metamorphosis is the process of transformation from an immature form to an adult form in two or more distinct stages – a good example is a tadpole turning into a frog.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016. Undiscovered until 2018, the breach exposed 339 million customer records.

GDPR 204
article thumbnail

Avoid these five all-too-common cloud migration mistakes

DXC Technology

I’m on the cloud. You’re on the cloud. We’re all on the cloud. But, as we move more and more of our IT — lock, stock, and two smoking servers — to the cloud, you should make sure you know what you’re getting into. Yes, the cloud can be a real help, but there are […].

Cloud 91
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

US Coast Guard Warns of Maritime Malware Attacks

Data Breach Today

Incident Investigation Triggers Alert, Which Calls for Precautions The U.S. Coast Guard has issued an alert about an increase in malware attacks targeting the networks of commercial vessels. It's warning ship owners to take more cybersecurity precautions.

More Trending

article thumbnail

Threat Intelligence: Why Sharing Is Difficult

Data Breach Today

Cyber adversaries are resilient and move quickly, so it'st critical that organizations share threat intelligence in an automated way, says Shawn Henry of CrowdStrike Services. But that sharing has been hampered by a lack of understanding of why it's important and how organizations can benefit, he says.

IT 157
article thumbnail

European Commission Releases Factsheet on Artificial Intelligence

Hunton Privacy

On July 4, 2019, the European Commission published a factsheet on artificial intelligence (“AI”) for Europe (the “Factsheet”). In the Factsheet, the European Commission underlines the importance of AI and its role in improving people’s lives and bringing major benefits to the society and economy. In addition, the Factsheet also describes the EU’s role in AI and the financial investments the Commission is planning to make in AI.

article thumbnail

Best Practices for Device Security

Data Breach Today

Steve Hyman of Ordr on the Importance of Network Visibility As healthcare providers connect more and more devices to their networks, ensuring data security becomes far more complex, says Steve Hyman of Ordr, who describes best practices.

Security 186
article thumbnail

British Airways faces sky high £183 million GDPR fine

IT Governance

British Airways has been fined £183.4 million for a data breach that affect ed around 500,000 customers last year. . The airline, owned by IAG, says it is “surprised and disappointed” by the penalty – the largest ever fine for a data breach and the first to be issued in the UK under the GDPR (General Data Protection Regulation). . What happened?

GDPR 84
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Overcoming Vulnerability Overload

Data Breach Today

Nate Dyer of Tenable on How Predictive Prioritization Can Help Vulnerability overload is a pervasive problem, says Nate Dyer of Tenable, who describes how predictive prioritization can help.

152
152
article thumbnail

Coast Guard Warns Shipping Firms of Maritime Cyberattacks

Dark Reading

A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.

86
article thumbnail

Ransomware Re-examined: To Pay or Not to Pay?

Data Breach Today

Fortinet's Sonia Arista on the Dilemmas Facing CISOs Ransomware plays on ever-bigger stages, but the fundamental question remains: To pay or not to pay? Fortinet's Sonia Arista, a former CISO, weighs in on ransomware and other hot breach trends.

article thumbnail

A Zoom Flaw Gives Hackers Easy Access to Your Webcam

WIRED Threat Level

All it takes is one wrong click, and the popular video conferencing software will put you in a meeting with a stranger.

Access 107
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Securing Devices While Maintaining Functionality

Data Breach Today

Chris Hickman of Keyfactor on Managing Medical Device Life Cycles Chris Hickman of Keyfactor explains the challenges of securing and protecting medical devices and the data they collect while delivering the functionality that users demand.

Security 123
article thumbnail

Microsoft Patches Zero-Day Vulnerabilities Under Active Attack

Dark Reading

Microsoft issued fixes for 77 unique vulnerabilities this Patch Tuesday, including two zero-day privilege escalation vulnerabilities seen exploited in the wild.

87
article thumbnail

Mobile and Wearable Device Examination

OpenText Information Management

With the arrival of 5G technology, the increasing popularity of fitness trackers and smart watches, and growth in other “wearable tech”, the amount of data being collected is increasing at an unprecedented rate. And whilst many consumers might consider this data to be “private” that is no-longer necessarily true. And for the law enforcement or … The post Mobile and Wearable Device Examination appeared first on OpenText Blogs.

article thumbnail

Chinese Government’s Latest Effort in Tightening Cross-Border Transfer of Personal Information

Data Matters

The Chinese government is proposing heightened requirements on cross-border transfers of personal information from China, recently publishing draft Measures on Security Assessment of Cross-border Transfer of Personal Information (the “ Draft Measures ”). This comes less than a month after the Chinese government issued another draft Measures for Data Security Management which require network operators to conduct a security assessment for any transfer of important data (i.e. any data that may dir

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Marriott to be fined nearly £100m over GDPR breach

The Guardian Data Protection

ICO imposes fine after personal data of 339 million guests was stolen by hackers The international hotel group Marriott is to be fined almost £100m by the Information Commissioner’s Office after hackers stole the records of 339 million guests. In November, Marriott International, the parent company of hotel chains including W, Westin, Le Méridien and Sheraton, admitted that personal data including credit card details, passport numbers and dates of birth had been stolen in a colossal global hack

GDPR 75
article thumbnail

Cybercriminals Target Budding Cannabis Retailers

Dark Reading

Companies in the young, rapidly growing industry are targeted for sensitive information they store and immature security practices.

Retail 86
article thumbnail

Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016

Security Affairs

The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching.

article thumbnail

Financial Impact of Cybercrime Exceeded $45B in 2018

Dark Reading

Cybersecurity analysts explore a range of industry research to examine trends around cyber incidents and their financial impact.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Maryland Department of Labor discloses a data breach

Security Affairs

The Maryland Department of Labor announced it has suffered a data breach announced that exposed personally identifiable information. . The Maryland Department of Labor suffered a data breach, hackers accessed databases containing personally identifiable information (PII). The security breach was discovered earlier this year, hackers also accessed data stored in the Literacy Works Information System and a legacy unemployment insurance service database.

article thumbnail

Insider Threats: An M&A Dealmaker's Nightmare

Dark Reading

Because data has never been more portable, taking it has never been easier. And that's a huge problem during mergers and acquisitions.

IT 81
article thumbnail

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan. We recently unearthed a campaign that completely "lived off the land" throughout a complex attack chain that ran the info-stealing backdoor #Astaroth directly in memory.

article thumbnail

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Threatpost

Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.

IT 70
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Flaw in Zoom video conferencing software lets sites take over webcam on Mac

Security Affairs

Zoom video conferencing software for Mac is affected by a flaw that could allow attackers to take over webcams when users visit a website. Cybersecurity expert Jonathan Leitschuh disclosed an unpatched critical security vulnerability in the Zoom app for Apple Mac computers, that is chained with another issue, could be exploited by attackers to execute arbitrary code on the targeted systems remotely.

article thumbnail

1,300 Popular Android Apps Access Data Without Proper Permissions

Threatpost

Study finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission.

Access 80
article thumbnail

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Security Affairs

The UK’s data privacy regulator plans to fine giant hotel chain Marriott International with a £99 million ($123 million) under GDPR over 2014 data breach. The company replied that it will fight against the fine, it could reply to the UK ICO’s proposal before the final determination. The UK’s data privacy regulator announced that the giant hotel chain Marriott International faces a £99 million ($123 million) fines under GDPR over 2014 data breach.