Fri.Aug 31, 2018

article thumbnail

Another example of email misuse

IT Governance

Another week, another example of an email using the Cc (carbon copy) field instead of the Bcc (blind carbon copy) field. This time, it was West Ham United Football Club. . The email was sent to a group of supporters regarding ticket allocations for an away football match. . Upon discovering the error, an attempt was made to recall the mass email – but the follow-up email apologising for the error resulted in the email addresses being shared again. .

article thumbnail

The Moral Responsibility of Social Networks

Data Breach Today

They're Not Just Transmitters of Content; They're the Megaphones Does social media fuel toxic politics and racial tension? We're still in the early of days of understanding the long-term effects of social media on society, but the early signs aren't good. It's time for social networks to take moral responsibility for content on their networks - even if they don't want it.

IT 124
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How ISO 27001 can help you achieve GDPR compliance

IT Governance

Anyone struggling with the EU GDPR (General Data Protection Regulation) should look no further than ISO 27001. It’s the international standard for information security, and its framework is close enough to the Regulation’s that many experts consider it a perfect launchpad for a GDPR compliance project. Certifying to the Standard means you’re already halfway to GDPR compliance, plus you’ll experience the general benefits of ISO 27001 certification.

GDPR 67
article thumbnail

Analysis: Russian Misinformation Campaign

Data Breach Today

The latest edition of the ISMG Security Report offers an update on how Russian bots and trolls are spreading misinformation on vaccines via social media - and the public health impact of the campaign. Plus: Tips on disaster recovery, internet of things security.

Security 113
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

I'm Doing a Reddit AMA

Schneier on Security

On Thursday, September 6, starting at 10:00 am CDT, I'll be doing a Reddit " Ask Me Anything " in association with the Ford Foundation. It's about my new book , but -- of course -- you can ask me anything. No promises that I will answer everything.

IT 66

More Trending

article thumbnail

MagentoCore Card Skimmer Found on Mass Numbers of E-Commerce Sites

Threatpost

The Magecart group is likely behind the most prolific card-stealing operation seen in the wild to date.

article thumbnail

Evolving to Quality 4.0 in Life Sciences

OpenText Information Management

Many exciting things took place at this year’s OpenText™ Enterprise World 2018. There was a great deal of excitement around the announcement of OpenText OT2, our next-generation hybrid-cloud EIM platform. Part of the OT2 announcement was the launch of OpenText Quality, our enhanced Quality Management System (QMS) for Life Sciences. It’s perhaps the first QMS designed … The post Evolving to Quality 4.0 in Life Sciences appeared first on OpenText Blogs.

Cloud 56
article thumbnail

Technology Strategies to Reduce False Positives

Data Breach Today

100
100
article thumbnail

Federal prosecutors indicted a 20-year-old man who built the Satori botnet

Security Affairs

A youngster (20) from Washington was indicted last week on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori. MalwareMustDie Team: “It’s time for every teenager or young man to know that playing with malware is the fastest way to finish in the jail”. Mirai , Mirai and again Mirai : after the source code has been leaked online gangs of teenagers have been engaged in a new playground.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I'm giving a book talk on Click Here to Kill Everybody at the Ford Foundation in New York City, on September 5, 2018. The Aspen Institute's Cybersecurity & Technology Program is holding a book launch for Click Here to Kill Everybody on September 10, 2018 in Washington, DC. I'm speaking about my book Click Here to Kill Everybody: Security and Survival in a Hyper-connected World at the Harvard Book Store in Cambridge, Massachuse

Privacy 50
article thumbnail

Bucking the Norm, Mozilla to Block Tracking Cookies in Firefox

Threatpost

Unlike its browser competitors, Firefox will soon start blocking tracking cookies by default in the name of consumer privacy.

Privacy 57
article thumbnail

Why Automation Will Free Security Pros to Do What They Do Best

Dark Reading

There are three reasons today's security talent pool is neither scalable nor effective in addressing the rapid evolution of cyberattacks.

article thumbnail

Winning with AI: Industry POV on how to change the game, part 2

IBM Big Data Hub

Ahead of the “Change the Game: Winning with AI,” a September, 13, 2018 event, we asked a virtual roundtable of analytics experts and analysts to wrestle with some of the core issues surrounding AI.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Weekly Update 102

Troy Hunt

A few little bits and pieces this week ranging from a new web cam (primarily to do Windows Hello auth), teaching my 8-year-old son HTML, progress with Firefox and HIBP, some really ridiculous comments from Namecheap re SSL (or TLS or HTTPS) and a full set of Pwned Passwords as NTLM hashes. I didn't mention it when I recorded, but there's already a bunch of sample code on how to dump your AD hashes and compare them to the Pwned Passwords list in the comments on that blog post.

