The Last Watchdog

JANUARY 13, 2022

Last month’s $125 million Security and Exchange Commission (SEC) fine combined with the $75 million U.S. Commodity Futures Trading Commission (CFTC) fine against JPMorgan sent shockwaves through financial and other regulated customer-facing industries. Related: Why third-party risks are on the rise. According to a SEC release , hefty fines brought against JPMorgan, and its subsidiaries were based on “widespread and longstanding failures by the firm and its employees to maintain and preserve writ

Compliance 227

Compliance Customer Experience Communications Archiving 227

Hunton Privacy

JANUARY 13, 2022

In a letter addressed to certain members of the European Parliament (“MEPs”), European Commissioner for Justice Reynders refuted some of the criticism that has been raised against the Irish Data Protection Commissioner (“DPC”). Background. On December 6, 2021, the concerned MEPs sent a letter to Commissioner Reynders to raise concerns about how the DPC enforces the EU General Data Protection (“GDPR”) and applies the GDPR’s cooperation mechanism.

GDPR 133

GDPR IT 133

eSecurity Planet

JANUARY 13, 2022

An astonishing incident in recent days highlights the risks of widespread dependence on open source software – while also highlighting the free labor corporations benefit from by using open source software. Marak Squires, an open source coder and maintainer, sabotaged his repository to protest against unpaid work and his failed attempts to monetize faker.js and color.js , two major NPM packages used by a huge range of other packages and projects.

Libraries 129

Libraries Access Cloud IT 129

Dark Reading

JANUARY 13, 2022

While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another.

141

141

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Schneier on Security

JANUARY 13, 2022

Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation. New documents received by Motherboard show that over 100 of those phones were shipped to users in the US, far more than previously believed. What’s most interesting to me about this new information is how the US used the Australians to get around domestic spying laws: For legal reasons, the FBI did not monitor outgoing me

Communications 123

Communications Encryption Government IT 123

Threatpost

JANUARY 13, 2022

Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.

Cloud 114

Cloud Security 114

Security Affairs

JANUARY 13, 2022

Threat actors are actively abusing cloud services from Amazon and Microsoft to deliver RATs such as Nanocore , Netwire , and AsyncRAT. Threat actors are actively exploiting public cloud services from Amazon and Microsoft to spread RATs such as Nanocore , Netwire , and AsyncRAT used to steal sensitive information from compromised systems. The malware campaign was spotted by Cisco Talos in October 2021, most of the victims were located in the United States, Italy and Singapore.

Cloud 112

Cloud Ransomware Phishing Access 112

Threatpost

JANUARY 13, 2022

Since their release on Patch Tuesday, the updates have been breaking Windows, causing spontaneous boot loops on Windows domain controller servers, breaking Hyper-V and making ReFS volume systems unavailable.

Security 112

Security 112

Dark Reading

JANUARY 13, 2022

The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.

130

130

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JANUARY 13, 2022

Cisco fixed a critical privilege escalation vulnerability, tracked as CVE-2022-20658, in Unified CCMP and Unified CCDM. Cisco released security patches to address a critical privilege escalation vulnerability, tracked as CVE-2022-20658, in Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM).

Access 107

Access Security IT Cybersecurity 107

Hunton Privacy

JANUARY 13, 2022

On December 31, 2021, the French Data Protection Authority (the “CNIL”) imposed a €150,000,000 fine on Google and a €60,000,000 fine on Facebook (now Meta) for violations of French rules on the use of cookies. Background. On October 1, 2020, the CNIL published a revised version of its guidelines on cookies and similar technologies (the “Guidelines”), its final recommendations on acceptable methods for obtaining users’ consent to store or read non-essential cookies and similar technologies

GDPR 105

GDPR Privacy Government IT 105

Threatpost

JANUARY 13, 2022

Meanwhile, EtherumMax got sued over an alleged pump-and-dump scam after using celebs like Floyd Mayweather Jr. & Kim Kardashian to promote EMAX Tokens.

