Data Breach Today
DECEMBER 12, 2018
Because Breached Businesses' 'Take Your Security Seriously' Is there anything better than being offered one year of "free" identity theft monitoring? Regularly offered with strings attached by organizations that mishandled your personal details, the efficacy and use of such services looks set for a U.S. Government Accountability Office review.
Krebs on Security
DECEMBER 12, 2018
Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair or not, a number of nascent efforts are using just such an approach to derive security scores for companies and entire industries.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 12, 2018
Enforcement Action is the Third in Recent Weeks, Eighth This Year In its third enforcement action in recent weeks, federal regulators have hit a Colorado medical center with a HIPAA fine in a case involving failure to terminate a former employee's remote access to patient data. Other organizations can use the case as a "teachable moment," one attorney advises.
The Last Watchdog
DECEMBER 12, 2018
Picture two castles. The first is impeccably built – state of the art, with impenetrable walls, a deep moat, and so many defenses that attacking it is akin to suicide. The second one isn’t quite as well-made. The walls are reasonably strong, but there are clear structural weaknesses. And while it does have a moat, that moat is easily forded. Related podcast: The case for ‘zero-trust’ security.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 12, 2018
Victims Objected to Terms Of Fraud Monitoring Agreement Breach victims who sign up for free fraud-monitoring services from breached businesses that lost control of their data often sign away their right to join class-action lawsuits or pursue other legal actions, and Marriott proved to be no exception, following its mega-breach. But it now appears to be backing off.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 12, 2018
The Role of Threat Intelligence in Cyber Resilience
Security Affairs
DECEMBER 12, 2018
Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. The flaw, tracked as CVE-2018-8611, is as a privilege escalation flaw caused by the failure of the Windows kernel to properly handle objects in memory. “An elevation of privilege vulne
Dark Reading
DECEMBER 12, 2018
Constant learning is a requirement for cybersecurity professionals. Here are 15 books recommended by professionals to continue a professional's education.
Security Affairs
DECEMBER 12, 2018
Some of the servers of the Italian oil and gas services company Saipem were hit by a cyber attack early this week. Saipem has customers in more than 60 countries, including Saudi Arabian oil and gas giant Saudi Aramco. It could be considered a strategic target for a broad range of threat actors. The attack has been identified out of India on Monday and primarily affected the servers in the Middle East, including Saudi Arabia, the United Arab Emirates, and Kuwait.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Schneier on Security
DECEMBER 12, 2018
Last week, Australia passed a law [link] the government the ability to demand backdoors in computers and communications systems. Details are still to be defined , but it's really bad. Note: Many people e-mailed me to ask why I haven't blogged this yet. One, I was busy with other things. And two, there's nothing I can say that I haven't said many times before.
Adam Levin
DECEMBER 12, 2018
A New York Times report about the ways smartphone apps track users and sell their location data (on a far greater scale than most customers realize) has gotten much deserved attention this week. One data sample obtained by the Times showed records of a company updating users’ locations up to 14,000 times a day in 2017. While many users allow location tracking on their mobile apps to enable tailored content such as weather or nearby restaurants, they are often unaware that their travel history an
Security Affairs
DECEMBER 12, 2018
A new variant of the Shamoon malware, aka DistTrack, was uploaded to VirusTotal from Italy this week, but experts haven’t linked it to a specific attack yet. Shamoon was first observed in 2012 when it infected and wiped more than 30,000 systems at Saudi Aramco and other oil companies in the Middle East. Four years later, a new version ( Shamoon 2 ) appeared in the threat landscape, it was involved in a string of cyber attacks aimed at various organizations in the Persian Gulf, including Saudi Ar
IBM Big Data Hub
DECEMBER 12, 2018
At QueBIT, our goal is to help organizations of all sizes unlock the full potential of their data, and make analytics accessible for small- and medium-sized businesses.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
OpenText Information Management
DECEMBER 12, 2018
OpenText™ Documentum™ excels at enabling companies to maintain control over their critical content, and leverage this content to enhance their business processes In the past month, we’ve announced the availability of OpenText Release 16 Enhancement Pack 5 (EP5) and OpenText Documentum 16.5. Within these releases are two key sets of features that make Documentum even more powerful … The post Driving Documentum forward with Release 16 EP5 appeared first on OpenText Blogs.
Dark Reading
DECEMBER 12, 2018
One out of every 100 emails an enterprise receives is a phishing scam, and the attackers behind them are getting more sophisticated.
OpenText Information Management
DECEMBER 12, 2018
In my previous blog, I looked at the explosive growth of digital twins. Estimates suggest the number of organizations using digital twins will triple by 2022. In this blog, I’m going to cover what you need to consider when creating a digital twin and the essential role of identity and access management (IAM) in addition … The post How do you create a digital twin?
Dark Reading
DECEMBER 12, 2018
Good password practices remain elusive as Dashlane's latest list of the worst password blunders can attest.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
DECEMBER 12, 2018
The trojan purports to be a battery optimization app - and then steals up to 1,000 euro from victims' PayPal accounts.
Dark Reading
DECEMBER 12, 2018
Ethical hackers use bug bounty programs to build the skills they need to become security professionals.
Threatpost
DECEMBER 12, 2018
Experts sound off on how companies can work with their third-party suppliers and partners to secure the end-to-end supply chain.
Dark Reading
DECEMBER 12, 2018
Security experts advise Mac users to deploy security suites to protect themselves from the growing threat.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Threatpost
DECEMBER 12, 2018
Operation Sharpshooter uses a new implant to target mainly English-speaking nuclear, defense, energy and financial companies.
Rippleshot
DECEMBER 12, 2018
This week’s data breach news covers two massive data breaches that have garnered attention on a national and international scale: Equifax and Marriott. The Equifax breach, believed to have impacted 148 million U.S. consumers, has made headlines since it was discovered in September of 2017. The latest report related to the incident comes from a 14-month congressional investigation that suggests that Equifax could have prevented the breach had they followed proper security measures.
Dark Reading
DECEMBER 12, 2018
McAfee finds malware associated with 'Operation Sharpshooter' on systems belonging to at least 87 organizations.
Threatpost
DECEMBER 12, 2018
The news comes amid reports that a Chinese intelligence-gathering effort was behind the massive Marriott hotel data breach.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Adam Shostack
DECEMBER 12, 2018
Thanks to the kind folks Digital Guardian for including my threat modeling book in their list of “ The Best Resources for InfoSec Skillbuilding.” It’s particularly gratifying to see that the work is standing the test of time.
Info Source
DECEMBER 12, 2018
MILIPITAS, Calif., Dec. 12, 2018 – ABBYY , a global provider of content intelligent solutions and services, today announced Rusty James has joined the company as the new Head of Partner Business for North America. He will be driving the development and execution of channel partnerships among value-added resellers (VARs), system integrators and independent software vendors (ISVs) to expand the use of ABBYY’s solutions throughout Canada, Mexico and the United States. .
Information Management Resources
DECEMBER 12, 2018
When it comes to data governance, professionals cannot merely assume what they did in 2018 will be sufficient moving forward. Here are six tips for managing and governing data in 2019.
Expert insights. Personalized for you.
185 
Let's personalize your content