Data Breach Today
FEBRUARY 25, 2020
Cybersecurity Agency Ranks Election Security and Ransomware as Biggest Threats The 2016 U.S. presidential election served as a wake-up call for lawmakers and the public about the threat that cyber attackers can pose to the country's democracy, CISA Director Christopher Krebs told the 2020 RSA Conference. Election security and ransomware remain his agency's two biggest concerns.
Weissman's World
FEBRUARY 25, 2020
If I heard it once, I heard it a dozen times since announcing my move to Valora Technologies the other week: “So, you’re going to work for a software company!” To which my response has been, “Kind of, but not really.” Now, it’s true that Valora has developed some (pretty amazing) software, but from where […]. The post Why I Didn’t Join a Software Company appeared first on Holly Group.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 25, 2020
CISOs Need to Share Their Success Stories While the cybersecurity industry has increasingly focused on the roles artificial intelligence and machine learning can play in thwarting attacks, the humans behind the algorithms remain both points of strength and weakness, says RSA President Rohit Ghai, who keynoted the RSA 2020 conference on Tuesday.
Data Protection Report
FEBRUARY 25, 2020
Outbreak of the coronavirus and personal data privacy. The fast-spreading coronavirus (Covid-19) has infected thousands of people in China and in over 20 other countries. This coronavirus outbreak, originating in Wuhan, a large city located in the central region of China, has been declared a Public Health Emergency of International Concern (PHEIC) by the World Health Organization.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 25, 2020
Malware-As-A-Service Offering Is Popular on Underground Forums, Researchers Say The operators behind the "Raccoon" infostealer Trojan have added new capabilities to this malware-as-service offering, which now has the ability to steal data from over 60 applications, according to researchers at the security firm CyberArk.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
FEBRUARY 25, 2020
Agile Development Calls for New Ways to Secure Cloud Services The increasing use of containers and orchestration tools, such as Kubernetes, are driving demand for new cloud security and application deployment processes, according to research from the according to research from the Cloud Security Alliance presented Monday at the RSA 2020 conference.
Elie
FEBRUARY 25, 2020
This talk provides a comprehensive analysis of the malicious documents that target users and corporate inboxes, an in-depth analysis of the latest evasion tactics used by attackers and what Google is doing about it.
Data Breach Today
FEBRUARY 25, 2020
'Phishing Continues to Be One of the Primary Breach Vectors in Healthcare' Yet another major phishing-related health data breach has been reported to federal regulators. This one potentially exposed the data of more than 100,000 patients at Bellevue, Washington-based Overlake Medical Center & Clinics.
Troy Hunt
FEBRUARY 25, 2020
Back in 2016, I wrote a blog post about the Martin Lewis Money show featuring HIBP and how it drove an unprecedented spike of traffic to the service, ultimately knocking it offline for a brief period of time. They'd given me a heads up as apparently, that's what the program has a habit of doing: I Just wanted to get in contact to let you know we're featuring 'have I been pwned?
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Hunton Privacy
FEBRUARY 25, 2020
On February 10, 2020, the Belgian Data Protection Authority (the “Belgian DPA”) published its Recommendation 1/2020 on data processing activities for direct marketing purposes (the “Recommendation”). With this Recommendation, the Belgian DPA aims to clarify the complex rules relating to the processing of personal data for direct marketing purposes, including by providing practical examples and guidelines to the different stakeholders involved in direct marketing activities.
HL Chronicle of Data Protection
FEBRUARY 25, 2020
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act). The Regulation and the Act both contain prescriptive cybersecurity requirements and new breach notification obligations for regulated organizations.
Adam Levin
FEBRUARY 25, 2020
The number of stalkerware apps detected on smartphones increased in 2019, a full 60% over the previous year according to a new report released by Kaspersky Labs. . The anti-virus company’s annual mobile malware report said stalkerware reports increased from 40,286 in 2019 to 67,500 in 2019, figures derived from data gleaned from Kaspersky product users that consented to provide statistical data for research purposes.
