Thu.Jan 30, 2020

article thumbnail

The Fractured Future of Browser Privacy

WIRED Threat Level

Better anti-tracking measures have become the norm for Chrome, Firefox, Safari, and other modern browsers. But they still disagree on how exactly they should work.

Privacy 82
article thumbnail

How to Secure Your IoT Ecosystem in the Age of 5G

Dark Reading

For businesses planning to adopt 5G, the sheer number of IoT devices creates a much larger attack surface.

IoT 85
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ethical Use of Data for Training Machine Learning Technology - Part 3

AIIM

This is the third part of a 3-part series on the Ethical Use of Data for Training Machine Learning Technology by guest authors Andrew Pery and Michael Simon. You can also check out Part 1 and Part 2 from this series. Part 3: Regulatory Efforts in the U.S. Present a Bleak Perspective. In the United States, governmental efforts to examine AI have made far less progress as compared to the E.U.

article thumbnail

Interior Dept. Grounds Drones Over Cybersecurity Concerns

Data Breach Today

Department Says Several Concerns Must Be Addressed The U.S. Department of the Interior this week announced that it has temporarily grounded all drone operations, except for emergencies, citing concerns over national security and cybersecurity. The agency is joining the U.S. Army and Navy in raising concerns about unmanned aircraft made in China.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

What’s the Current State of Data Governance and Automation?

erwin

I’m excited to share the results of our new study with Dataversity that examines how data governance attitudes and practices continue to evolve. Defining Data Governance: What Is Data Governance? . The 2020 State of Data Governance and Automation (DGA) report is a follow-up to an initial survey we commissioned two years ago to explore data governance ahead of the European Union’s General Data Protection Regulation (GDPR) going into effect.

More Trending

article thumbnail

Over 200K WordPress sites potentially exposed to hack due to Code Snippets flaw

Security Affairs

Over 200K WordPress sites are exposed to attacks due to a high severity cross-site request forgery (CSRF) bug in Code Snippets plugin. A high severity cross-site request forgery (CSRF) bug, tracked as CVE-2020-8417 , in Code Snippets plugin could be exploited by attackers to take over WordPress sites running vulnerable versions of the Code Snippets plugin.

Security 119
article thumbnail

Zoom Fixes Flaw That Could Allow Strangers Into Meetings

Data Breach Today

Check Point Guessed Valid Meeting IDs, Allowing for Snooping Conferencing service provider Zoom has fixed a vulnerability that - under certain conditions - could have allowed an uninvited third party to guess a meeting ID and join a conference call. The exploitation of the flaw revolves around guessing IDs for meetings that aren't password-protected.

Passwords 170
article thumbnail

Leaked confidential report states United Nations has been hacked

Security Affairs

A leaked confidential report from the United Nations revealed that dozens of servers belonging to United Nations were “compromised” at offices in Geneva and Vienna. An internal confidential report from the United N ations that was leaked to The N ew Humanitarian revealed that dozens of servers of the organization were “compromised” at offices in Geneva and Vienna.

Passwords 111
article thumbnail

Long-Awaited HHS Data Sharing Rules Raise Privacy Worries

Data Breach Today

EHR Vendor Epic Among Critics Raising Many Concerns About Pending Rules As the wait continues for federal regulators to issue final rules for health IT interoperability and information blocking prevention, some industry stakeholders are raising serious concerns about the privacy of patient data accessed and shared using application programming interfaces and mobile consumer apps.

Privacy 159
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Pentagon’s Warning on DNA Testing is Applicable to all Consumers

ARMA International

On December 23, Yahoo News [1] reported on a Department of Defense memo [2] warning military personnel that using direct-to-consumer (DTC) DNA testing could pose “personal and operational risks.” Notably, in its opening paragraph, the missive cites “unintended security consequences and increased risk to the joint force and mission.”. In other words, the Pentagon is concerned about hostile entities using such biometric data to better surveil and track the military.

Military 106
article thumbnail

Facebook Settles Facial Recognition Lawsuit for $550 Million

Data Breach Today

Plaintiffs Argued Company Violated Illinois' Biometric Privacy Law Facebook has agreed to pay $550 million to settle a class action lawsuit alleging the company violated Illinois law in collecting data for a facial recognition tool without users' consent.

Privacy 147
article thumbnail

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

Security Affairs

The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack , the news was reported by ZDNet. L ast week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. Electronic Warfare Associates p rovides electronic equipment to the US government, the list of customers includes the Department of Defense (DOD), the Department of Homeland Security (DHS), and the Department of Ju

article thumbnail

AlphaBay Moderator Pleads Guilty to Racketeering Charge

Data Breach Today

Former 'Scam Watcher' Could Face 20-Year Prison Term A former moderator for the now-defunct AlphaBay darknet marketplace site pleaded guilty this week to a federal racketeering charge and could face up to 20 years in prison.

