Krebs on Security

FEBRUARY 12, 2019

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever. Founded in 2001 and based in Milwaukee, Wisc., VFEmail provides email service to businesses and end users.

Authentication 239

Authentication Ransomware Passwords IT 239

Data Breach Today

FEBRUARY 12, 2019

Attackers Could 'Break Out' via Runc Flaw to Compromise All Containers on Host Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.

Risk 220

Risk 220

The Last Watchdog

FEBRUARY 12, 2019

Assuring the privacy and security of sensitive data, and then actually monetizing that data, — ethically and efficiently — has turned out to be the defining challenge of digital transformation. Today a very interesting effort to address this complex dilemma is arising from the ferment, out of the UK. It’s called Project Furnace , an all-new open source software development platform.

Digital transformation 102

Digital transformation Cloud Security IoT 102

Data Breach Today

FEBRUARY 12, 2019

Police Say Data-Sharing Alternatives 'Will Not Be As Efficient Or Effective' British police say they're doing their best to cope with the possibility that the U.K. will crash out of the EU in 45 days and lose access to joint policing resources. But Richard Martin of the Met Police says replacements "will not be as efficient or effective as the tools we currently use.

Access 222

Access 222

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

IT Governance

FEBRUARY 12, 2019

The recent fire at Ocado has been a devastating blow to the company and the local community. Hundreds of firefighters were involved in tackling the blaze; the smoke billowed for more than 48 hours, darkening the Hampshire sky; surrounding homes and businesses were evacuated due to the risk of explosion, and those further afield advised to keep windows and doors shut; and some firefighters needed treatment for smoke inhalation.

Retail 103

Retail Risk Marketing IT 103

Dark Reading

FEBRUARY 12, 2019

We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers.

Cybersecurity 97

Cybersecurity Security IT 97

Data Breach Today

FEBRUARY 12, 2019

Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.

Information Security 176

Information Security Security 176

Data Matters

FEBRUARY 12, 2019

When California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018, there was broad agreement that revisions and clarifications were necessary. The CCPA was written and enacted with extraordinary speed, as legislators felt the need to move quickly in order to preempt a data privacy ballot initiative that had received enough signatures to be placed on California’s November ballot.

Sales 74

Sales Privacy Data Privacy Compliance 74

Data Breach Today

FEBRUARY 12, 2019

The HHS Office for Civil Rights is paying particular attention to complaints involving patients' access to their health information; it's also focusing on investigations of organizations with patterns of HIPAA noncompliance, Nick Heesters of the agency explains in an interview at the HIMSS19 conference.

Access 174

Access IT 174

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

FEBRUARY 12, 2019

Cybaze -Yoroi ZLAB revealed interesting a hidden connection between the AZORult toolkit and specific Gootkit payload. Introduction. In the last days, a huge attack campaign hit several organizations across the Italian cyberspace, as stated on bulletin N020219 the attack waves tried to impersonate legit communication from a known Express Courier. However, a deeper analysis by Cybaze -Yoroi ZLAB revealed interesting hidden aspects, spotting a connection between the AZORult toolkit and a particular

Communications 83

Communications Archiving Passwords Encryption 83

Data Breach Today

FEBRUARY 12, 2019

What are some of the hottest issues that will be discussed at this year's RSA Conference, to be held March 4-8 in San Francisco? Britta Glade, content director for the world's largest data security event, says DevSecOps - as well as third-party risk and cloud-related issues - are emerging as key themes.

Cloud 168

Cloud Risk Security 168

Dark Reading

FEBRUARY 12, 2019

All data belonging to US users-including backup copies-have been deleted in catastrophe, VMEmail says.

107

107

Security Affairs

FEBRUARY 12, 2019

Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, including an Internet Explorer issue that has been exploited in attacks. Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, 20 critical vulnerabilities, 54 important and 3 moderate in severity. One of the issue fixed by the tech giant is a zero-day vulnerability in Internet Explorer discovered by Google that has been exploited in attacks.

