Krebs on Security

APRIL 11, 2019

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys , an additional authentication layer that helps thwart phishing sites and password theft. As first disclosed by KrebsOnSecurity last summer , Google maintains it has not had any of its 85,000+ employees successfully phished on their work-related acco

Security 230

Security Authentication Passwords Phishing 230

Data Breach Today

APRIL 11, 2019

Organization List Reasons Why It Believes Breach-Related Penalty Was Not Justified The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3 million HIPAA penalty levied against it last year by the Department of Health and Human Services following three data breaches was unlawful. What are the main arguments?

Data breaches 217

Data breaches IT 217

The Last Watchdog

APRIL 11, 2019

Digital transformation is all about high-velocity innovation. But velocity cuts two ways. Related: Obsolescence creeps into perimeter defenses. Yes, the rapid integration of digital technologies into all aspects of commerce has enabled wonderful new services. But it has also translated into an exponential expansion of the attack surface available to cyber criminals.

Metadata 103

Metadata Analytics Digital transformation Security 103

Data Breach Today

APRIL 11, 2019

New Google Feature Offers Advantages Over Its Titan Keys Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.

Security 187

Security IT 187

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

AIIM

APRIL 11, 2019

“Every organization is on — or should be on — a Digital Transformation journey.”. I would bet that this isn’t the first time you’ve heard that statement. At AIIM, we really believe in that statement, so we’ve been practically screaming it from mountain tops. We believe at the heart of this Transformation journey is the drive toward 1) understanding, anticipating, and redefining internal and external customer experiences.

Digital transformation 82

Digital transformation Customer Experience Records Management Libraries 82

erwin

APRIL 11, 2019

Keeping up with new data protection regulations can be difficult, and the latest – the General Data Protection Regulation (GDPR) – isn’t the only new data protection regulation organizations should be aware of. California recently passed a law that gives residents the right to control the data companies collect about them. Some suggest the California Consumer Privacy Act (CCPA), which takes effect January 1, 2020, sets a precedent other states will follow by empowering consumers to s

GDPR 100

GDPR e-Discovery Compliance Metadata 100

Data Breach Today

APRIL 11, 2019

Now Likely Faces Extradition to U.S. to Face Charges WikiLeaks founder Julian Assange, who released hacked emails from Hillary Clinton's campaign and other secret U.S. documents, was arrested in London Thursday at the request of U.S. authorities.

179

179

Hunton Privacy

APRIL 11, 2019

The European Commission (the “Commission”) has released a long-awaited study on GDPR data protection certification mechanisms (the “Study”). As we previously reported , the Commission announced its intention to look into GDPR certifications in January of 2018. The GDPR empowers the Commission to adopt delegated and implementing acts regarding certifications to specify the requirements and lay down technical standards for certification mechanisms.

GDPR 99

GDPR Marketing Privacy IT 99

Schneier on Security

APRIL 11, 2019

Kaspersky has released details about a sophisticated nation-state spyware it calls TajMahal: The TajMahal framework's 80 modules, Shulmin says, comprise not only the typical keylogging and screengrabbing features of spyware, but also never-before-seen and obscure tricks. It can intercept documents in a printer queue, and keep track of "files of interest," automatically stealing them if a USB drive is inserted into the infected machine.

IT 87

IT 87

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

APRIL 11, 2019

Tax season is marked with malware campaigns, tax fraud, and identity theft, with money and data flowing through an underground economy.

101

101

WIRED Threat Level

APRIL 11, 2019

WikiLeaks founder Julian Assange has been arrested, and now faces extradition to the United States. But not for leaking classified information.

Security 93

Security 93

Dark Reading

APRIL 11, 2019

The sandbox is an important piece of the security stack, but an organization's entire strategy shouldn't rely on its ability to detect every threat. Here's why.

Security 92

Security IT 92

Security Affairs

APRIL 11, 2019

According to a joint report published by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North Korea-linked Lazarus APT group is using a new Trojan in attacks. According to a joint report issued by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North Korea-linked Lazarus APT group is using a new Trojan in attacks in the wild.

Passwords 80

Passwords Ransomware Security IT 80

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

APRIL 11, 2019

The FBI and Department of Homeland Security release malware analysis report, indicators of compromise for nine different executable files.

Security 92

Security 92

IT Governance

APRIL 11, 2019

Critical infrastructure providers have been deluged by cyber attacks in the past two years, according to a Ponemon Institute study. Cybersecurity in Operational Technology: 7 Insights You Need to Know found that 90% of respondents from the UK, US, Germany, Australia, Mexico and Japan had been breached since 2017, with many organisations revealing they’d fallen victim to multiple attacks.

