Wed.Mar 04, 2020

article thumbnail

Payment Security: The Role of Behavioral Biometrics

Data Breach Today

Robert Capps of NuData Security Explains the Role of New Technologies Behavioral biometrics can play an important role in thwarting ever more sophisticated payment fraud schemes, says Robert Capps of Mastercard, who provides a fraud-fighting update.

Security 231
article thumbnail

MY TAKE: Why IoT systems won’t be secure until each and every microservice is reliably authenticated

The Last Watchdog

Wider use of Internet of Things systems that can make daily living safer, healthier and more convenient is on the immediate horizon. However, to fully capture the benefits of an IoT-centric economy, a cauldron of privacy and security concerns must first be quelled. Related : The promise and pitfalls of IoT At the technology level, two fundamental things must get accomplished.

IoT 131
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Application Security Imperative: Earlier Is Better

Data Breach Today

Maturing Toolsets and Markets Fuel 'Shift Left,' Says Patrick Carey of Synopsys Software development benefits from security checks being brought to bear early and often, but the blending of in-house and open source code has historically complicated that process, says Patrick Carey of Synopsys. Now, however, maturing toolsets and approaches are facilitating security checks, he says.

Security 182
article thumbnail

Google addresses over 70 flaws in Android, including a remotely exploitable issue

Security Affairs

Google’s March 2020 security updates for Android address over 70 flaws, including a critical vulnerability that affects the media framework. . Google’s March 2020 security updates for Android include the fix for a critical vulnerability, tracked as CVE-2020-0032, that affects the media framework as part of the 2020-03-01 security patch level. The 2020-03-01 security patch level fixed 11 vulnerabilities in framework , media framework, and system. .

Security 114
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Australia Took Military System Offline Over Hack Fears

Data Breach Today

Defense Department Says No Data Was Compromised Australia reportedly took a sensitive military recruiting database offline for 10 days in February following concerns it may have been compromised. The Defense Department says there's no evidence data was stolen.

Military 175

More Trending

article thumbnail

Senators Demand More Info on Google's 'Project Nightingale'

Data Breach Today

Project With Ascension Health System Raises Privacy Concerns Three U.S. senators are demanding more answers from Catholic healthcare system Ascension and Google over "Project Nightingale," which is part of a controversial data-sharing and cloud migration initiative that has raised concerns about sharing patient information without explicit permission.

Cloud 161
article thumbnail

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. Let’s Encrypt certificate authority (CA) is going to revoke over 3 million certificates today due to a vulnerability in software used to verify users and their domains before issuing a certificate.

article thumbnail

'SweynTooth' Cyber Flaws Could Affect Medical Devices

Data Breach Today

Other IoT Devices at Risk Include 'Smart Home' and Wearable Gear Federal regulators say newly identified cybersecurity vulnerabilities dubbed "SweynTooth" could pose risks to certain internet of things devices, including wearable health gear and medical devices, as well as "smart home" products from vendors who use Bluetooth Low Energy, or BLE, wireless communication tech.

IoT 161
article thumbnail

EDPB Publishes Contribution to the Evaluation and Review of the GDPR

Hunton Privacy

On February 24, 2020, the European Data Protection Board (“EDPB”) published general policy messages and a synthesis of the contributions and replies by its members – national data protection authorities (“DPAs”) – to the Questionnaire on the Evaluation of the EU General Data Protection Regulation (“GDPR”) sent by the European Commission (the “Contribution”).

GDPR 101
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Taming Regulations: Frameworks Needed More Than Ever

Data Breach Today

David Ogbolumani of IT Security Consultants on Compliance and Sustainability As organizations face having to demonstrate compliance with a broad range of regulations that have an IT and cybersecurity impact, the imperative is to adopt frameworks such as ISO 27001 and NIST 800-53, says David Ogbolumani, chief cybersecurity and privacy officer at IT Security Consultants.

article thumbnail

Time and cost savings for Marketing, Finance, and Sales with Jamf

Jamf

The second in a three-part series, we show the many tasks which Jamf solutions can simplify, speed up, automate and even eliminate: for all of your departments. This week: Finance, Marketing and Sales.

