Thu.Apr 02, 2020

article thumbnail

Morrisons Not Liable for Breach Caused by Rogue Employee

Data Breach Today

Employees' Attempt to Receive Financial Compensation Dismissed by Supreme Court Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.

article thumbnail

[Podcast] The Universal Translator – Not Just for Star Trek Anymore

AIIM

The show Star Trek always had the coolest futuristic technology. For example, I can’t tell you how many times I’ve wished I could tell Scotty to “Beam me up!” and be teleported back home. Another thing that really caught my eye on that show was their “universal translator.” It was basically this handheld device that allowed you to easily communicate across any language – be it human or alien!

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Washington Governor Signs Facial Recognition Law

Data Breach Today

Privacy Advocates Criticize Measure That Microsoft Supported Washington's governor has signed a new law that regulates the use of facial recognition technology. But some privacy advocates say the measure, which was backed by Microsoft, doesn't do enough to protect individuals' rights.

Privacy 262
article thumbnail

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack. And the bad news is that unsettled employees, many of whom are being asked to work from home, and depleted workforces mean there is an increased chance of an incident occurring. Thankfully, we’ve only found 67 incidents this month, with a total of 832,486,418 affected records – which is only slightly higher than last month’s figures.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Zoom Rushes Patches for Zero-Day Vulnerabilities

Data Breach Today

Researcher Found Flaws in Zoom's Teleconference Platform The day after security researcher Patrick Wardle disclosed two zero-day vulnerabilities in the macOS client version of Zoom's teleconferencing platform, the company on Thursday rushed out patches for these flaws and one other.

Security 266

More Trending

article thumbnail

Coalition Offers Remote Workforce Security Tips

Data Breach Today

Andy Bates of Global Cyber Alliance on 'Work From Home, Secure Your Business' The Global Cyber Alliance is one of 13 nonprofit organizations that have banded together to offer businesses security tips for their newly remote workforces. Andy Bates, executive director of the alliance, discusses the coalition's core guidelines for reducing cyber risk.

Security 194
article thumbnail

DXC employees support Alzheimer Scotland

DXC Technology

A team of DXC Technology employees based in Erskine, Scotland recently won an internal Charity Challenge award for their efforts to raise money and awareness for Alzheimer Scotland. The team consisted of employees across all areas of the business brought together by their passion and enthusiasm for supporting this charitable organisation, which provides much-needed support […].

105
105
article thumbnail

COVID-19 Crisis Triggers More HIPAA Policy Changes

Data Breach Today

Business Associates Cleared to Make 'Good Faith' Disclosures of PHI In the latest move to relax certain HIPAA requirements during the COVID-19 crisis, federal regulators Thursday paved the way for business associates to share protected health information for public health-related activities during the pandemic.

179
179
article thumbnail

New COVID19 wiper overwrites MBR making computers unusable

Security Affairs

A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR. SonicWall’s security researchers have discovered a new piece of malware that exploits the current COVID19 outbreak to render computers unusable by overwriting the master boot record (MBR). Unfortunately, this is one of the numerous attacks conducted by cyber criminals and nation-state actors in an attempt to take advantage of the COVID19 epidemic.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Australian Kids' Smartwatch Maker Hit By Same Bug Again

Data Breach Today

TicTocTrack Fixes Bug That Exposed Data, Allowed Tampering With Kids' Location An Australian company that sells a GPS tracking smartwatch for kids accidently exposed personal data a second time. But this time around, it has not notified users about the bug, which also could have been used to spoof the location of children.

article thumbnail

Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak

Security Affairs

Crooks target Android users working from home due to the Coronavirus outbreak with a Trojanized version of the popular video messaging app Zoom. Security experts from Bitdefender have spotted tainted versions of the Android Zoom video-conferencing application that is targeting users working from home due to the Coronavirus outbreak. Researchers detected re-packaged Zoom mobile applications that are distributed via third-party markets. “The samples documented in this article spread outside

Marketing 102
article thumbnail

A partnership for growth and innovation: IBM Informix and HCL

IBM Big Data Hub

Building on a history of collaboration, in April 2017, IBM and HCL entered into a 15-year partnership that merged the best of their shared knowledge and teaming experience to accelerate the product roadmap and innovation of IBM Informix.

