WIRED Threat Level

JANUARY 15, 2020

California's new privacy law has spurred a torrent of online notices. But the law is also forcing changes offline, in traditional stores.

Privacy 61

Privacy Artificial Intelligence Security 61

Threatpost

JANUARY 15, 2020

There are five different pillars to implement when moving to a modern, zero-trust security model.

Security 107

Security IoT Cloud 107

Dark Reading

JANUARY 15, 2020

Enterprises currently consider the technology a best practice because of its flexibility, scalability, performance, and agility.

Security 48

Security IT 48

Information Management Resources

JANUARY 15, 2020

A large percentage of companies in the U.S. have a three-year window of survival if they fail at digital transformation, according to a new report from Kong.

Digital transformation 33

Digital transformation 33

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Data Breach Today

JANUARY 15, 2020

Federal Judge Gives Final Approval to Class Action Settlement Over 2017 Breach A federal judge in Atlanta has given final approval to a settlement that resolves a class action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history. The minimum cost to Equifax will be $1.38 billion.

Data breaches 235

Data breaches 235

Data Breach Today

JANUARY 15, 2020

Document Focuses on Secure Patient Records Access and Health Information Exchange HHS has issued a draft of a five-year strategic health IT plan that is largely focused on providing patients with secure access to their health information as well as supporting secure, interoperable health information exchange among providers.

IT 147

IT Access Security 147

Schneier on Security

JANUARY 15, 2020

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source.

Libraries 121

Libraries Cybersecurity Risk Security 121

Data Breach Today

JANUARY 15, 2020

Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their "peacetime" mindsets and adopt a "wartime" stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge?

Security 147

Security Cybersecurity 147

Adam Levin

JANUARY 15, 2020

An unsecured database discovered online has leaked thousands of baby photos and videos. . Bithouse, Inc. left unprotected and accessible online an Elasticsearch database containing nearly 100GB of information associated with its app Peekabo Moments. The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. .

Personal data 90

Personal data Data Privacy Privacy Access 90

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

JANUARY 15, 2020

Researchers Identify Poor Authentication Techniques for Prepaid Accounts A new Princeton University research paper finds that five major U.S. prepaid wireless carriers are leaving their customers open to SIM swapping attacks. The main culprit is weak account authentication procedures that attackers can easily exploit.

Authentication 124

Authentication Paper 124

Security Affairs

JANUARY 15, 2020

The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. The threat actors behind the Satan , DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’ The Bart Blaze believes that the threat actors have been working on the 5ss5c ransomware since at least November 2019, and likely the malicious code is still under development.

Ransomware 82

Ransomware File names Encryption Security 82

IT Governance

JANUARY 15, 2020

We recently hosted a webinar on ISO 27701 , the new standard in the ISO 27000 series that helps organisations understand their privacy requirements. Understandably, many viewers had questions at the end of the presentation. After all, ISO 27701 has significant consequences for the way organisations operate and how they approach the GDPR (General Data Protection Regulation) , and we couldn’t answer everything in the allotted time.

GDPR 80

GDPR Privacy Compliance Paper 80

Security Affairs

JANUARY 15, 2020

VMware has released security updates to address a local privilege escalation vulnerability in VMware Tools version 10 for Windows. VMware has released VMware Tools 11.0.0 that addresses a local privilege escalation issue in Tools 10.x.y tracked as CVE-2020-3941. The issue, classified as a race condition flaw that could be exploited by an attacker to access the guest virtual machine to escalate privileges. “A malicious actor on the guest VM might exploit the race condition and escalate thei

Access 81

Access Security Information Security 81

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

The Guardian Data Protection

JANUARY 15, 2020

Dating app accused of flouting GDPR law by passing personal data to ad firms but report says problem is endemic Twitter has suspended Grindr from its ad platform after a study claimed the dating app was passing significant amounts of private information to advertisers without explicit consent from users. The study, carried out by the Norwegian Consumer Council (NCC), found that the online advertising industry was “systematically breaking the law”, transmitting personal data and tracking users in

GDPR 74

GDPR Personal data IT Privacy 74

Dark Reading

JANUARY 15, 2020

Company agrees to set aside a minimum of $380.5 million as breach compensation and spend another $1 billion on transforming its information security over the next five years. The 147 million US consumers affected by the breach have one week from today to file a claim.

