Data Breach Today
SEPTEMBER 11, 2018
76-Day Breach Slowly Exfiltrated Data From 51 Databases, GAO Report Reveals A newly released report from the U.S. Government Accountability Office on the massive 2017 Equifax data breach provides a postmortem look at what went wrong, centering on the credit bureau's identification, detection, segmentation and data governance, as well as a failure to rate-limit database requests.
Weissman's World
SEPTEMBER 11, 2018
Throughout my years of working with organizations on their information management and technology initiatives, I have often heard clients and vendors say “Where is the roadmap?” and “We need a roadmap.” My response is always the same: First you must know where you are. What is the current state? Next you must know where you […]. The post Need an Information Roadmap?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 11, 2018
Gerald Beuchelt of LogMeIn on Overcoming Implementation Challenges Password management is a critical component of a security strategy that some organizations still find challenging, says Gerald Beuchelt of LogMeIn Inc.
AIIM
SEPTEMBER 11, 2018
We once had an IT person who worked for us who took a page out of the old Saturday Night Live routine, Nick Burns -- Your Company’s Computer Guy , who guarantees to “fix your computer and then make fun of you.”. When one of us would bring to light an error that was obviously our fault, this fellow would confidently pronounce, “That looks like a user ID-10-T error,” at which point we would slink off, afraid to acknowledge that we didn’t know what an ID10T error was.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
SEPTEMBER 11, 2018
Why did CISOs at a half-dozen leading healthcare organizations launch a new council aimed at standardizing vendor security risk management? One of those CISOs, John Houston of UPMC, explains why the group was launched, how it will work and why managing cloud vendor risks is a top priority.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 11, 2018
Magecart Gang Tweaked Script on BA's Server to Scrape Card Data, Researchers Say The British Airways breach, in which up to 380,000 website and mobile users' payment card details were stolen, traces to card-scraping code injected into a script on the airline's website by the cybercrime group called Magecart, says security firm RiskIQ.
Hunton Privacy
SEPTEMBER 11, 2018
On September 4, 2018, the Department of Commerce’s National Institute of Standards and Technology (“NIST”) announced a collaborative project to develop a voluntary privacy framework to help organizations manage privacy risk. The announcement states that the effort is motivated by innovative new technologies, such as the Internet of Things and artificial intelligence, as well as the increasing complexity of network environments and detail of user data, which make protecting individuals’ privacy m
Data Breach Today
SEPTEMBER 11, 2018
Tonguc Yaman on the Need for Conducting Frequent 'Dry Runs' CISOs and CIOs must ensure their organizations plan for worst-case scenarios, conducting frequent "dry runs" of disaster recovery plans, says Tonguc Yaman, CIO of SOMOS, a New York Community Care Network, who formerly served as deputy CIO of Bellevue Hospital.
Thales Cloud Protection & Licensing
SEPTEMBER 11, 2018
Vincent Van Gogh is believed to have said “Great things are … done … by a series of small things brought together.” This aptly describes the Internet of Things (IoT), where many small things are coming together to shape what we all hope will deliver a great leap in the way we live and do business. In this blog, and in and accompanying interview with our colleague Daniel Hjort from Nexus Group, we discuss the challenges that industry faces to ensure safe deployment and management of IoT technolog
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
SEPTEMBER 11, 2018
Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on business-driven security.
Schneier on Security
SEPTEMBER 11, 2018
This is really interesting research: " BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid ": Abstract : We demonstrate that an Internet of Things (IoT) botnet of high wattage devices-such as air conditioners and heaters-gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid. In particular, we reveal a new class of potential attacks on power grids called the Manipulation of demand via IoT (MadIoT) attacks that can leverage such a bot
Data Breach Today
SEPTEMBER 11, 2018
Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on threat hunting,
IT Governance
SEPTEMBER 11, 2018
Data from Lloyds Bank has revealed a 58% increase in BEC (business email compromise) attacks in the year to date. It is important to note that the “true scale of the problem is likely to be much larger” as this is only reported fraud. Key findings. The average loss to a commercial customer is £27,000. One in five victims has had to make redundancies because of the financial impact.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Matters
SEPTEMBER 11, 2018
In the months following director William Hinman’s noteworthy speech on whether and when a digital asset is subject to securities laws, U.S. regulators have continued their stern warnings regarding the importance of compliance with the securities laws. This post highlights three important regulatory updates: On August 14, 2018, the Securities and Exchange Commission (SEC or Commission) issued an administrative order, In the Matter of Tomahawk Exploration LLC and David Thompson Laurance , takin
Hunton Privacy
SEPTEMBER 11, 2018
On September 5, 2018, the U.S. District Court for the Central District of California held that a class action arising from a 2016 Uber Technologies Inc. (“Uber”) data breach must proceed to arbitration. The case was initially filed after a 2016 data breach that affected approximately 600,000 Uber drivers and 57 million Uber customers. Upon registration with Uber, the drivers and customers entered into a service agreement that contained an arbitration provision.