Security 111

Security 111

Security Affairs

JANUARY 13, 2022

Mozilla addressed18 security vulnerabilities affecting the popular Firefox web browser and the Thunderbird mail program. Mozilla released Firefox 96 that addressed 18 security vulnerabilities in its web browser and the Thunderbird mail program. Nine vulnerabilities addressed by the new release are rated high-severity, the most severe one is a race condition issue tracked as CVE-2022-22746. “A race condition could have allowed bypassing the fullscreen notification which could have lead to a

Risk 100

Risk Access Security IT 100

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

The Guardian Data Protection

JANUARY 13, 2022

Lawsuit claims company set ‘unfair price’ by taking users’ personal data without proper compensation Mark Zuckerberg’s Meta is being sued for £2.3bn in a class action lawsuit that claims 44 million Facebook users in the UK had their data exploited after signing up to the social network. The case argues that Meta has broken the 1998 Competition Act by setting an “unfair price” for Facebook’s UK users when they are given access to the service.

Personal data 96

Personal data Access IT 96

Dark Reading

JANUARY 13, 2022

The vulnerability was patched this week in Microsoft's set of security updates for January 2022.

Security 130

Security 130

Troy Hunt

JANUARY 13, 2022

I recorded this a week after Charlotte appeared with me, fresh out of isolation with a negative COVID test. However. 9 year old Elle had tested positive on Monday (albeit entirely symptomatic, so no idea how long she'd been positive) but hey, hopefully she'd be clear today. Yeah, nah and to top it off, 12 year old Ari was positive. Also entirely asymptomatic (and double-vaxed) so instead of ending today with our freedom, we're ending day 15 of our ongoing isolation in, well, more

IT 82

IT Security 82

WIRED Threat Level

JANUARY 13, 2022

The regime had a “banner year,” thanks to skyrocketing cryptocurrency values and a new generation of vulnerable startups.

Security 98

Security 98

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

JANUARY 13, 2022

Detecting infection traces from Pegasus and other APTs can be tricky, complicated by iOS and Android security features.

Security 134

Security 134

Threatpost

JANUARY 13, 2022

US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.

Military 86

Military IT Government Security 86

OpenText Information Management

JANUARY 13, 2022

There are many shifts happening in government in the year ahead, such as moving from a project-based to customer-oriented focus, the emergence of work-anywhere environments and actively addressing organizational infrastructure and design debts. These shifts underline the need for technologists to view problems through the lens of both the workforce and the customer.

Government 74

Government Cloud 74

Dark Reading

JANUARY 13, 2022

A series of attacks against small and medium-sized businesses has led to major cryptocurrency losses for the victims.

100

100

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

eDiscovery Daily

JANUARY 13, 2022

Though a more basic searching technique, keyword searches allow professionals to identify one or two specific words from multiple documents. Nowadays, keyword searches are considered inferior to the successor, predictive coding (TAR). In comparison to TAR, the “outdated” search method is more expensive and time-consuming. Keyword searches are also less predictable; when filtering through the same data set, keyword searches yield fewer results.

e-Discovery 78

e-Discovery Communications IT 78

IG Guru

JANUARY 13, 2022

Check out the article here. The post New HIPAA Regulations in 2022 via the HIPAA Journal appeared first on IG GURU.

Education 80

Education Risk Compliance Privacy 80

Threatpost

JANUARY 13, 2022

GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates.

Security 82

Security 82

Rocket Software

JANUARY 13, 2022

There may be several different associations that come to mind when we hear the word hybrid, but essentially, they all refer to a combination of multiple elements coming together to create something with the best possible capabilities. . In the past, businesses may have attempted to use a one-size-fits-all mentality to inform policies, strategies and structures because it felt more straightforward and simplistic.

Cloud 59

Cloud Marketing IT Communications 59

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

OpenText Information Management

JANUARY 13, 2022

The industry you work in has its own identity. While some may share characteristics with others, each vertical has a set of business challenges unique to it. Increasing customer engagement looks different at a utilities company than it does at a retail bank. That’s why OpenText creates Industry solutions, offerings made up of technology components … The post One size does not fit all appeared first on OpenText Blogs.

Retail 58

Retail IT 58

Hanzo Learning Center

JANUARY 13, 2022

Lawyers have a reputation—sometimes deserved, sometimes not—of being technophobic Luddites. While there are certainly exceptions, many lawyers resist change and avoid new technology. When change becomes inevitable, those same lawyers may complain about the disruption to their workflow or call IT to report frequent problems.

IT 57

IT Paper 57

Jamf

JANUARY 13, 2022

A new active threat has been identified, called 'SysJoker', that is affecting macOS devices in the wild. Read up on how Jamf Threat Labs has neutralized this security threat with updates to Jamf Protect and Jamf Threat Defense to prevent threats from this malware, including communication with C2 servers.

Communications 52

Communications Security 52