Energy and Utilities 79

Energy and Utilities GDPR Compliance Risk 79

Data Matters

APRIL 11, 2019

The Malaysia Personal Data Protection Act applies to all companies operating in Malaysia, as well as persons not established in Malaysia, if they use equipment in Malaysia for the processing of personal data otherwise than for the purposes of transit through Malaysia. Malaysia is planning to amend its data protection laws to introduce a data breach notification regime and a wide expansion of the rights of data subjects.

Data Privacy 68

Data Privacy Privacy Data breaches Personal data 68

The Guardian Data Protection

APRIL 11, 2019

Staff review audio in effort to help AI-powered voice assistant respond to commands When Amazon customers speak to Alexa, the company’s AI-powered voice assistant, they may be heard by more people than they expect, according to a report. Amazon employees around the world regularly listen to recordings from the company’s smart speakers as part of the development process for new services, Bloomberg News reports.

Privacy 76

Privacy Artificial Intelligence 76

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

APRIL 11, 2019

Amazon is under fire for its privacy policies after a Bloomberg report revealed that the company hires auditors to listen to Echo recordings.

Privacy 85

Privacy IT IoT 85

WIRED Threat Level

APRIL 11, 2019

A leadership void at DHS means the White House is calling the shots where it wants to, cybersecurity experts warn, and other agencies can muscle in where it won’t.

Cybersecurity 71

Cybersecurity Security IT 71

The Guardian Data Protection

APRIL 11, 2019

Victims of ‘administrative error’ say they are being treated as second-class citizens The Home Office has apologised to hundreds of EU citizens who applied for settled status in the UK after it accidentally shared their details. The Home Office sent about 240 personal email addresses in an email, which could amount to a breach of the Data Protection Act.

IT 68

IT 68

OpenText Information Management

APRIL 11, 2019

I recently watched Deepwater Horizon, a dramatization of the tragic drilling rig explosion and subsequent oil spill in the Gulf of Mexico in April 2010. In the movie, Mark Wahlberg’s character commented that “Hope ain’t a tactic.” This comment can serve as a reminder to corporate legal teams that they must have a strategy in … The post What corporate legal teams can learn from Deepwater Horizon appeared first on OpenText Blogs.

68

68

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

WIRED Threat Level

APRIL 11, 2019

With news that Amazon lets human employees listen to Alexa recordings, you might want to tighten up your smart assistant ship.

Security 81

Security 81

Threatpost

APRIL 11, 2019

A vulnerability in the Yuzo Related Posts WordPress plugin, used by 60,000 websites, is being exploited in the wild.

Security 85

Security 85

IT Governance

APRIL 11, 2019

Financial services firms must do more to educate employees about cyber security, according to the FCA (Financial Conduct Authority). In a report published last month , the FCA urged organisations to tackle staff awareness training at all levels, and to ensure the lessons are simple and appropriate to the environment that employees work in. The findings are the result of a discussion between 175 organisation, aiming to address security concerns in the fund and investment management, insurance, re

Retail 66

Retail Risk Education Financial Services 66

Security Affairs

APRIL 11, 2019

Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware. Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with a banking trojan and an information stealer. VSDC is a popular, free video editing and converting app and its website has over 1.3 million monthly visitors, for this reason, this incident may have potentially exposed a large number of pe

Passwords 64

Passwords Security IT 64

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

ITPro.TV

APRIL 11, 2019

Mobile devices have evolved from an employee’s personal phone to a critical tool for the ever-moving employee. Sometimes, it may be a company-issued device, but more often, companies are turning to a “bring your own device,” or BYOD model. With 87% of companies relying on their employees using personal devices to access business applications (Syntonic), … Continue reading CompTIA training for Mobile Devices → The post CompTIA training for Mobile Devices appeared first on ITProTV Blog

Access 62

Access IT Security 62

Dark Reading

APRIL 11, 2019

A new set of vulnerabilities may put some early adopters of strong Wifi security at greater security risk.

Security 82

Security Risk 82

The Texas Record

APRIL 11, 2019

“So what bills are you following this session?” That is a common question I get in my email inbox or from RMOs when I’m at meetings. It’s a great question. My answer is that our division is trying to identify and follow bills that have the potential to affect retention schedules either at an agency level or across state and local governments.

Records Management 61

Records Management Government IT 61