Tue.Oct 09, 2018

article thumbnail

Naming & Shaming Web Polluters: Xiongmai

Krebs on Security

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai — a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras.

article thumbnail

Google Forced to Reveal Exposure of Private Data

Data Breach Today

Consumer Google+ Set For Shutdown; Google Hid the Data-Exposing Bug Google blames a bug in an API for its Google+ social networking service for exposing personal details for about 500,000 users' accounts, but says it doesn't believe the information was misused. The company was forced to acknowledge the March incident after it was reported by The Wall Street Journal.

IT 216
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Can Machine Learning Defeat the Venerable Structured Template?

AIIM

The venerable template allows structured form data to be accurately extracted. In the document capture industry , the concept of templates where you specify the location of each data element is a tried-and-true strategy for structured forms. If the form is standardized, giving the software the precise place to look for data will almost always result in better performance over alternatives such as rules-based approaches using keywords or patterns.

article thumbnail

Heathrow Airport Fined £120,000 for Lost USB Storage Drive

Data Breach Today

Privacy Regulator Cites Data Protection 'Catalog of Shortcomings' Heathrow, the U.K.'s largest airport, has been fined by the country's privacy watchdog for a series of data security missteps that led to a USB memory drive containing highly sensitive information being lost by an airport security trainer on a London city street, where it was found by a passerby.

Privacy 171
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Researchers presented an improved version of the WPA KRACK attack

Security Affairs

Security researchers who devised last year the Key Reinstallation Attack, aka KRACK attack, have disclosed new variants of the attack. Security researchers Mathy Vanhoef and Frank Piessens who devised last year the Key Reinstallation Attack against WPA, aka KRACK attack, have disclosed new variants of the attack. Last year, boffins discovered several key management flaws in the core of Wi-Fi Protected Access II (WPA2) protocol that could be exploited by an attacker to hack into Wi-Fi network

Paper 100

More Trending

article thumbnail

3 ways a data breach can occur

IT Governance

We’ve talked a lot recently about the financial effects of data breaches and how you should respond to incidents , but that still leaves the question of how data breaches occur. Knowing what you should be looking for can help you prevent attacks as well as quickly identify and respond to suspicious activity. This blog looks at some real-world examples of some of the most common causes of data breaches and explains how they occurred.

article thumbnail

Behavioral Biometrics: Key Challenges

Data Breach Today

As more companies move away from passwords toward behavioral biometrics, they face new challenges, says Rajiv Dholakia, co-founder of the FIDO Alliance. "There are no standards as such in this area on how the information is collected, how it's stored and how it's processed," he says.

Passwords 135
article thumbnail

Project Strobe, what will change after the Google security breach?

Security Affairs

Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network, these are the measures in response to the incident. Yesterday Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network. Security experts and privacy advocated criticized the company because it did not disclose the flaw in the Google+ when it first discovered the issue in March because it feared regulatory scrutiny and reputati

article thumbnail

Highlighting the Chinese Cybersecurity Law

Data Matters

Former Department of Homeland Security Chief Privacy Officer Hugo Teufel III and Sidley’s Edward McNicholas addressed a packed room on Chinese Cybersecurity Law at the 2018 Privacy + Security Forum hosted at George Washington University. The timely presentation highlighted how, with significant attention in the past few years focused on the GDPR, many have not fully appreciated the significant policy and legal developments coming out of Beijing.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

New Domains: A Wide-Open Playing Field for Cybercrime

Dark Reading

As bad actors increasingly exploit new domains for financial gain and other nefarious purposes, security teams need to employ policies and practices to neutralize the threat in real time. Here's why and how.

article thumbnail

Win with AI: John Thomas of IBM on putting skin in the data science game

IBM Big Data Hub

John Thomas, IBM distinguished engineer and director of analytics, talks with Dave Vellante in NYC ahead of the recent “Change the Game: Winning with AI event in NYC” to talk about how the IBM Data Science Elite team offers data science expertise as a service to a variety of clients to a variety of organizations, cutting across multiple industries.

article thumbnail

Extend Content Services into lead business apps—an OpenText webinar event

OpenText Information Management

Organizations create vast amounts of content that is filed and stored within siloed applications. Isolated from larger business processes and out of context, it becomes difficult for users to find, analyze and use this information. OpenText™ Extended ECM connects these information repositories, associating their content with its relevant business context and distributing it to the … The post Extend Content Services into lead business apps—an OpenText webinar event appeared first on OpenTex

article thumbnail

Access Now Is Looking for a Chief Security Officer

Schneier on Security

The international digital human rights organization Access Now (I am on the board ) is looking to hire a Chief Security Officer. I believe that, somewhere, there is a highly qualified security person who has had enough of corporate life and wants instead of make a difference in the world. If that's you, please consider applying.

