Wed.Mar 27, 2019

article thumbnail

Ransomware Attack Costs Norsk Hydro $40 Million - So Far

Data Breach Today

Norwegian Aluminum Maker Still Fighting LockerGoga Ransomware Attack Norsk Hydro reports that a March 18 ransomware attack has already cost the aluminum manufacturer more than $40 million, and the company continues to bring its systems back online.

article thumbnail

Information Capture Needs to Evolve to Meet New Information Challenges

AIIM

For many years, “capture” was somewhat of an afterthought.It was something focused primarily on paper documents.It was something focused on archiving the document rather than on the extraction of data from the document.It was something you did at some point after information entered the organization.It was usually done in the context of one particular business process and needed to be customized to that process.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

'Disrupting the Hell Out of the Industry'

Data Breach Today

Socure's Tom Thimot and George Tubin on Securing Identity As fraud has shifted over the past decade from basic account takeover to synthetic identities and new account fraud, so has the field of identity protection evolved. Tom Thimot and George Tubin of Socure say they are here to disrupt the industry.

Security 225
article thumbnail

Programmers Who Don't Understand Security Are Poor at Security

Schneier on Security

A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going to do a very good job at it. In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers tend to take the easy way out and write code that stores user passwords in an unsafe manner.

Security 110
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Why Criminals Love Cards Issued by US Banks

Data Breach Today

Blueliv's Liv Rowley Reviews the Latest Fraud, Malware, Credential Theft Trends Some 96 percent of all compromised payment cards have been issued by U.S. banks, reflecting not only the prevalence of credit cards held by Americans, but the relative ease with which they can be used for fraud, says Liv Rowley, a threat intelligence analyst at Blueliv.

212
212

More Trending

article thumbnail

Cloud Security: How the Dialogue Has Shifted

Data Breach Today

Palo Alto Network's Matt Chiodi on the Evolution of Public Cloud Security In just five years' time, the public cloud security conversation has changed dramatically, says Matt Chiodi of Palo Alto Networks. But security leaders still struggle with visibility and compliance.

Cloud 212
article thumbnail

LUCKY ELEPHANT campaign targets South Asian governments

Security Affairs

The NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign tracked as LUCKY ELEPHANT targeting mostly South Asian governments. Security experts at NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign, tracked as LUCKY ELEPHANT, targeting mostly South Asian governments. The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign use doppelganger webpages to mimic legitimate entities such as foreign governments, te

article thumbnail

NTT Security and WhiteHat Security Describe Deal

Data Breach Today

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security. NTT Security's Khiro Mishra and WhiteHat Security's Craig Hinkley say the deal will help bring more application security - and DevSecOps - products, services and smarts to more organizations.

Security 179
article thumbnail

6 Things To Know About the Ransomware That Hit Norsk Hydro

Dark Reading

In just one week, 'LockerGoga' has cost the Norwegian aluminum maker $40 million as it struggles to recover operations across Europe and North America.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

The Far-Reaching Implications of PSD2

Data Breach Today

Angie White of iovation Discusses How the New Directive Could Compare With Impact of GDPR PSD2 requirements for strong authentication and third-party bank account access go into effect this September. Angie White, product marketing manager at iovation, discusses the implications of the directive inside and outside the European Economic Area.

GDPR 175
article thumbnail

Norsk Hydro estimates losses between $35M – $41M in the first week after cyberattack

Security Affairs

Norwegian aluminum giant Norsk Hydro estimates more than $40 million losses in the first week following the ransomware attack that disrupted its operations. Last week Norwegian Norsk Hydro, one of the biggest Aluminum producer, suffered an extensive cyber attack that impacted operations in several of the company’s business areas across Europe and the U.S.

article thumbnail

Building More Robust Fraud Detection Engines

Data Breach Today

Onfido's Parker Crockford Discusses Fraud-Fighting Challenges Widespread data breaches point to the need to build more robust fraud detection engines, says Parker Crockford of Onfido.

article thumbnail

A new AZORult C++ variant can establish RDP connections

Security Affairs

Experts from Kaspersky observed a new C++ version of the AZORult data stealer that implements the ability to establish RDP connections. The AZORult Trojan is one of the most popular data stealers in the Russian cybercrime underground. The AZORult stealer was first spotted in 2016 by Proofpoint that discovered it was part of a secondary infection via the Chthonic banking trojan.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Why Insider Threats Are Still a Critical Problem

Data Breach Today

Verizon's Ashish Thapar Discusses the Evolving Threat Landscape Insider threats continue to be difficult to detect, says Ashish Thapar of Verizon, who offers a summary of a new report on these threats.

