Mon.Dec 30, 2019

article thumbnail

Mean Time to Hardening: The Next-Gen Security Metric

Threatpost

Given that the average time to weaponizing a new bug is seven days, you effectively have 72 hours to harden your systems before you will see new exploits.

article thumbnail

Fraud in the New Decade

Dark Reading

Like any enterprise that wants to survive, fraudsters and hackers will continue to build on past successes to fuel future growth

111
111
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Understanding the data downtime gap — and how to fix it

Information Management Resources

The growing dependence on information, plus the sheer amount of it, has led to something called the data downtime gap. Here's a look at what that is and how companies can address it.

IT 51
article thumbnail

Smart Home Device Maker Wyze Exposed Camera Database

Data Breach Today

Technical Data Plus Emails Made It Possible to Link Cameras to People Seattle-based smart home device maker Wyze says an error by a developer exposed a database to the internet over a three-week period earlier this month. The data included customer emails, nicknames of online cameras, WiFi SSIDs, device information and Alexa tokens.

IT 204
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

The United Kingdom Leaks Home Addresses of Prominent Brits

Adam Levin

2020 seems to be getting off to an inauspicious start with the compromise of the home addresses of prominent UK citizens–many of them in lines of work that could make them targets for crime. The UK Cabinet Office issued an apology after a data leak that involved the exact addresses (including house and apartment numbers) of more than 1,000 New Year Honours recipients.

More Trending

article thumbnail

Vladimir Putin ‘s computers still run Windows XP, Media reports

Security Affairs

Russia is one of the most advanced cyber states, but according to the media President Vladimir Putin ‘s personal PC is apparently still running Win XP. The news is curious and it probably has little real if not the fact that Vladimir Putin is not a super cyber security expert, although he knows its importance very well. According to the Russian website Open Media, President Putin’s computers in his office at the Kremlin office and at his official residence are still running Windows X

article thumbnail

Ready for the New York SHIELD Act?

Data Breach Today

New Law Expands Consumer Protections and Give AG Additional Oversight While CCPA has drawn the biggest headlines when it comes to new U.S. privacy laws, businesses and consumers should also take notice of New York's SHIELD Act, which goes into effect in March 2020. The law is expected to have impact on Wall Street firms and other financial institutions headquartered in the state.

Privacy 173
article thumbnail

How AI and Cybersecurity Will Intersect in 2020

Dark Reading

Understanding the new risks and threats posed by increased use of artificial intelligence.

article thumbnail

Job Search: Head of UK's National Cyber Security Center

Data Breach Today

As NCSC Head Ciaran Martin Steps Down, Other Countries are Emulating Model Wanted: A new chief executive to assume command of Britain's growing National Cyber Security Center, part of GCHQ. As Ciaran Martin departs, the successful NCSC model he helped create is being widely emulated in many countries. But the U.S. remains a notable holdout.

Security 147
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

2019 end-of-year review part 2: July to December

IT Governance

Welcome to the second part of our round-up of 2019’s information security stories. You can read the first part here >> July. The second half of the year began with major data privacy news: the UK’s data protection authority, the ICO (Information Commissioner’s Office), announced its intention to fine British Airways and Marriott International a combined £282.6 million for breaching the GDPR (General Data Protection Regulation).

article thumbnail

Do Breach Remediation Efforts Affect Patient Outcomes?

Data Breach Today

How do hospitals' efforts to bolster information security in the aftermath of data breaches potentially affect patient outcomes? Professor Eric Johnson of Vanderbilt University discusses research that shows a worrisome relationship between breach remediation and the delivery of timely patient care.

article thumbnail

6 CISO New Year's Resolutions for 2020

Dark Reading

We asked chief information security officers how they plan to get their infosec departments in shape next year.

article thumbnail

Should I Be Worried About the GDPR? – EDPB’S Guidelines on the GDPR’S Territorial Scope

HL Chronicle of Data Protection

Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume it should not affect non-EU companies. In others, companies apply the GDPR to all their processing activities just to avoid the possibility of being addressed by EU authorities.