Schneier on Security
FEBRUARY 25, 2020
This is good news : Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can't be intercepted or hijacked in order to send a user to a malicious site. [.]. But the move is not without controversy.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
FEBRUARY 25, 2020
Experts discovered a leaking, active database with over 123 million records belonging to Decathlon Spain (and possibly Decathlon UK as well). Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). The unsecure archive is greater than 9GB in size and was published on an ElasticSearch server. “The vpnMentor cybersecurity research team, led by Noam Rotem
Hunton Privacy
FEBRUARY 25, 2020
In the final part of our Never Stop Learning podcast series, Lisa Sotto , partner and chair of Hunton Andrews Kurth’s Privacy and Cybersecurity practice, and Eric Friedberg, Co-President of Stroz Friedberg, LLC, and Aon’s Cyber Solutions Group, discuss practical solutions in preparing for a cyber incident. Most companies are no strangers to the consequences of a data breach.
Security Affairs
FEBRUARY 25, 2020
In this situation, ‘ Est security’ found malicious code disguised as a ‘Corona 19 real-time status’ inquiry program and asked the public’s attention. The malware found is an executable program (EXE) using file names such as ‘Corona’s domestic status’ and ‘Corona’s real-time corona status.’ When you run the file, you will see a pop-up window titled “Real-time Corona19 Status” depending on the variant.
Dark Reading
FEBRUARY 25, 2020
Take a comprehensive approach to better protect your organization. Security hygiene is a must, but also look at your risk posture through a data protection lens.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
FEBRUARY 25, 2020
Experts discovered a new critical remote code execution vulnerability in the OpenSMTPD that could allow hacking email servers running BSD or Linux. A new critical remote code execution vulnerability was discovered in the OpenSMTPD that could be exploited by attackers to take complete control over email servers running BSD or Linux operating systems.
WIRED Threat Level
FEBRUARY 25, 2020
Gmail users get 300 billion attachments each week. To separate legitimate documents from harmful ones, Google turned to AI—and it’s working.
Security Affairs
FEBRUARY 25, 2020
Security experts are warning of a new wave of attacks targeting a zero-day vulnerability in the popular Duplicator WordPress Plugin. Last week the development team behind the popular Duplicator WordPress plugin, the Snap Creek, addressed a zero-day vulnerability that affected at least 1 million websites. Now researchers at security firm WordFence are warning of a new wave of attacks attempting to exploit the vulnerability in the popular plugin.
Threatpost
FEBRUARY 25, 2020
The Department of Homeland Security and two U.S. military branches already had discontinued use of the app based on concerns over Chinese data-security and censorship practices.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Security Affairs
FEBRUARY 25, 2020
Google has released Chrome 80 update that addresses three high-severity vulnerabilities, one of them has been exploited in the wild. Google has released Chrome 80 update ( version 80.0.3987.122 ) that addresses three high-severity vulnerabilities, including a zero-day issue ( CVE-2020-6418 ) that has been exploited in the wild. The CVE-2020-6418 vulnerability is a type confusion issue that affects the V8 open source JavaScript engine used by the Chrome browser.
WIRED Threat Level
FEBRUARY 25, 2020
With the highly anticipated *Animal Crossing: New Horizons* and E3 on the horizon, Nintendo has become “increasingly aggressive” combating leaks over the last couple of months.
Security Affairs
FEBRUARY 25, 2020
Tech vendor Zyxel addresses a critical vulnerability in several network -attached storage (NAS) devices that is already being exploited in the wild. Zyxel has released security patches to address a critical remote code execution vulnerability, tracked as CVE-2020-9054, that affects several NAS devices. The flaw can be exploited by an unauthenticated attacker, it resides in the weblogin.cgi CGI executable that doesn’t correctly sanitize the username parameter passed to it. .
Threatpost
FEBRUARY 25, 2020
Google patches zero-day bug tied to memory corruptions found inside the Chrome browser's open-source JavaScript and Web Assembly engine, called V8.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
WIRED Threat Level
FEBRUARY 25, 2020
Lazarus Group hackers have long plagued the internet—using at least one tool they picked up just by looking around online.
Unwritten Record
FEBRUARY 25, 2020
2020 marks the long-awaited completion of the U.S. Army Signal Corps Historical Films digitization project. Boasting over 400 reels of film, Record Group 111 (Records of the Office of the Chief Signal Officer), Series H (Historical Films) has been digitized in its entirety and will be available in the National Archives catalog and National Archives YouTube channel.
Threatpost
FEBRUARY 25, 2020
The Ultimate Security Pros’ Checklist fully maps the core duties of common security positions, from the core technical security aspect to team management and executive reporting.
Expert insights. Personalized for you.
297 
Let's personalize your content