IBM Big Data Hub
SEPTEMBER 11, 2018
Today's manufacturing organizations operate in a dynamic environment characterized by increased complexity and uncertainty. The financial performance of manufacturers hinges on their ability to rapidly adapt to constantly-changing conditions, from demand fluctuations to delivery challenges while managing production costs efficiently. Prescriptive analytics helps companies see where process improvements could have the biggest, most immediate impact on their bottom line.
National Archives Records Express
SEPTEMBER 11, 2018
Hurricane Florence is steadily pushing toward the mid-Carolinas according to the latest data from weather forecasters. The NOAA Forecast Map from earlier today posted below shows the likely path of this dangerous storm. Hurricane Florence is expected to make landfall later this week, possibly as a Category 4 hurricane. Hurricane Florence 5 Day Cone Forecast Map.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
SEPTEMBER 11, 2018
Security researchers have detailed how a criminal hacking gang used just 22 lines of code to steal credit card info from hundreds of thousands of British Airways customers.
Security Affairs
SEPTEMBER 11, 2018
Several anti-malware apps developed by Trend Micro have been removed from the Mac App Store because they were harvesting users’ browser history and other info. Several anti-malware apps developed by Trend Micro, including Dr Cleaner, Dr. Unarchiver, Dr Antivirus, and App Uninstall, have been removed from the Mac App Store after researchers discovered they were harvesting users’ browser history and other information.
WIRED Threat Level
SEPTEMBER 11, 2018
Security researchers have detailed how a criminal hacking gang used just 22 lines of code to steal credit card info from hundreds of thousands of British Airways customers.
Security Affairs
SEPTEMBER 11, 2018
An investigation conducted by researchers at RiskIQ revealed that the responsible of the British Airways data breach is a crime gang tracked as MageCart. The responsible of the recently disclosed British Airways data breach is a crime gang tracked as MageCart. The group has been active since at least 2015 and compromised many e-commerce websites to steal payment card and other sensitive data.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Adam Levin
SEPTEMBER 11, 2018
The Government Accountability Office released a report detailing last year’s massive Equifax data breach and how hackers were able to infiltrate the company’s systems to gain access to the personal information of at least 145.5 million individuals. According to the report, the hackers took advantage of a recently announced vulnerability in a web server technology called Apache Struts, which Equifax failed to patch or address and that left their systems vulnerable for weeks.
Threatpost
SEPTEMBER 11, 2018
Overall, the number of email fraud attacks per targeted company rose 25 percent from the previous quarter (to 35 on average) and 85 percent from the year-ago quarter.
Security Affairs
SEPTEMBER 11, 2018
Researchers demonstrated that it is possible to rapidly clone the wireless key fob of the expensive Tesla Model S and possibly other vehicles. The team of experts COSIC research group at the KU Leuven University in Belgium has devised a new relay attack against the Passive Keyless Entry and Start (PKES) system that is used by many cars to unlock the doors and start the engine.
Information Management Resources
SEPTEMBER 11, 2018
Reinvention and re-imagining the customer experience are at the center of transformation, and reinvention and mobile are almost always the “first screen” when it comes to customer experience.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Security Affairs
SEPTEMBER 11, 2018
Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. NoScript is a popular Firefox extension that protects users against malicious scripts, it only allows the execution of JavaScript, Java, and Flash plugins on trusted websites.
Dark Reading
SEPTEMBER 11, 2018
Magecart attackers hit airline with the same "digital skimmers" they used on the entertainment company in June, researchers say.
Security Affairs
SEPTEMBER 11, 2018
Adobe Patch Tuesday updates for September 2018 address a total of 10 vulnerabilities in Flash Player and ColdFusion, the good news is that none is severe. The Adobe Patch Tuesday updates for September 2018 addressed an important privilege escalation vulnerability (CVE-2018-15967) in Adobe Flash Player 30.0.0.154 and earlier versions. The successful exploitation of the flaw could lead to information disclosure. “Adobe has released security updates for Adobe Flash Player for Windows, macOS,
Expert insights. Personalized for you.
184 
Let's personalize your content