Wed.Feb 20, 2019

article thumbnail

Password Managers Leave Crumbs in Memory, Researchers Warn

Data Breach Today

Popular Password Managers for Windows Fail to Tidy Up Before Locking Up Shop A security audit of popular password manager has revealed some concerning weaknesses. Luckily, none of the problems are showstoppers that should put people off using such applications. But the research shows that some password managers need to more thoroughly scrub data left in memory.

Passwords 258
article thumbnail

7 Scenarios for How the Mueller Probe Might End

WIRED Threat Level

New reports say that Robert Mueller will be "wrapping up" his investigation soon. Here's what that might actually mean.

Security 111
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Facebook Smackdown: UK Seeks 'Digital Gangster' Regulation

Data Breach Today

But Can New Laws and Greater Oversight Fix UK's 'Fake News' Challenges? Technology giants stand accused by a U.K. parliamentary committee of risking democracy in pursuit of profit, acting as monopolies and blocking attempts to hold them accountable. But Parliament's probe into disinformation and "fake news" reserves special scorn for Facebook CEO Mark Zuckerberg.

Risk 222
article thumbnail

North Korea’s Lazarus APT targets Russian Entities

Security Affairs

Security researchers at Check Point have uncovered a cyber espionage campaign conducted by Lazarus APT group aimed at Russian targets. Security experts at Check Point have uncovered a cyber espionage campaign carried out by Lazarus aimed at Russian targets, If the attribution is correct, this is the first time that North Korean cyber spies were targeting Russian entities. “For the first time we were observing what seemed to be a coordinated North Korean attack against Russian entities.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Congress Scrutinizes Facebook Health Data Privacy Complaint

Data Breach Today

Committee Demands Answers About Consumers' Complaint Filed With FTC A Congressional committee is demanding Facebook provide answers concerning a complaint filed with the FTC alleging misleading privacy practices involving personal health information. The complaint also alleged a data leak exposed the names of over 10,000 cancer patients participating in a Facebook group.

More Trending

article thumbnail

Security breach at North Country PoS firm hits hundreds of US restaurants and Hotels

Security Affairs

North Country Business Products POS (point-of-sale) and security solutions provider announced a data breach that affecte d hundreds of U.S. restaurants and hotels. North Country Business Products point-of-sale and security solutions provider announced a data breach, the company is currently used by 6500 customers around the Midwest. “North Country Business Products, Inc. ( “North Country”), today announced that a recent data security incident may have resulted in unauthorized access to pay

article thumbnail

The Anatomy of a Lazy Phish

Dark Reading

A security engineer breaks down how easy it is for unskilled attackers to trick an unsuspecting user to submit credentials to a phishing site.

article thumbnail

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

Data Matters

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. The Circular Letter follows an investigation commenced by NYDFS regarding life insurers’ use of external data, which was initiated in light of reports that insurers were using algorithms and predictive models that include unconventional source

article thumbnail

The interface of WinPot ATM Malware looks like a slot machine

Security Affairs

Malware researchers from Kaspersky Lab have detected a new piece of malware dubbed WinPot that was designed to target automated teller machines (ATMs). Security experts from Kaspersky Lab have discovered a new piece of malware dubbed WinPot that target ATMs, it could be used by crooks to make the ATMs automatically dispense all cash from their cassettes.

Sales 77
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Did you know? AMC Monthly Newsletter – February

Micro Focus

This is the second installment in this series designed to keep you “in the know” about current developments in Application Modernization and Connectivity. The latest information from experts, cutting-edge events, and proof points for management – all in one place! Read the first installment here. The Industry Experts Know The digitally-empowered customer has created challenges.

76
article thumbnail

Details on Recent DNS Hijacking

Schneier on Security

At the end of January the US Department of Homeland Security issued a warning regarding serious DNS hijacking attempts against US government domains. Brian Krebs wrote an excellent article detailing the attacks and their implications. Strongly recommended.

article thumbnail

Glass houses: how much privacy can city-dwellers expect?