article thumbnail

Data Breach: Air Canada Tells 1.7 Million Customers to Reset App Passwords

Adam Levin

Air Canada is advising customers to reset their passwords on their mobile application after detecting a potential data breach of customer records. In a notice, Air Canada says that a data breach it discovered last week impacted 20,000 profiles. However, the airline operator is urging all 1.7 million users to reset their passwords. “We detected unusual login behavior with Air Canada’s mobile App between Aug. 22-24, 2018.

article thumbnail

31 August Weekly Podcast: Air Canada, Huazhu Hotels, and West Ham FC

IT Governance

Hello and welcome to the IT Governance podcast for Friday the 31 st of August. Here are this week’s stories. North American Airline, Air Canada , suffered a data breach resulting in the suspected loss of thousands of its customers’ personal details. Air Canada detected unusual login activity last week and, took the decision to lock down all 1.7 million accounts, as a precaution.

article thumbnail

Eavesdropping on Computer Screens through the Webcam Mic

Schneier on Security

Yet another way of eavesdropping on someone's computer activity: using the webcam microphone to "listen" to the computer's screen.

Privacy 52
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Google Tracks Location Data Even When Users Turn Service Off, AP Report Finds

IG Guru

By Emily McCormick August 13, 2018, 11:45 AM EDT Updated on August 13, 2018, 2:16 PM EDT Google’s smartphone services store users’ locations even when privacy settings are adjusted to shut these features off, according to a report by the Associated Press. While the company asks permission for users to share location information on its applications, it doesn’t halt […].

Privacy 40
article thumbnail

Valuable and timely insight into digital literacy and learning

CILIP

? Valuable and timely insight into digital literacy and learning. Facet Publishing announce the publication of Digital Literacy Unpacked edited by Katharine Reedy and Jo Parker. This book brings together thought-leaders and experts in the field of digital literacy, providing a blend of research and practice across sectors. Digital Literacy Unpacked not only offers a snapshot of innovative approaches to digital literacy, but also intends to provoke discussion, encourage collaboration and inspire

article thumbnail

Donuts, Dinos, and Records: COSA/NAGARA/SAA 2018

The Texas Record

A few weeks ago Megan Carey and I were lucky enough to travel to attend the Joint Annual Meeting of Council of State Archivists ( COSA ), National Association of Government Archives and Records Administrators ( NAGARA ), and Society of American Archivists ( SAA ). Every four years, these organizations come together and host a large joint conference in Washington, D.C., and deliver jam packed days of educational sessions, networking, and donuts.

article thumbnail

Privacy and Cybersecurity September 2018 Events

HL Chronicle of Data Protection

Please join us for our September 2018 Privacy and Cybersecurity Events. September 11. GDPR One Stop Shop. Eduardo Ustaran is participating in DataGuidance’s webinar on “One Stop Shop under the GDPR.” Location : Webinar. September 13. Messaging Forum. Mark Brennan will lead a session at the CTIA Mobile World Congress Americas where he will discuss text messaging privacy and other regulatory issues.

Privacy 40
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

How Hackers Hit Printers

Dark Reading

New Booz Allen Hamilton report advises companies to include printers in their overall security strategy.

article thumbnail

ThreatList: Security Pros Confident They Could Compromise Their Own Orgs

Threatpost

Only a third believe it would be difficult or impossible to carry out a successful insider attack.

article thumbnail

Machine Identities Need Protection, Too

Dark Reading

A new study shows that device identities need a level of protection that they're not getting from most organizations.

43
article thumbnail

VPNFilter should compel IoT manufacturers to adopt a secure by design mindset

Information Management Resources

The VPNFilter Internet of Things botnet that Cisco Talos researchers recently discovered is the latest cyber security red flag for all IoT device manufacturers – and it’s an enormous flag.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Threatpost News Wrap Podcast For Aug. 31

Threatpost

This week's news includes a Microsoft zero-day flaw and Yahoo's recent email privacy snafu.

Privacy 41
article thumbnail

Vulnerable Web apps are hackers favorite means to access security perimeters

Information Management Resources

About three-quarters of successful perimeter breaches in 2017 were achieved using vulnerable Web applications, according to Kaspersky Lab’s analysis of penetration tests.

Access 31
article thumbnail

Digitizing the Castro Archaeological Site

Archives Blogs

In a recent collaboration with the Department of Anthropology, FSU’s Digital Library Center has digitized thousands of objects including photos, field notes, and other fascinating material produced during 2000-2002 of the Castro archaeological site located right here in Leon County, Florida. The Castro site was one of many Franciscan missions found in Northwest Florida.