IoT 81

IoT Security IT 81

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

FEBRUARY 12, 2019

Dunkin’ Donuts may have just launched its first double-filled doughnut, but another doubling up is not quite as tasty. The chain has suffered its second credential-stuffing attack in three months. Like the first incident, the attack targeted pastry aficionados that have DD Perks accounts, which is Dunkin’s loyalty program. Names, email addresses, 16-digit DD Perks […].

IT 78

IT Passwords Privacy Security 78

Security Affairs

FEBRUARY 12, 2019

The 0patch experts released a micropatch to address an in Adobe Reader zero-day that allows maliciously PDF docs to call home and send over the victim’s NTLM hash. The 0patch experts released a micropatch to address an in Adobe Reader zero-day that allows maliciously PDF documents to call home and send over the victim’s NTLM hash. The 0patch experts released a micropatch to address a zero-day vulnerability in Adobe Reader which could be exploited by threat actors to craft maliciously

Access 76

Access Security IT 76

OpenText Information Management

FEBRUARY 12, 2019

User adoption is a major factor in achieving successful enterprise software implementations, but one that is often missed. While much attention and investment goes into enterprise technology implementations, little thought is often given to the user experience and the user adoption process. When organizations commit to focusing on user adoption, they see a significantly reduced spend on … The post Improving user adoption with the right user experience appeared first on OpenText Blogs.

Digital transformation 74

Digital transformation 74

Threatpost

FEBRUARY 12, 2019

The affected SICAM 230 process control system is used as an integrated energy system for utility companies, and as a monitoring system for smart-grid applications.

Energy and Utilities 73

Energy and Utilities 73

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Thales Cloud Protection & Licensing

FEBRUARY 12, 2019

Wouldn’t you like to stop losing sleep worrying about what your AI team, partners and suppliers are doing with your data? Marvin Minsky is recognised as one of the founding fathers of artificial intelligence. Increasingly eccentric, anyone who spent time with him became aware that individuals are unpredictable. What makes humans predictable is behaviour in large numbers.

Artificial Intelligence 61

Artificial Intelligence Security Encryption Analytics 61

Dark Reading

FEBRUARY 12, 2019

Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.

Data breaches 79

Data breaches Personal data 79

WIRED Threat Level

FEBRUARY 12, 2019

State media has reported that Russia will attempt to disconnect from the global internet this spring. That's going to be tricky.

Security 73

Security 73

Dark Reading

FEBRUARY 12, 2019

Your organization is almost certainly on the lookout for threats from outside the company. But are you ready to address threats from within?

70

70

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Threatpost

FEBRUARY 12, 2019

Overall, Adobe patched 75 important and critical vulnerabilities - including a flaw that could allow bad actors to steal victims’ hashed password values.

Passwords 63

Passwords Security 63

Dark Reading

FEBRUARY 12, 2019

With their regularly scheduled Patch Tuesday updates, both companies issued fixes for scores of vulnerabilities in their widely used software.

Security 68

Security 68

Threatpost

FEBRUARY 12, 2019

Users of the popular plugin, Simple Social Buttons, are encouraged to update to version 2.0.22.

Security 80

Security 80

WIRED Threat Level

FEBRUARY 12, 2019

A hacker can accelerate Xiaomi M365 scooter—or hit the breaks—while a rider is on it.

IT 83

IT Security 83

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Threatpost

FEBRUARY 12, 2019

A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks.

Security 58

Security Cloud 58

OpenText Information Management

FEBRUARY 12, 2019

It’s funny how the world works. We recently wrote a blog on how AI in Financial Services can improve customer experience. Then, my bank showed me that there’s still some work to be done. Let me explain. Last week, I received a letter from my bank. It came as a bit of a surprise as … The post AI in Financial Services is growing, but there’s a way to go appeared first on OpenText Blogs.

Financial Services 54

Financial Services Customer Experience Digital transformation IT 54

Threatpost

FEBRUARY 12, 2019

In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack.

IT 72

IT Privacy 72