Fri.Sep 20, 2019

article thumbnail

A Safer IoT Future Must Be a Joint Effort

Dark Reading

We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry

IoT 88
article thumbnail

Eight US Cities See Payment Data Card Stolen

Data Breach Today

Vulnerability in Click2Gov Software Has Been Patched, Vendor Says Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 payment card records have turned up in underground markets, says Gemini Advisory.

Marketing 222
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

Schneier on Security

Earlier this month I made fun of a company called Crown-Sterling, for.for.for being a company that deserves being made fun of. This morning, the company announced that they "decrypted two 256-bit asymmetric public keys in approximately 50 seconds from a standard laptop computer." Really. They did. This keylength is so small it has never been considered secure.

article thumbnail

Eight US Cities See Payment Card Data Stolen

Data Breach Today

Vulnerability in Click2Gov Software Has Been Patched, Vendor Says Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 stolen payment card records have turned up in underground markets, says Gemini Advisory.

Marketing 181
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

A Beginner's Guide to Microsegmentation

Dark Reading

In a world in which the data center perimeter has all but evaporated, traditional segmentation no longer is enough. Enter microsegmentation. Here's what organizations need to do to maximize the benefits of this improved security architecture.

More Trending

article thumbnail

A Feminist Take on Information Privacy

Schneier on Security

Maria Farrell has a really interesting framing of information/device privacy: What our smartphones and relationship abusers share is that they both exert power over us in a world shaped to tip the balance in their favour, and they both work really, really hard to obscure this fact and keep us confused and blaming ourselves. Here are some of the ways our unequal relationship with our smartphones is like an abusive relationship: They isolate us from deeper, competing relationships in favour of sup

Privacy 86
article thumbnail

Accused JPMorgan Chase Hacker Plans to Plead Guilty

Data Breach Today

83 Million Accounts Compromised as Part of Massive Alleged Fraud Scheme Russian national Andrei Tyurin, who was extradited last year from Eastern Europe to the United States, has stated that he plans to accept a plea deal he's reached with federal prosecutors. Tyurin has been charged with numerous crimes, including hacking JPMorgan Chase and stealing 83 million customer records.

166
166
article thumbnail

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. The Amadey bot is a quite simple piece of malware that is available for hire for cybercriminals.

article thumbnail

Senate Budget Bill Would Keep Patient ID Ban Intact

Data Breach Today

After House Votes to Allow HHS Funding for Patient IDs, Senate Bill Calls for Renewing Ban The movement to lift the longstanding Congressional ban on federal regulators funding the development or adoption of a national unique patient identifier appears to have hit a roadblock. Here's an update.

155
155
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

VMworld 2019 Key Takeaways

Daymark

As usual, VMworld was a whirlwind of announcements, presentations, demos, meetups and networking opportunities. It’s a week of non-stop activities and it’s hard (actually impossible) to soak up everything. But I did manage to glean quite a bit and wanted to share my thoughts on some of the highlights and key takeaways.

Cloud 81
article thumbnail

Analysis: Fallout From the Snowden Memoir

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden's memoir. Also featured: An update on Lumen PDF's breach disclosure; insights on financial services identity management issues.

article thumbnail

Commodity Malware Reborn: The AgentTesla “Total Oil” themed Campaign

Security Affairs

Agent Tesla is a fully customizable password info-stealer offered as malware-as-a-service , many cyber criminals are choosing it as their preferred recognition tool. . Introduction. Nowadays the Malware-As-A-Service is one of the criminal favorite ways to breach security perimeter. Agent Tesla is one of these “ commodity malware ”. It is a fully customizable password info-stealer and many cyber criminals are choosing it as their preferred recognition tool. .

article thumbnail

Other Attackers Reuse Old Magecart Domains: Report

Data Breach Today

Researchers Say Widespread Web-Skimming Attacks Spawn Secondary Cybercrime Market Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ.