88
article thumbnail

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that targeted organizations in various industries.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Marriott Was Hacked -- Again

Schneier on Security

Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved, although not all of this information was present for every guest involved: Contact Details (e.g., name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points balance, but not passwords) Additional Personal Details (e.g., company, gender, and birthday day and month) Partnerships and

article thumbnail

Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan

Security Affairs

An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. The first issue, tracked as CVE-2019-17026 , affects the Firefox browser and was addressed in January.

article thumbnail

Zoom Removes Data-Mining LinkedIn Feature

Threatpost

The feature, criticized for "undisclosed data-mining," is only the latest privacy faux pas for Zoom this month.

Mining 108
article thumbnail

Mitigating the risks of AuthorizationExecuteWithPrivileges and software installers

Jamf

Software installers are a critical part of every organization’s software deployment. See how you can leverage them securely and responsibly.

Risk 90
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig

Threatpost

Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.

Cloud 85
article thumbnail

Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats

Dark Reading

Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks.

Risk 73
article thumbnail

In COVID-19 Scam Scramble, Cybercrooks Recycle Phishing Kits

Threatpost

Old phishing kits are being pressed into service to keep up with the unprecedented volume of new scams that exploit the pandemic.

article thumbnail

Webinar Invitation — AdTech and Privacy: Managing Risk in a Complex and Evolving Digital Economy

HL Chronicle of Data Protection

Join Hogan Lovells and Ankura to learn about the impact of the GDPR and CCPA on cookies and similar AdTech tracking technologies. James Denvil from Hogan Lovells’ Privacy and Cybersecurity practice by senior directors from Ankura to share best practices and their perspectives. Program topics will include: Cookies and Similar Tracking Technologies Defined.

Privacy 59
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

NYDFS Requires COVID-19 Plans by April 9

Data Protection Report

On March 10, 2020, the New York Department of Financial Services (NYDFS) issued guidance to all of its regulated institutions engaged in virtual currency business activity, requiring them to have plans for preparedness to manage the possible operational and financial risks posed by the COVID-19 pandemic. NYDFS requires the plans to be submitted by Thursday, April 9, 2020.

Risk 59
article thumbnail

Vulnerability Researchers Focus on Zoom App's Security

Dark Reading

With videoconferencing's rise as an essential tool for remote work comes a downside: more security scrutiny, which has turned up a number of security weaknesses.

article thumbnail

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Data Protection Report

In a judgment which will be warmly welcomed by employers (and their insurers) in the UK, the UK Supreme Court today overruled the Court of Appeal in holding that that Morrisons supermarkets is not vicariously liable for a data breach maliciously caused by a former employee. The Supreme Court concluded that the Court of Appeal had misunderstood the principles governing vicarious liability in their previous judgments in the case.

article thumbnail

Name That Toon: The Devil You Know?

Dark Reading

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

69
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBs

Threatpost

Attacks using a brand-new card-harvesting code is targeting small- to medium-sized businesses, claiming 19 sites so far.

article thumbnail

A Hacker's Perspective on Securing VPNs As You Go Remote

Dark Reading

As organizations rush to equip and secure their newly remote workforce, it's important to keep things methodical and purposeful

article thumbnail

Google Squashes High-Severity Flaws in Chrome Browser

Threatpost

Google is rolling out the newest Chrome browser version, 80.0.3987.162, in the coming days.

79
article thumbnail

Reassuring Words and Good Intentions Don't Mean Good Security

Troy Hunt

How much can you trust the assertions made by an organisation regarding their security posture? I don't mean to question whether the statements are truthful or not, but rather whether they provide any actual assurance whatsoever. For example, nearly 5 years ago now I wrote about how "we take security seriously" was a ridiculous statement to make immediately after a data breach.

Security 101