166
166
article thumbnail

Trusted and ethical AI with IBM Cloud Private for Data

IBM Big Data Hub

IBM anticipated barriers to scaling enterprise AI. We developed a platform to help clients operationalize AI faster while infusing trust and transparency with IBM Cloud Private for Data and the add-on Watson OpenScale.

Cloud 75
article thumbnail

Leveraging Hidden DNS Information to Fight Threats

Data Breach Today

Stuart Reed of Nominet on Using DNS to Get Visibility on Security Risks The information provided in a domain name system is far deeper than just those transactions that take place. A DNS provides much more granular information around some security risks, although CISOs tend to overlook this information, says Stuart Reed of Nominet.

Risk 145
article thumbnail

Utilities Digital Journey Insights (Part 5): Utilities decentralize organizational models to meet consumer needs

CGI

Utilities Digital Journey Insights (Part 5): Utilities decentralize organizational models to meet consumer needs. pooja.cs@cgi.com. Wed, 03/27/2019 - 03:33. To gain the true value of digital transformation, utilities are embracing more dynamic and autonomous organizational structures that enable them to make decisions closer to the customer. Across utilities and all industries, organizations are finding it more difficult than originally expected to extract real value from their digital initiativ

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Facebook's Early, Misguided Call on Breach Disclosure

Data Breach Today

Emails With Aussie Regulator Show Facebook's Thoughts on 'View As' Hack Shortly after a massive data breach affected up to 50 million accounts last September, Facebook didn't believe the incident needed to be reported under Australia's mandatory breach notification law. While Facebook voluntarily notified all users, emails show the company initially underestimated the breach.

article thumbnail

Threat Hunting 101: Not Mission Impossible for the Resource-Challenged

Dark Reading

How small and medium-sized businesses can leverage native features of the operating system and freely available, high-quality hunting resources to overcome financial limitations.

73
article thumbnail

FEMA Leaked Personal Data of 2.3 Million Disaster Victims

Adam Levin

The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 million survivors of natural disasters. A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3 million survivors of hurricanes Harvey, Irma and Maria as well as the 2017 California wildfires to an unspecified contractor.

article thumbnail

What can banks do to address mounting cyber security challenges?

IT Governance

Cyber crime is spiralling out of control in the financial industry. The FCA (Financial Conduct Authority) received 145 breach notifications in 2018 , up from 25 the previous year. Things are particularly bad among investment banks, which saw a tenfold increase year-on-year (from 3 to 34), and retail banks (from 1 to 25). But it’s not as though cyber crime is a new thing in the industry.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Strengthening Protections and Embracing Connections – An Interview with Douglas C. Williams of Williams Data Management

Information Governance Perspectives

Strengthening Protections and Embracing Connections – An Interview with Douglas C. Williams of Williams Data Management Tenth in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe. Douglas C. Williams is CEO of Williams Data Management and Chairman of the Board for the […].

article thumbnail

Ransomware Behind Norsk Hydro Attack Takes On Wiper-Like Capabilities

Threatpost

Researchers are still looking for answers when it comes to LockerGoga's initial infection method - and what the attackers behind the ransomware really want.

article thumbnail

New survey highlights the good and bad of cyber security’s global outlook

DXC Technology

The news these days is not good when you consider the state of cyber security around the world. Successful cyber attacks continue unabated while the security talent gap continues to widen. Throw into the mix a deluge of security data, difficulty securing containers, and other obstacles and you get mighty headwinds for IT security teams […].

article thumbnail

The 'Twitterverse' Is Not the Security Community

Dark Reading

The drama on social media belies the incredible role models, job, training, and networking opportunities found in the real world of traditional cybersecurity.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Cisco Releases Flood of Patches for IOS XE and Small Business Routers

Threatpost

The networking giant issued 27 patches impacting a wide range of its products running the ISO XE software.

IT 87
article thumbnail

March Madness and Distracted Employees – Bracket Busted

Thales Cloud Protection & Licensing

It’s March and with that comes the inevitable 70 million brackets to be completed predicting 67 basketball games over a three-week period. For employers that means countless hours of visiting websites not usually accessed at work and streaming numerous games on employer owned devices. Every year the research focuses on lost productivity, this year, research shows that allowing employees to watch games at work leads to more engaged employees.

article thumbnail

Reducing risk in digital transformation

DXC Technology

Digital transformation and enterprise risk management can be thought of as parallel highways. That’s because any transformation effort will introduce new risks and change to the organization’s overall security posture. As organizations continue their digital transformations, the transformation of security and risk management must be an integral part of that journey.