Krebs on Security

FEBRUARY 18, 2019

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

Passwords 262

Passwords Government Access Security 262

Data Breach Today

FEBRUARY 18, 2019

While Exploitable Protocols and Processes Persist, Adoption of Secure Fixes Lags The internet is composed of a series of networks built on trust. But they can be abused due to weaknesses in older protocols, such as Border Gateway Protocol and the Domain Name System, which were not designed to be secure and are now being abused for online crime and espionage.

Security 255

Security 255

Security Affairs

FEBRUARY 18, 2019

Most of us know MITRE and the ATT&CK framework that they have come up with. What a splendid job they have done for the cyber security community by bringing most of the key attack vectors under an organized framework that segregates these attack vectors in various stages of a typical attack. Moreover, not only they have orchestrated the key attack vectors but the mitigation and detection guidance for each attack vector are also part of this framework.

Cloud 105

Cloud Security IT Marketing 105

Data Breach Today

FEBRUARY 18, 2019

Android App Left User Data Open Without Authentication or TLS/SSL A security consultancy discovered Facebook user data exposed in two different places online without authentication or encryption. The data is now offline. It came from an Android app that purported to offer statistical information to logged-in users.

Authentication 196

Authentication Encryption Security IT 196

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Adam Levin

FEBRUARY 18, 2019

Facebook’s long string of privacy scandals may (finally) have some meaningful repercussions by way of a multi-billion dollar fine from the Federal Trade Commission. The social media giant has been under investigation by the FTC since March 2018 in the wake of the Cambridge Analytica scandal, which affected 87 million users and may have been a pivotal influence in the 2016 election campaign.

Privacy 99

Privacy IT Government Security 99

WIRED Threat Level

FEBRUARY 18, 2019

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders.

Military 94

Military Privacy Security 94

Data Breach Today

FEBRUARY 18, 2019

As the use of artificial intelligence tools and robotics continues to grow, it's crucial for organizations to assess the potential security risks posed, says attorney Stephen Wu, who reviews key issues in an interview.

Artificial Intelligence 182

Artificial Intelligence Security Risk IT 182

Security Affairs

FEBRUARY 18, 2019

Cybersecurity expert Marco Ramilli shared another tool of his arsenal that extracts suspicious IPs from undesired connections, his HoneyPots. Hi folks, today I’d like to point you out another tool of mine which extracts suspicious IPs from undesired connections. In other words: HoneyPots. I run a personal HoneyPot network which stands from years and over time it harvested numerous IP addresses which could be, potentially, malicious (typically scanners).

Honeypots 87

Honeypots Computer and Electronics Mining Cybersecurity 87

Dark Reading

FEBRUARY 18, 2019

No longer can privacy be an isolated function managed by legal or compliance departments with little or no connection to the organization's underlying security technology.

Privacy 85

Privacy Compliance Security 85

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

FEBRUARY 18, 2019

The Proof-of-concept (PoC) exploit code for a recently discovered vulnerability in runc tracked as CVE-2019-5736 is now publicly available. Last week, Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O.

Cloud 87

Cloud Security IT 87

WIRED Threat Level

FEBRUARY 18, 2019

It used to make sense to believe something until it was debunked; now, it makes sense to assume certain claims are fake—unless they are verified.

IT 86

IT Security 86

Security Affairs

FEBRUARY 18, 2019

The Trickbot banking trojan continues to evolve, Trend Micro detected a new variant that includes a new module used for Remote App Credential-Grabbing. The infamous Trickbot banking trojan is back, experts at Trend Micro detected a new strain of the malware using an updated info-stealing module. The new strain of the Trickbot banking trojan that a updated info-stealing module. llows it to harvest remote desktop application credentials.

Passwords 81

Passwords Financial Services Encryption Authentication 81

Schneier on Security

FEBRUARY 18, 2019

It seems that someone from a company called Swift Recovery Ltd. is impersonating me -- at least on Telegram. The person is using a photo of me, and is using details of my life available on Wikipedia to convince people that they are me. They are not. If anyone has any more information -- stories, screen shots of chats, etc. -- please forward them to me.

IT 75

IT 75

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Elie

FEBRUARY 18, 2019

This post considers the perception clash that exists between what users perceive to be their most valuable accounts (email and social networks) and those they think they should protect the most (online banking).

Security 62

Security 62

Security Affairs

FEBRUARY 18, 2019

Security expert discovered a privilege escalation flaw that could be exploited by attackers to elevate permissions to SYSTEM in the LG Device Manager application for LG laptops. A security expert who goes online with the moniker Jackson T. has discovered the flaw, tracked as CVE-2019-8372, while analyzing the tool’s low-level hardware access (LHA) kernel-mode driver, which is associated with the LG Device Manager system service.

