Mon.Sep 16, 2019

article thumbnail

Preventing PTSD and Burnout for Cybersecurity Professionals

Dark Reading

The safety of our digital lives is at stake, and we need to all do our part in raising awareness of these issues.

article thumbnail

Life After Snowden: US Still Lacks Whistleblowing Rules

Data Breach Today

Intelligence Community May Be Incubating Snowden 2.0, Former NSA Employee Warns Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.

Big data 237
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Four Skills Every Modern Records Manager Must Have Right Now

AIIM

It's become trite to note the speed at which technology changes, and that the speed of those changes continues to increase. But just because it's trite doesn't mean it's not true. This means that, for records managers to continue to remain relevant, we need to ensure that we are on top of new developments in records and information management that will significantly impact our organizations.

article thumbnail

Brokerage Firm Hit With $500,000 Data Breach Penalty

Data Breach Today

Commission Finds That Phillip Capital Made Series of Missteps The U.S. Commodity Futures Trading Commission has hit Philips Capital Inc., a Chicago-based brokerage firm, with a $500,000 penalty for security missteps before and after a 2018 data breach, which resulted in the theft of $1 million from client accounts.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

A flaw in LastPass password manager leaks credentials from previous site

Security Affairs

A flaw in LastPass password manager leaks credentials from previous site. An expert discovered a flaw in the LastPass password manager that exposes login credentials entered on a site previously visited by a user. Tavis Ormandy, the popular white-hat hacker at Google Project Zero, has discovered a vulnerability in the LastPass password manager that exposes login credentials entered on a site previously visited by a user.

More Trending

article thumbnail

Another Side Channel in Intel Chips

Schneier on Security

Not that serious, but interesting : In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU's last-level cache, rather than following the standard (and significantly longer) path through the server's main memory. By avoiding system memory, Intel's DDIO­short for Data-Direct I/O­increased input/output bandwidth and reduced latency and power consumption.

Cloud 92
article thumbnail

Mozilla Introduces Mechanism to Hijack all DNS Traffic in the Name of Privacy

PerezBox

In September of 2019 Mozilla will begin releasing DNS over HTTPS (DOH) in Firefox via their Trusted Recursive Resolver (TRR) program. A primer on DNS Security. The change is based. Read More. The post Mozilla Introduces Mechanism to Hijack all DNS Traffic in the Name of Privacy appeared first on PerezBox.

Privacy 87
article thumbnail

MobiHok RAT, a new Android malware based on old SpyNote RAT

Security Affairs

A new Android malware has appeared in the threat landscape, tracked as MobiHok RAT, it borrows the code from the old SpyNote RAT. Experts from threat intelligence firm SenseCy spotted a new piece of Android RAT, dubbed MobiHok RAT, that used code from the old SpyNote RAT. At the beginning of July 2019, the experts spotted a threat actor dubbed mobeebom that was offering for sale an Android Remote Administration Tool (RAT) dubbed MobiHok v4 on a prominent English hacking forum.

article thumbnail

After Six Years in Exile, Edward Snowden Explains Himself

WIRED Threat Level

In a new memoir and interview, the world’s most famous whistle-blower elucidates as never before why he stood up to mass surveillance—and his love for an internet that no longer exists.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

France and Germany will block Facebook’s Libra cryptocurrency

Security Affairs

Bad news for Facebook and its projects, France and Germany agreed to block Facebook’s Libra cryptocurrency , the French finance ministry said. France and Germany governments announced that they will block Facebook’s Libra cryptocurrency , the news was reported by French finance ministry Bruno Le Maire. “We believe that no private entity can claim monetary power, which is inherent to the sovereignty of nations”. reads a joint statement issued by the two governments, “I want to be absolutely clear

article thumbnail

US Turning Up the Heat on North Korea's Cyber Threat Operations

Dark Reading

Sanctions on North Korean nation-state hacking groups came amid reports of fresh malicious campaigns directed at US entities from the isolated nation.