Data breaches 73

Data breaches Information Security Security IT 73

DXC Technology

JANUARY 15, 2020

The concept of multi-cloud is simple. You’re running multiple business processes using more than one cloud. This isn’t the same thing as hybrid cloud. With that model, you’re coordinating business processes across multiple clouds. So, for example, if your office program is Office 365, but you’re running line of business programs on Amazon Web Services, […].

Cloud 72

Cloud 72

Dark Reading

JANUARY 15, 2020

Honeypots are crucial tools for security researchers and security teams. Understanding what they are and what they can do can be critical for making them safe and useful for your organization.

Honeypots 69

Honeypots Security 69

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

JANUARY 15, 2020

P&N Bank discloses data breach, customer account information, balances exposed. The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, suffered a data breach and is reporting the incident to its customers, attackers have accessed personally identifiable information (PII) and sensitive account data.

Data breaches 64

Data breaches Passwords Access Security 64

Threatpost

JANUARY 15, 2020

Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack.

Authentication 75

Authentication Security 75

Security Affairs

JANUARY 15, 2020

49 million user records from US data broker LimeLeads were available for sale on a hacking forum. 49 million user records from US data broker LimeLeads were available for sale on a hacking forum, the data were exposed on an Elasticsearch server. Exposed LimeLeads data contains full name, title, user email, employer/company name, company address, city, state, ZIP, phone number, website URL, company total revenue, and the company’s estimated number of employees.

Sales 60

Sales Phishing Access Marketing 60

Adam Shostack

JANUARY 15, 2020

Spudnet is a new game to teach networking and security concepts. The creators were kind enough to send me a pre-production copy, and I can tell you – it looks and feels super solid, and, more importantly, it plays well. The Kickstarter has already met its goals, and while all Kickstarters have risk, the creators clearly have production down.

Risk 59

Risk Security IT 59

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

IBM Big Data Hub

JANUARY 15, 2020

Let’s be honest: no one wakes up in the morning excited to go through a procurement process. This reaction can be particularly true where data management is concerned. When quick responses to market changes are necessary, it’s essential to be able to adjust your architecture rapidly without procurement delays.

Marketing 55

Marketing 55

DXC Technology

JANUARY 15, 2020

by Michael Dahlweid, M.D., Ph.D. In an industry that’s above all about improving health and well-being, the future of how we innovate, work and implement breakthrough technologies inevitably starts and finishes with a human-centric approach. Before I delve into what this means from a healthcare perspective, first let’s consider the broader trends that DXC Technology […].

61

61

The Texas Record

JANUARY 15, 2020

In this blog series, TSLAC analysts highlight and extol the virtues of their favorite record series. Across 12 local retention schedules and 152 certified and unique state agency retention schedules, there are a lot of series to choose from for your favorite. My favorite holds an incredibly special place in my heart, for this series encapsulates the essence of good records management and the goal of accessibility.

Computer and Electronics 52

Computer and Electronics Access Records Management Marketing 52

CILIP

JANUARY 15, 2020

TITLE. About the Library. The 2nd Air Division USAAF Memorial Library is a unique organisation in the UK ? it is both a war memorial and a public library. One of our challenges is very simply explaining what we are to our British audience because the concept of a memorial library is so quintessentially American. The 2nd Air Division USAAF Memorial Trust is an international partnership now in its 75th year & the library it supports has been operational since 1963.

Libraries 52

Libraries Archiving Communications Marketing 52

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

The Texas Record

JANUARY 15, 2020

In this blog series, TSLAC analysts highlight and extol the virtues of their favorite record series. Across 12 local retention schedules and 152 certified and unique state agency retention schedules, there are a lot of series to choose from for your favorite. My favorite holds an incredibly special place in my heart, for this series encapsulates the essence of good records management and the goal of accessibility.

Computer and Electronics 52

Computer and Electronics Access Records Management Marketing 52

WIRED Threat Level

JANUARY 15, 2020

As the platform gains more mainstream popularity, illicit livestreams of soccer, boxing, and MMA matches have become trivial to find.

Security 56

Security 56

Threatpost

JANUARY 15, 2020

Threatpost talks to Venafi about the recently-disclosed Microsoft vulnerability and whether the hype around the flaw was warranted.

Government 55

Government 55