Access 69

Access Security IT 69

Schneier on Security

FEBRUARY 18, 2019

Recent articles about IoT vulnerabilities describe hacking of construction cranes , supermarket freezers , and electric scooters.

IoT 79

IoT 79

DXC Technology

FEBRUARY 18, 2019

Réfléchissez-vous avant de vous connecter à un réseau sans fil ? La commodité du Wi-Fi gratuit dans la rue, au café ou dans le bus est-elle trop tentante ? Vous l’ignorez peut-être, mais les entreprises qui exploitent ces point d’accès sans fil ont la possibilité de voir toutes les données qui y transitent. Toutes les données […].

Encryption 41

Encryption Security 41

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Record Nations

FEBRUARY 18, 2019

Throughout 2018, records management has become increasingly important as companies work to become more efficient. The following blog posts were the most popular in 2018. Records Management Compliance Three of our top blogs help you know the regulations for keeping records. Managing Record Retention Requirements in the Office Don’t be confused by record retention requirements. […].

Records Management 40

Records Management Compliance 40

DLA Piper Privacy Matters

FEBRUARY 18, 2019

The European Data Protection Board (EDPB) last week adopted a paper clarifying the position in relation to data transfers between the EU and UK in the event of a no deal Brexit. The EDPB confirmed that if the UK exits the EU without a deal, then with effect from 30 March 2019 the UK will be regarded as a “third country” for the purposes of the GDPR and any transfers of personal data from the EU to the UK from that point.

GDPR 40

GDPR Risk Paper Personal data 40

IG Guru

FEBRUARY 18, 2019

Master of Archives and Records Administration (MARA) Celebrates its 10th Anniversary By Dr. Patricia C. Franks The Master of Archives and Records Administration (MARA) degree was launched in August 2008 in what is now the School of Information at San José State University. The journey of this degree mirrors the transformation of record and information […].

Education 40

Education Archiving IT Records Management 40

Information Matters

FEBRUARY 18, 2019

If you are not already a subscriber and would like to subscribe to this newsletter please CLICK HERE. Data is not the new oil – Venture Beat, 10 February 2019 “Data may have been tantamount to petroleum when the internet was virgin wilderness. But the evolution of digital business long since rendered that notion obsolete. Today, those who believe moats of data will keep rivals at bay risk becoming overrun.” [link].

IoT 40

IoT Retail GDPR Marketing 40

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

IG Guru

FEBRUARY 18, 2019

With more than 2.5 quintillion bytes of data created every day, challenges with unstructured data and an increasingly complex regulatory landscape prompts a need for change to the old approach to information management. Many complex analytical problems are unsolvable by human effort alone due to data volumes and complexity involved. Machine learning and artificial intelligence are […].

Artificial Intelligence 40

Artificial Intelligence Unstructured data Analytics Access 40

eDiscovery Daily

FEBRUARY 18, 2019

In Stovall v. Brykan Legends, LLC, No. 17-2412-JWL (D. Kan. Feb. 7, 2019) , Kansas Magistrate Judge James P. O’Hara denied the plaintiff’s motion for sanctions based on the defendant’s alleged spoliation of a surveillance video that shows an altercation between the plaintiff and her supervisor, stating that “plaintiff has failed to meet the requirements of Fed.

e-Discovery 43

e-Discovery Computer and Electronics Insurance Education 43

Quest Software

FEBRUARY 18, 2019

Learn how to identify your risks, which systems contain sensitive data and make appropriate decisions on how to ensure your data is secure. ( read more ).

Risk 40

Risk Security 40

Threatpost

FEBRUARY 18, 2019

79

79

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Archives Blogs

FEBRUARY 18, 2019

WNYC was one of the earliest broadcasters of a regularly scheduled program aimed at African-Americans. Every Wednesday between November 20, 1929 and July 16, 1930 the station opened its schedule to the National Association for the Advancement of Colored People (NAACP) for talks by black leaders on a variety of topics focusing on African-Americans and their views on race relations, women, workers, entertainment, politics, literature, and the economy.

Libraries 37

Libraries Agriculture Education Insurance 37

Reltio

FEBRUARY 18, 2019

Ankur Gupta, Sr. Product Marketing Manager, Reltio. Digital transformation, big data analytics, and machine learning – the buzzwords echoing the Healthcare & Life Sciences industry signify a new era of delivering connected and personalized customer experience through 360 customer profile. If you are rethinking customer engagement and planning a better customer experience, we have a very special event lined up for you.

MDM 53

MDM Customer Experience Digital transformation Analytics 53

Security Affairs

FEBRUARY 18, 2019

Gnosticplayers hacker is offering in a third round a new set of databases containing millions of hacked accounts from unreported data breaches. Last week, the hacker who goes by online with the moniker Gnosticplayers disclosed the existence of some massive unreported data breaches in two rounds. The experts offered for sale the huge trove of data for a limited period of time.

Sales 52

Sales Data breaches Security Archiving 52