86
article thumbnail

Data leak exposes sensitive data of all Ecuador ‘citizens

Security Affairs

Experts discovered a huge data leak affecting Ecuador, maybe the largest full-country leak, that exposed data belonging to 20 million Ecuadorian Citizens. Security experts at vpnMentor have discovered a huge data leak affecting Ecuador that exposed data belonging to 20 million Ecuadorian Citizens. Data were left unsecured online on a misconfigured Elasticsearch server, exposed data includes full PII, marital status and date of marriage, level of education, financial info, and more. .

article thumbnail

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware

Threatpost

ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the certificates on the black market.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Fraudulent purchases of digitals certificates through executive impersonation

Security Affairs

Experts at ReversingLabs spotted a threat actor buying digital certificates by impersonating legitimate entities and then selling them on the black market. Researchers at ReversingLabs have identified a new threat actor that is buying digital certificates by impersonating company executives, and then selling them on the black market. The experts discovered that digital certificates are then used to spread malware, mainly adware.

article thumbnail

Data Leak Affects Most of Ecuador's Population

Dark Reading

An unsecured database containing 18GB of data exposed more than 20 million records, most of which held details about Ecuadorian citizens.

77
article thumbnail

Keys to surviving and thriving in the age of digital transformation

Information Management Resources

In his new book, author Thomas M. Siebel stresses that organizations that can truly harness the power of data extract its value by leveraging the cloud, AI, and IoT will master the new digital land.

article thumbnail

How a PIA Can CYA

Dark Reading

More than a compliance mandate, privacy impact assessments can also spot risks early in the product development cycle.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

#ModernDataMasters: Eduard Yanchevsky, Director Services & Solutions, Keyrus

Reltio

Kate Tickner, Reltio. Eduard Yanchevsky is a business leader with more than 15 years of experience in consultancy and performance management processes, combining strong analytical, problem-solving and project management skills. He specialises in mapping client business strategies to complex Business Intelligence and Information Management based technical solutions to successfully define and execute enterprise analytics strategies and programs.

article thumbnail

Oracle Expands Cloud Security Services at OpenWorld 2019

Dark Reading

The company broadens its portfolio with new services developed to centralize and automate cloud security.

Cloud 77
article thumbnail

U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks

Threatpost

Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity.

article thumbnail

Court Rules In Favor of Firm 'Scraping' Public Data

Dark Reading

US appeals court said a company can legally use publicly available LinkedIn account information.

75
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

New Breach Exposes an Entire Nation: Living and the Dead

Adam Levin

A misconfigured database has exposed the personal data of nearly every Ecuadorian citizen, including 6.7 million children. The database was discovered by vpnMentor and was traced back to Ecuadorean company Novaestra. It contained 20.8 million records, well over the country’s current population of 16 million. The data included official government ID numbers, phone numbers, family records, birthdates, death dates (where applicable), marriage dates, education histories, and work records.

Mining 50
article thumbnail

5 Topics CCPA-Compliant Privacy Awareness Training Needs to Cover

KnowBe4

Employees handling the sensitive data of California residents need to know this stuff; the California Consumer Privacy Act says so. The California Consumer Privacy Act (CCPA) is set to take effect on January 1, 2020. It’s imperative to be prepared: the law will regulate the use and disclosure of personal information of nearly 40 million consumers, and is expected to affect more than 500,000 companies across the U.S.

Privacy 49
article thumbnail

Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs

Threatpost

Independent researchers found 125 different CVEs across 13 different router and NAS models.

IoT 70
article thumbnail

Majority of CCPA Amendment Bills Passed by California Legislature

Hunton Privacy

California marked the end of the 2019 legislative session this past Friday, September 13, by passing five out of six pending bills to amend the California Consumer Privacy Act of 2018 (“CCPA”). The bills – AB-25 , AB-874 , AB-1146 , AB-1355 and AB-1564 – now head to California Governor Newsom’s desk for signature, which must occur by October 13 for the bills to be signed into law.

Sales 48
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

5 reasons you should be at the IBM Data and AI Forum in Miami this October

IBM Big Data Hub

Read why you need to attend the IBM Data and AI Forum, the flagship data and AI event that will help you find the expertise you need for your AI journey.

54
article thumbnail

Is There a Hacker in Your Wallet? Third Certainty Episode 2

Adam Levin

In the second episode of Third Certainty, Adam Levin explains how consumers can protect themselves in the aftermath of the Capital One data breach. The post Is There a Hacker in Your Wallet? Third Certainty Episode 2 appeared first on Adam Levin.

article thumbnail

New guidance available to help improve cyber recruiting

Information Management Resources

The Healthcare and Public Health Sector Coordinating Council has released a new toolkit to help a variety of healthcare organizations recruit and retain cybersecurity personnel.