Krebs on Security

AUGUST 1, 2018

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

Authentication 186

Authentication Passwords Phishing Data breaches 186

Data Breach Today

AUGUST 1, 2018

Propaganda Efforts - and Adversary OPSEC - Continue to Improve, Experts Warn Facebook has suspended eight pages and 24 accounts for "coordinated inauthentic behavior" tied to apparent political influence campaigns ahead of an event in Washington. While Facebook declined to attribute the activities to specific individuals or groups, U.S. lawmakers are blaming the Kremlin.

154

154

AIIM

AUGUST 1, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 83

GDPR Compliance Privacy Marketing 83

Data Breach Today

AUGUST 1, 2018

Mikhail Malykhin's Schemes Drove Healthcare Benefits Firm Out of Business Russian national Mikhail Malykhin, who was illegally residing in the U.S., has received a 70-month prison sentence after admitting to hack attacks and conspiring to use fraudulent debit cards issued via a hacked healthcare benefits administrator.

150

150

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

AIIM

AUGUST 1, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 80

GDPR Compliance Privacy Marketing 80

TAB OnRecord

AUGUST 1, 2018

Physical records are necessary for day-to-day business operations, risk management and as evidence of regulatory compliance. With paper production up 180% in the past five years, and collections growing, it’s more important than ever to organize, manage and access files as efficiently as possible. Read More. The post Six ways to optimize your physical records appeared first on TAB Records Management Blog | TAB OnRecord.

Records Management 79

Records Management Paper Compliance Risk 79

Data Breach Today

AUGUST 1, 2018

Privacy and Security Experts Offer Insights on What Changes Make Sense HHS is considering making changes to federal privacy regulations governing health data - including HIPAA and the 42 CFR Part 2 law. While regulatory experts are already debating whether changes to HIPAA are, indeed, needed, many say changes to the 42 CFR Part 2 are long overdue.

Privacy 113

Privacy Data Privacy Government Security 113

Information Governance Perspectives

AUGUST 1, 2018

We realized that current models for getting people out of poverty have failed. Those models have failed because they look at the ability to help people out of poverty separate from enabling people in poverty to participate in the supply chain.

Blockchain 80

Blockchain Information governance GDPR Government 80

Schneier on Security

AUGUST 1, 2018

The UK's GCHQ delivers a brutally blunt assessment of quantum key distribution: QKD protocols address only the problem of agreeing keys for encrypting data. Ubiquitous on-demand modern services (such as verifying identities and data integrity, establishing network sessions, providing access control, and automatic software updates) rely more on authentication and integrity mechanisms -- such as digital signatures -- than on encryption.

Authentication 78

Authentication Encryption Big data IoT 78

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

OpenText Information Management

AUGUST 1, 2018

Augmented Reality and the Connected Factory A few weeks ago at OpenText™ Enterprise World 2018, I had the pleasure of demoing our brand new Microsoft HoloLens Augmented Reality application for OpenText™ Extended ECM to our partners and customers. You’re probably thinking, what does an Augmented Reality device have to do with ECM? Let me explain.

IoT 70

IoT ECM Big data Cloud 70

Schneier on Security

AUGUST 1, 2018

We don't know if this is error or deliberate action, but five backdoors have been discovered already this year.

95

95

Data Matters

AUGUST 1, 2018

Ever since the D.C. Circuit struck down the FCC’s overbroad rule defining “auto-dialers” under the Telephone Consumer Protection Act, district courts have debated the scope of the D.C. Circuit’s ruling: Did it effectively strike down earlier FCC pronouncements on what qualifies as an auto-dialer? In a carefully reasoned opinion , a district court judge in Chicago held last week that it did.

Sales 60

Sales Privacy IT Marketing 60

IT Governance

AUGUST 1, 2018

On 10 May 2018, the NIS Directive (Directive on security of network and information systems) was transposed into UK law as the NIS Regulations (The Network and Information Systems Regulations 2018). OES (operators of essential services) and DSPs (digital service providers) that fall within its scope are expected to comply. Non-compliance could lead to a fine of up to £17 million.

Compliance 68

Compliance Security Government IT 68

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

WIRED Threat Level

AUGUST 1, 2018

The Justice Department announced the arrest of three members of notorious cybercrime group Fin7—and detailed some of their methods in the process.