GDPR 64
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Microsoft sued North Korea-linked Thallium group

Security Affairs

Microsoft sued Thallium North Korea-linked APT for hacking into its customers’ accounts and networks via spear-phishing attacks. Microsoft sued a North Korea-linked cyber espionage group tracked as Thallium for hacking into its customers’ accounts and networks via spear-phishing attacks. The hackers target Microsoft users impersonating the company, according to a lawsuit unsealed Dec. 27 in the U.S.

article thumbnail

Top Mobile Security Stories of 2019

Threatpost

Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost's Top 10 mobile security stories of 2019.

article thumbnail

UAE government denies using ToTok for mass surveillance

Security Affairs

The United Arab Emirates denied reports that the popular mobile app ToTok was used as part of a government massive surveillance program. According to a report recently published by the New York Times , the popular app ToTok was used by the UAE government as a surveillance tool. It has been removed from both Apple and Google online stores because authorities were using it to spy on its users, to track the conversations and movements.

article thumbnail

Hacking School Surveillance Systems

Schneier on Security

Lance Vick suggesting that students hack their schools' surveillance systems. "This is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine," he said. Of course, there are a lot more laws in place against this sort of thing than there were in -- say -- the 1980s, but it's still worth thinking about.

IT 89
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The resolution was sponsored by Russia and China and has alarmed rights groups that fear the bid could threaten online freedom.

article thumbnail

What the data scientist role will look like in 2020

Information Management Resources

As we move toward the future of automation, data scientists could potentially benefit immensely from the rise of artificial intelligence and machine learning.

article thumbnail

Wawa faces several lawsuits following a massive payment card breach

Security Affairs

Recently the Wawa convenience store chain disclosed a payment card breach, news of the day is that Wawa is facing lawsuits over the incident. The Wawa convenience store chain is facing a wave of lawsuits over a recent security breach that affected its 850 locations in the US. Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems.

article thumbnail

eRecords 2019: Using ECM Tools and Embracing Digitization

The Texas Record

To wrap up our 2019 eRecords blog recaps, we’ll look at two more sessions that discussed how to use software to streamline the management of government records. Using ECM Tools to Streamline Court Order and Subpoena Processing. John Rokenbrod is an educator and self-proclaimed “jack of all trades” He works for the Bryan Independent School District, which he described as fairly large and spread out considering the relatively small size of the city.

ECM 52
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Should I Be Worried About the GDPR? – EDPB’S Guidelines on the GDPR’S Territorial Scope

HL Chronicle of Data Protection

Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume it should not affect non-EU companies. In others, companies apply the GDPR to all their processing activities just to avoid the possibility of being addressed by EU authorities.

GDPR 52
article thumbnail

Strength in Numbers: Collibra in 2019

Collibra

Looking back on the final year of this decade, I’m amazed at all that Collibra has been able to accomplish. While receiving FedRAMP Authorization, JPMorgan Hall of Innovation induction and Series E funding are exciting and notable, it’s what we’ve achieved on the inside, together as One Collibra, that impresses me most. . I’ve always admired organizations that are able to fully put employees at the center, while simultaneously working towards their mission and reaching their goals.

52
article thumbnail

Three Ways to Bridge the F5 Talent Gap

Adapture

There’s a technology talent gap, and IT teams are feeling the strain. And for top technology solutions like F5 with already small talent pools available, bridging that cap is next to impossible. This F5 talent gap leaves companies without the necessary expertise to run their crucial cybersecurity solutions. F5 solutions are extremely robust, but that [ ] The post Three Ways to Bridge the F5 Talent Gap appeared first on ADAPTURE.

article thumbnail

IoT Company Wyze Leaks Emails, Device Data of 2.4M

Threatpost

The Internet of Things vendor confirmed that customer data was left unsecured on an Elasticsearch database.

IoT 62
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The Coolest Hacks of 2019

Dark Reading

FaceTime, acoustic cyber 'noise,' and building system worms were among the targets of resourceful white-hat hackers this year.

80
article thumbnail

Lawyers Leveraging Less Social Media to Balance Ethics Rules, Time Constraints via Law.com

IG Guru

This article discusses how lawyers must weigh and consider ethical rules and client confidentiality before every post. The post Lawyers Leveraging Less Social Media to Balance Ethics Rules, Time Constraints via Law.com appeared first on IG GURU.

article thumbnail

eRecords 2019: Using ECM Tools and Embracing Digitization

The Texas Record

To wrap up our 2019 eRecords blog recaps, we’ll look at two more sessions that discussed how to use software to streamline the management of government records. Using ECM Tools to Streamline Court Order and Subpoena Processing. John Rokenbrod is an educator and self-proclaimed “jack of all trades” He works for the Bryan Independent School District, which he described as fairly large and spread out considering the relatively small size of the city.

ECM 40