The Guardian Data Protection

The recent court decision against the neighbours of Tate Modern in London belies a much wider problem – everyone is constantly being watched Alexander McFadyen says that he and his family were “more or less constantly watched” while they were at home. They had to be “properly dressed” at all times, and even then they were often photographed or filmed, and sometimes spied on with binoculars.

Privacy 73
article thumbnail

How to get more business value from your cloud investment

DXC Technology

Is your organization looking to get more business value from its investments in the cloud? Join the club. While there’s no universal approach for moving to the cloud, there are many proven ways to get the most value. These include approaching the cloud not as a technology move, but as a business decision. This makes […].

Cloud 73
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Threatpost

Capsizing a ship with a cyberattack is a relatively low-skill enterprise, according to an analysis from Pen Test Partners.

article thumbnail

As Businesses Move Critical Data to Cloud, Security Risks Abound

Dark Reading

Companies think their data is safer in the public cloud than in on-prem data centers, but the transition is driving security issues.

Cloud 81
article thumbnail

Separ Malware Plucks Hundreds of Companies’ Credentials in Ongoing Phish

Threatpost

An ongoing phishing campaign is targeting hundreds of businesses to steal their email and browser credentials using a simply - but effective - malware.

article thumbnail

Expert released a PoC for a remote code execution flaw in mIRC App

Security Affairs

Security experts discovered a vulnerability in the mIRC application that allows attackers to execute commands remotely. Security researchers Benjamin Chetioui and Baptiste Devigne from ProofOfCalc discovered a vulnerability in the mIRC application that could be exploited by attackers to execute commands remotely. mIRC is a popular Internet Relay Chat application that allows users to chat by connecting to IRC servers, it also allows users to exchange files and links.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Mastercard, GCA Create Small Business Cybersecurity Toolkit

Dark Reading

A new toolkit developed by the Global Cybersecurity Alliance aims to give small businesses a cookbook for better cybersecurity.

article thumbnail

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections

Threatpost

As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts.

article thumbnail

Insurer Offers GDPR-Specific Coverage for SMBs

Dark Reading

Companies covered under the EU mandate can get policies for up to $10 million for fines, penalties, and other costs.

article thumbnail

Five common myths about OpenText TeamSite explained

OpenText Information Management

OpenText™ TeamSite™ has come a long way in recent years, but there are a few lingering myths about its capabilities. Here are five of the most common myths we hear. Myth #1: TeamSite is for websites only Reality: TeamSite is a headless (and decoupled) Content Management System (CMS) which makes it ideal for any digital … The post Five common myths about OpenText TeamSite explained appeared first on OpenText Blogs.

CMS 57
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Microsoft Expands AccountGuard to Help Europe Prep for Cyberattacks

Dark Reading

A recent wave of cybercrime has targeted organizations with employees in Belgium, France, Germany, Poland, Romania, and Serbia.

72
article thumbnail

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

Threatpost

1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory.

article thumbnail

ATM Hacking Has Gotten So Easy, the Malware's a Game

WIRED Threat Level

A strain of ATM malware called WinPot turns the act of cashing out into something like a slot machine.

article thumbnail

9 Years After: From Operation Aurora to Zero Trust

Dark Reading

How the first documented nation-state cyberattack is changing security today.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Android Users: Check This Facebook Location Privacy Setting ASAP

WIRED Threat Level

Android users can now stop Facebook from tracking their location when they aren't using the Facebook app.

Privacy 73
article thumbnail

POS Vendor Announces January Data Breach

Dark Reading

More than 120 restaurants were affected by an incident that exposed customer credit card information.

article thumbnail

North Korea’s Lazarus APT targets Russian Entities

Security Affairs

Security researchers at Check Point have uncovered a cyber espionage campaign conducted by Lazarus APT group aimed at Russian targets. Security experts at Check Point have uncovered a cyber espionage campaign carried out by Lazarus aimed at Russian targets, If the attribution is correct, this is the first time that North Korean cyber spies were targeting Russian entities. “For the first time we were observing what seemed to be a coordinated North Korean attack against Russian entities.