Access 74
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Data-Centric Security and Big Data

Thales Cloud Protection & Licensing

As Cybersecurity continues to be heavily focused on solving the problem of attacks against software vulnerabilities and system access, one potential silver bullet in the data breach equation remains out of the limelight. Enter data-centric security… a set of technologies that lower the value of data through encryption, tokenization, data masking and access control methods.

article thumbnail

How Shared Pools of Cloud Computing Power Are Changing the Way Attackers Operate

Threatpost

Cloud computing is creating new challenges among security professionals as attackers embrace the "as-a-service model", giving unsophisticated cybercriminals a leg up in carrying out attacks.

Cloud 69
article thumbnail

Lesser Skilled Cybercriminals Adopt Nation-State Hacking Methods

Dark Reading

The trend underscores the need for organizations of all sizes to be prepared to detect and respond to threats faster, CrowdStrike says.

78
article thumbnail

12 trends impacting the future of data management jobs

Information Management Resources

Technologies such as artificial intelligence, the Internet of Things and augmented reality are changing how employees work and what skills employers need. Here are 12 top trends that will reshape the workforce over the next five years.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Constructing the Future of ICS Cybersecurity

Dark Reading

As industrial control systems are connected to the cloud and the IoT, experts discuss security challenges.

article thumbnail

Microsoft Patches Zero-Day Under Active Attack by APT

Threatpost

A zero-day vulnerability tied to the Window’s Win32k component is under active attack, warns Microsoft.

article thumbnail

Heathrow Airport fined £120,000 for data breach

IT Governance

The ICO (Information Commissioner’s Office) has fined Heathrow Airport £120,000 for failing to secure sensitive personal data after a member of public found an unencrypted USB stick containing data about the airport’s staff. The data affected: The ICO penalty notice said: [T]he stick held a training video containing names, dates of birth, vehicle registrations, nationality, passport numbers and expiry, roles and mobile numbers of 10 individuals involved in a particular greeting party, and also d

article thumbnail

Lessons Learned from the Facebook Breach: Why Logic Errors Are So Hard to Catch

Dark Reading

By ensuring that each layer of protection scours an application for unintended uses, you can find the flaws before the bad guys do.

70
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

How to get more out of your education technology

Jamf

To help district leaders, IT, instructional technologists and teachers get the most out of their education technology initiatives, we put together several resources explaining best practices for deploying, securing and managing iPad.

article thumbnail

Learn to Understand and Combat New Threats at Black Hat Europe

Dark Reading

As we begin to settle into autumn, Black Hat organizers are hard at work lining up a ton of great content for the premier information security events return to London this December.

article thumbnail

New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants

Threatpost

New Intel Coffee Lake CPUs offer hardware-based protections against some -but not all- Spectre and Meltdown variants.

66
article thumbnail

Does PCI Matter?

Adam Shostack

There’s an interesting article at the CBC, about how in Canada, “ More than a dozen federal departments flunked a credit card security test :” Those 17 departments and agencies continue to process payments on Visa, MasterCard, Amex, the Tokyo-based JCB and China UnionPay cards, and federal officials say there have been no known breaches to date.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Google+ Vulnerability Hits Service, Leads to Shutdown

Dark Reading

In response to the breach, Google is changing policies, modifying APIs, and shutting down Google+.

68
article thumbnail

Decide the future of your enterprise with OT2

OpenText Information Management

At OpenText™ Enterprise World 2018, we announced the availability of OpenText OT2, the next-generation hybrid-cloud platform that brings together intelligent automation, security, and EIM applications in a powerful unified platform. OT2 brings together micro-services for content collaboration, security, process automation, and analytics, enabling customers and partners to rapidly develop and deploy powerful business applications to … The post Decide the future of your enterprise with OT2 a

article thumbnail

Microsoft Fixes Privilege Escalation 0Day Under Active Attack

Dark Reading

This month's Patch Tuesday includes 49 patches, two of which are ranked Critical, and two security advisories.