Krebs on Security

JULY 30, 2020

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards.

Security 357

Security Sales Encryption Risk 357

Data Breach Today

JULY 30, 2020

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky.

Ransomware 280

Ransomware Security 280

AIIM

JULY 30, 2020

You’ve been told that your information management project needs governance. Maybe you’ve even formed a governance committee. However, what is governance, anyway? If you’ve been in organizations for a while, you’re likely indoctrinated into the theory of control; however, that’s not what governance is about. Still, you must have governance, or you’ll end up with chaos.

Government 161

Government Metadata IT 161

Data Breach Today

JULY 30, 2020

'As a Country, We Really Haven't Sorted Out Privacy' In an exclusive, wide-ranging video interview, Don Rucker, M.D., HHS national coordinator for health IT, discusses why more work needs to be done to protect the privacy of health data as well as why the U.S. needs to ramp up secure health information exchange among clinicians.

Privacy 242

Privacy Data Privacy Security IT 242

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

erwin

JULY 30, 2020

ArchiMate is an enterprise architecture (EA) modeling language from The Open Group and used to communicate an organization’s enterprise architecture. Pronounced “ AR-ki-mayt” , the modeling language’s name comes from a compounding of “ archi tecture” and “ani mate.” The name conveys its aim to provide a way to visualize an organization’s EA. Unlike other modeling languages such as Unified Modeling Language (UML) and Business Process Modeling Notation (BPMN), ArchiMate is designed to be narrow in

Communications 138

Communications Marketing IT Risk 138

WIRED Threat Level

JULY 30, 2020

A WIRED investigation found dozens of channels belong to children apparently under 13, and anonymous chat participants sending inappropriate messages their way.

Security 109

Security 109

Data Breach Today

JULY 30, 2020

CRM Firm Admits Paying Ransom; Waited Weeks to Notify Victims Despite GDPR Rules Numerous unanswered questions persist concerning a ransomware outbreak at Blackbaud, which provides cloud-based marketing, fundraising and customer relationship management software used by thousands of charities, universities, healthcare organizations and others.

Ransomware 226

Ransomware GDPR Marketing Cloud 226

Security Affairs

JULY 30, 2020

A security researcher published the details about two Tor zero-day vulnerabilities and plans to release three more flaws. The security researcher Dr. Neal Krawetz has published technical details about two Tor zero-day vulnerabilities over the past week and promises to release three more. Oppressive regimes could exploit these Tor zero-day flaws to prevent users from accessing the popular anonymizing network.

Access 105

Access Security IT Information Security 105

Data Breach Today

JULY 30, 2020

Claroty Researchers Find Remote Access Tool Bugs Could Lead to Attacks Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.

Risk 199

Risk Access Security 199

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JULY 30, 2020

North Korea-linked hackers continue to be very active in this period, researchers reported a campaign aimed at the US defense and aerospace sectors. Security experts from McAfee uncovered a new cyber-espionage campaign carried out by North Korean hackers that targeted the US defense and aerospace sectors. Threat actors used fake job offers to deceive employees looking for new job opportunities and compromise the network of their organizations.

Military 93

Military Data collection Phishing Ransomware 93

Reltio

JULY 30, 2020

Improved customer experience (CX) is a key driver in the digital economy, and having optimal multi-domain Master Data Management (MDM) is a core prerequisite for delivering great CX. First, MDM underpins your insights into the following: Customer identity. Customer hierarchies. Customer locations. Customer transactions. Customer footprint on websites.

MDM 90

MDM Customer Experience Data structuring Privacy 90

Threatpost

JULY 30, 2020

The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet.

Cloud 117

Cloud IT Security 117

IG Guru

JULY 30, 2020

Check out this link to view the infographic and learn more about Brazil’s LGPD. The post Daniel Solove Releases Infographic of Brazil’s LGPD appeared first on IG GURU.

Risk 83

Risk Compliance Privacy 83

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

JULY 30, 2020

A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online.

Personal data 88

Personal data Data breaches Privacy Security 88

Dark Reading

JULY 30, 2020

With data privacy important to almost every American, more than two-thirds of those surveyed say they don't trust companies to ethically sell their data.

Data Privacy 114

Data Privacy Privacy 114

Threatpost

JULY 30, 2020

The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.

Authentication 106

Authentication Security 106

Schneier on Security

JULY 30, 2020

Fireeye is reporting that a hacking group called Ghostwriter broke into the content management systems of Eastern European news sites to plant fake stories. From a Wired story : The propagandists have created and disseminated disinformation since at least March 2017, with a focus on undermining NATO and the US troops in Poland and the Baltics; they've posted fake content on everything from social media to pro-Russian news websites.

Military 101

Military Cybersecurity 101

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

JULY 30, 2020

Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts.

Security 99

Security 99

Dark Reading

JULY 30, 2020

Cyber-incident response often addresses short-term needs, but we need to broaden the view of crisis management to be more forward-thinking.

86

86

Info Source

JULY 30, 2020

Delivers new way to quickly, efficiently and accurately capture and process high volumes of data, including more than 1,000 global IDs, in the cloud. IRVINE, Calif., July 28, 2020 – Ephesoft, Inc., a leader in intelligent data capture and enrichment solutions, today announced the release of Ephesoft Transact 2020.1.02 with enhancements to meet the growing global demand for nimble, cloud-based solutions to quickly and accurately capture and process high volumes of documents across hundreds

Cloud 59

Cloud ECM Digital transformation Government 59

Dark Reading

JULY 30, 2020

Appsec and cloud security skills are the most in demand, and a shortage of staff is wearing on security teams, a new study shows.

Security 87

Security IT Cloud 87

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Hunton Privacy

JULY 30, 2020

On July 28, 2020, German supervisory authorities ( Datenschutzkonferenz , the “DSK”) issued a statement reiterating the requirement for additional safeguards when organizations rely on Standard Contractual Clauses (“SCCs”) or Binding Corporate Rules (“BCRs”) for the transfer of personal data to third countries in the wake of the Court of Justice of the European Union’s (the “CJEU”) invalidation of the Privacy Shield Framework.

Personal data 59

Personal data GDPR Privacy IT 59

Dark Reading

JULY 30, 2020

Shadow travel businesses that depend on loyalty program fraud have been impacted just like the legitimate travel orgs they prey on.

82

82

Hanzo Learning Center

JULY 30, 2020

Anti-fraud expert, The Walden Pond's Vince Walden talks to experts about technology and compliance trends to help professionals have the latest insights to keep their compliance and fraud-detection programs relevant practical and timely.

Compliance 52

Compliance 52

Dark Reading

JULY 30, 2020

Apple, Google, and Mozilla will shorten the life span for TLS certificates in a move poised to aid security but cause operational troubles.

Security 78

Security 78

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

CILIP

JULY 30, 2020

Role of Library and Knowledge Specialists in Moving Education and Training Online. This is a statement by the Information Literacy Group, a special interest group of the CILIP, the library and information association. Our members come from a range of backgrounds, including significant numbers of librarians and knowledge specialists within Higher and Further Education Institutions, schools, and the health and voluntary sectors.

Libraries 52

Libraries Education 52

Dark Reading

JULY 30, 2020

What shape do you expect remote endpoints to be in when they start winging their way back to the office?

78

78

Zapproved

JULY 30, 2020

Corporate legal departments are reassessing existing data maps as newly distributed teams add remote work technology and virtual access. Here are some tips!

Access 52

Access 52