147
147
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges

Threatpost

The manufacturers have issued BIOS updates to address the issues, but researchers warn DMA attacks are likely possible against a range of laptops and desktops.

Access 100
article thumbnail

OnDemand Webinar | Practical Steps to Determine Your Data Breach Risk

Data Breach Today

Understanding Data Breach Myth Vs. Reality. Watch this webinar OnDemand and learn three of the most common data breach myths.

article thumbnail

Check Point detailed two flaws in Microsoft Azure that could have allowed taking over cloud servers

Security Affairs

Check Point detailed two recently patched vulnerabilities in Microsoft Azure services that could have allowed hackers to take over cloud services. Check Point researchers have published technical details of two recently fixed flaws in Microsoft Azure that could have allowed hackers to take over cloud services. Azure App Service allows users to build and host multi-platform web apps, mobile back ends, and RESTful APIs in the programming language of their choice, without managing infrastructure.

Cloud 95
article thumbnail

Mark Warner Takes on Big Tech and Russian Spies

WIRED Threat Level

A former telecoms entrepreneur, the Virginia senator says that saving the industry (and democracy) might mean blowing up Big Tech as we know it.

IT 99
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

United Nations Data Breach Started with Microsoft SharePoint Bug

Dark Reading

A remote code execution flaw enabled a breach of UN offices in Geneva and Vienna, as well as the Office of the High Commissioner for Human Rights.

article thumbnail

Collating Hacked Data Sets

Schneier on Security

Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information , and then combined it with additional, publicly available information. No surprise: the result was much more detailed and personal. "What we were able to do is alarming because we can now find vulnerabilities in people's online presence very quickly," Metropolitansky said.

Passwords 121
article thumbnail

Facebook Agrees to Landmark 550 Million Dollar Settlement in BIPA Class Action

Hunton Privacy

Facebook disclosed on January 29, 2020, that it has agreed to pay $550,000,000 to resolve a biometric privacy class action filed by Illinois users under the Biometric Information Privacy Act (“BIPA”). BIPA is an Illinois law enacted in 2008 that governs the collection, use, sharing, protection and retention of biometric information. In recent years, numerous class action lawsuits have been filed under BIPA seeking statutory damages ranging from $1,000 per negligent violation to $5,000 per reckle

Privacy 88
article thumbnail

Drive secure volumes of data at scale with IBM Cloud Pak for Data and Figure Eight

IBM Big Data Hub

Cloud Pak for Data, IBM’s leading data and AI platform, partners with Figure Eight to help companies address this growing sensitivity around data and make sure that security lies at the heart of any data-driven AI strategy.

Cloud 85
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Facebook pays $550m settlement for breaking Illinois data protection law

The Guardian Data Protection

Tag Suggest feature broke rules by storing facial recognition imagery without permission from users Facebook has settled a lawsuit over facial recognition technology, agreeing to pay $550m (£419m) over accusations it had broken an Illinois state law regulating the use of biometric details. The settlement was quietly disclosed in the company’s quarterly results, released on Wednesday evening , which showed record revenues overall at the company, but also surging costs.

IT 75
article thumbnail

Cisco Small Business Switches affected by DoS and information disclosure flaws

Security Affairs

Cisco addressed high-severity flaws in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Cisco released security patches to addressed high-severity vulnerabilities in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Both issues could be exploited by remote, unauthenticated attackers, they were reported by Ken Pyle of DFDR Consulting.

article thumbnail

The DOJ Is Finally Suing US Telecom Providers for Robocalls

WIRED Threat Level

The defendants have allegedly connected hundreds of millions of fraudulent robocalls to US residents.

article thumbnail

Bezos, WhatsApp Cyberattacks Show Growing Mobile Sophistication

Threatpost

The recently disclosed Jeff Bezos phone hack and other incidents show that mobile devices are being increasingly targeted by sophisticated nation-state attackers.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

4 steps to getting practical about scaling AI for success

Information Management Resources

Organizations frequently ask how they can become great at scaling AI. Here’s what I’ve learned about the key elements to consider if you want to scale AI well, repeatedly.

article thumbnail

Iran-linked APT34 group is targeting US federal workers

Security Affairs

Iran-linked APT34 group has targeted a U. S. -based research company that provides services to businesses and government organizations. Security experts from Intezer observed targeted attacks on a US-based research company that provides services to businesses and government organizations. “Our researchers Paul Litvak and Michael Kajilolti have discovered a new campaign conducted by APT34 employing an updated toolset.

article thumbnail

Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition

Threatpost

The settlement in a case over the social network’s Tag Suggestions feature is the latest financial blow the company has taken over its handling of user privacy.

Privacy 72