Security 70

Security 70

Security Affairs

AUGUST 1, 2018

Google recently removed 145 applications from the official Google Play store because they were found to carry malicious Windows executables inside. Researchers from Palo Alto Networks revealed that Google removed more than 145 apps from the Play store because they were carrying a Windows malware, The apps were uploaded to the Google Play store between October and November 2017, this means that for months Android users were exposed to the attack.

File names 61

File names Passwords Security IT 61

IT Governance

AUGUST 1, 2018

ISO/IEC 27001:2013 ?is the international standard that describes best practice for an information security management system (ISMS). An? ISMS ?is a system of processes, documents, technology and people that helps to manage, monitor, audit and improve your organisation’s information security. Achieving ISO 27001 certification verifies that your company’s information security is managed in line with international best practice. .

Information Security 60

Information Security Risk Government Compliance 60

Privacy and Cybersecurity Law

AUGUST 1, 2018

The Information Commissioner’s Office have released their Annual Report for 2018. This blog summarises the key messages. Information Commissioner’s Thoughts […].

Marketing 52

Marketing Data breaches 52

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

AUGUST 1, 2018

An attacker broke into Reddit systems and accessed user data, email addresses, and a database of hashed passwords from 2007.

Data breaches 68

Data breaches Passwords Access 68

Security Affairs

AUGUST 1, 2018

Reddit Warns Users of Data Breach. Reddit is warning its users of a security breach, an attacker broke into the systems of the platform and accessed user data. Reddit is warning its users of a security breach, a hacker broke into the systems of the platform and accessed user data. The hacker accessed user data, email addresses, and a 2007 backup database containing hashed passwords managed by the platform.

Data breaches 55

Data breaches Access Passwords Authentication 55

WIRED Threat Level

AUGUST 1, 2018

Defense Distributed has complied with a nationwide injunction issued against its 3-D printed gun files, but the matter is far from settled.

IT 63

IT Security 63

Dark Reading

AUGUST 1, 2018

HackNotice leverages a database of 20,000 hacks to alert users when a site they visit has been compromised.

65

65

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

WIRED Threat Level

AUGUST 1, 2018

The tech community has known about the risk of using SMS in two-factor authentication for years. Reddit appears to have missed the memo.

Authentication 63

Authentication Risk Security 63

Dark Reading

AUGUST 1, 2018

Analysis exposes the lengths malware authors will go to in order to protect their code from disassembly and reverse engineering.

Libraries 54

Libraries 54

IG Guru

AUGUST 1, 2018

June 7, 2018 | Written by: Richard Hogg The European Union’s General Data Protection Regulation (GDPR) is finally here, promising to put individuals back in control of their personal data and harmonize data protection and privacy laws across Europe. But with the May 25 grace period deadline behind us, it’s becoming clear that the regulation will […].

GDPR 40

GDPR Personal data Privacy Information governance 40

CGI

AUGUST 1, 2018

Untangling the challenge of digital change management in the federal government. harini.kottees…. Wed, 08/01/2018 - 05:39. People are struggling with digital change management. The reason seems clear: Consistently, the business and IT executives we interview for the CGI Client Global Insights report tell us that their top barrier to digital transformation is cultural change and change management.

Digital transformation 40

Digital transformation Government Communications Cybersecurity 40

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

CILIP

AUGUST 1, 2018

Affinity mapping: bringing your research alive. THIS month I?m going to take a break from detailing UX research methods to focus instead on a core technique for processing the research data you gather, because as I never tire of saying: there?s no point in gathering data if you are not going to do anything with it. Known as affinity mapping, or affinity diagramming, this highly tactile and visual method involves the theming of sticky notes on a wall or other flat surface in order to identify dat

Access 40

Access IT Education 40

IBM Big Data Hub

AUGUST 1, 2018

Sales compensation programs are incredibly effective for aligning salespeople with company objectives. An organization can sink or swim by whether salespeople know the most forward-thinking and effective sales performance management (SPM) solutions.

Sales 40

Sales 40

The Security Ledger

AUGUST 1, 2018

In this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah. Read the whole entry. » Related Stories Episode 101: The Dystopian IoT looks a lot like the Printer Ink Aisle and City of Atlanta Employees phished

IoT 40

IoT Security Encryption Phishing 40