Marketing 149
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Two selfie Android adware apps with 1.5M+ downloads removed from Play Store

Security Affairs

Experts at Wandera’s threat research team discovered two adware apps on the Google Play Store that were downloaded 1.5M+ times. Researchers at Wandera discovered two adware selfie filter camera apps on the Google Play that were pushing ads and that can record audio. The bad news is that the two apps were downloaded 1.5M+ times. The two apps are Sun Pro Beauty Camera (1M+ installs) and Funny Sweet Beauty Selfie Camera (500K installs).

article thumbnail

Report: FBI Subpoenaed Data From Banks, Credit Agencies

Data Breach Today

Corporations Received 'National Security Letters' Demanding Information The FBI has issued hundreds of subpoenas to major banks, the big three credit rating agencies and other corporations as part of an ongoing counterterrorism program that collects personal and financial data, the New York Times reports.

Security 134
article thumbnail

Ransomware Strikes 49 School Districts & Colleges in 2019

Dark Reading

The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.

article thumbnail

Dutch DPA Releases Complaints Report for First Half of 2019

Hunton Privacy

On September 9, 2019, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) published a report on the privacy complaints it received between January 2019 and June 2019 (the “Report”). Read the full Report and the press release (in Dutch). Overview. During the first half of 2019, 19,020 individuals and organizations have contacted the Dutch DPA with EU General Data Protection Regulation or privacy-related issues and concerns.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Find information in emails – faster

OpenText Information Management

As email communications in the legal industry reach higher volumes — often upwards of thousands or even the previously unthinkable millions of emails per client or legal matter — knowledge workers, including lawyers, are spending more and more time each day on administrative tasks required for effective and compliant email filing. Just looking for relevant … The post Find information in emails – faster appeared first on OpenText Blogs.

article thumbnail

EU Council Presidency Published Amended Proposal for Draft ePrivacy Regulation

Hunton Privacy

On September 18, 2019, the Presidency of the European Council published its proposed amendments to the Proposal for a Regulation Concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications (the “Draft ePrivacy Regulation”). The Draft ePrivacy Regulation will replace the ePrivacy Directive and will complete the EU’s framework for data protection and confidentiality of electronic communications.

article thumbnail

WeWork's Wi-Fi Exposed Files, Credentials, Emails

Dark Reading

For years, sensitive documents and corporate data have been easily viewable on the coworking space's open network.

81
article thumbnail

New Biometrics

Schneier on Security

This article discusses new types of biometrics under development, including gait, scent, heartbeat, microbiome, and butt shape (no, really).

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Mattress Company Leaks Data Records of 387K Customers

Threatpost

A database lacking password protection exposed sensitive data of customers of Milwaukee-based mattress company Verlo Mattress.

article thumbnail

HP Purchases Security Startup Bromium

Dark Reading

The purchase will bring new isolation and threat intelligence capabilities to the HP portfolio.

article thumbnail

Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica

Threatpost

Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.

IT 55
article thumbnail

Growth in IoT fueling demand for edge computing technologies

Information Management Resources

The market for edge computing, which supports a distributed computing model that brings analytics and data storage closer to the locations where they are needed, is on the rise, says new study.

IoT 57
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Social media trends translated for the C-suite

DXC Technology

Even the dedicated social media wonk has a hard keeping up with the latest in social platforms and tools for enterprise use. Once they’re identified, the next challenge becomes explaining them to the other stakeholders who fund, approve or use these tools for competitive advantage. Notorious for being skeptical of social media investment are C-level […].

51
article thumbnail

Forcepoint VPN Client is Vulnerable to Privilege Escalation Attacks

Threatpost

Forcepoint has fixed a privilege escalation vulnerability in its VPN Client for Windows.

IT 67
article thumbnail

WhatsApp ‘Delete for Everyone’ Doesn’t Delete Media Files Sent to iPhone Users via The Hacker News

IG Guru

From The Hacker News Mistakenly sent a picture to someone via WhatsApp that you shouldn’t have? Well, we’ve all been there, but what’s more unfortunate is that the ‘Delete for Everyone’ feature WhatsApp introduced two years ago contains an unpatched privacy bug, leaving its users with false sense of privacy. Read more at the source […].

Privacy 42