Sales 95
article thumbnail

Coronavirus Spread: Preparing for 'The Long Haul'

Data Breach Today

So far, there have been 92,000 reported cases of coronavirus globally, with 3,200 deaths. Global markets have been rocked, and major employers are revisiting their plans for staffing, travel and conferences. What do the numbers and trends mean? Pandemic expert Regina Phelps analyzes the latest developments.

Marketing 147
article thumbnail

The Perfect Travel Security Policy for a Globe-Trotting Laptop

Dark Reading

There are many challenges to safely carrying data and equipment on international travels, but the right policy can make navigating the challenges easier and more successful.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Let's Encrypt Vulnerability

Schneier on Security

The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code. "Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of your certificates.

article thumbnail

Iranian government blocked Wikipedia Farsi due Coronavirus outbreak

Security Affairs

The Coronavirus outbreak is a global emergency, in the last hours Iran is one of the countries with the highest number of infections and Wikipedia Farsi was blocked as fears spread. The NetBlocks internet observatory, which tracks disruptions and shutdowns, revealed that Iran has blocked access to the Farsi (Persian) language edition of the Wikipedia online encyclopedia since March 2nd, 2020.

article thumbnail

Most Cyberattacks in 2019 Were Waged Without Malware

Dark Reading

If the "malware-free" attack trajectory continues, it could mean major trouble for defenders, according to experts from CrowdStrike and other security companies.

Security 123
article thumbnail

IBM Cloud Pak for Data DataOps capabilities grow with innovative technology partners

IBM Big Data Hub

As an open, Kubernetes-based, data and AI platform, IBM Cloud Pak for Data integrates with an array of technology solutions that enhance organizations’ ability to make their data ready for AI.

Cloud 87
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Visser Precision, a part maker for Tesla, Boeing, and Lockheed Martin hit with data-stealing ransomware

Security Affairs

Data-stealing ransomware infected systems at Visser Precision, a parts maker for many enterprises, including Tesla, Boeing, and Lockheed Martin. Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. The company disclosed a ransomware attack that might have exposed data related to multiple business partners, including Tesla, SpaceX, Boeing and Lockheed Martin.

article thumbnail

EternalBlue Longevity Underscores Patching Problem

Dark Reading

Three years after the Shadow Brokers published zero-day exploits stolen from the National Security Agency, the SMB compromise continues to be a popular Internet attack.

article thumbnail

Critical Netgear Bug Impacts Flagship Nighthawk Router

Threatpost

Dozens of routers are patched by Netgear as it snuffs out critical, high and medium severity flaws.

IT 103
article thumbnail

Learning where and when you want

OpenText Information Management

In our rapidly evolving knowledge economy, many people try to stay up-to-date by continually learning new ways to work, communicate and collaborate. We stress the importance of learning to our employees and families, encouraging them to acquire and refine new skills. There are ample benefits to being a life-long learner, including enhanced self-confidence and achieving personal and … The post Learning where and when you want appeared first on OpenText Blogs.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Loyalty Cards Targeted in Tesco Clubcard Attack

Threatpost

Around 600,000 of the supermarket's 12 million loyalty program members have been warned about a cyberattack.

article thumbnail

ICO Fines Scottish Company Maximum Amount for Automated Calls

Hunton Privacy

On March 2, 2020, the UK Information Commissioner’s Office (“ICO”) fined CRDNN Limited, a lead generation company, £500,000—the maximum amount available for a breach of the Electronic Communications Regulations (“PECR”). The fine was imposed after CRDNN carried out over 193 million unsolicited automated direct marketing calls relating to window scrappage, window and conservatory sales, boiler sales, and debt management between June and October 2018.

Sales 71
article thumbnail

Microsoft OneNote Used To Sidestep Phishing Detection

Threatpost

A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger.

article thumbnail

The Best VPNs (2020): ExpressVPN, TunnelBear, Mullvad

WIRED Threat Level

A VPN won’t solve all of your privacy problems, but it can help make you a less tempting target for hackers.

Privacy 84
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Open Regulatory Consultations in the UK and the EU – Have Your Say

HL Chronicle of Data Protection

As highlighted by our new Privacy 2040 initiative, there have never been more opportunities to shape the existing and future privacy and cybersecurity legal framework. Consultations on draft guidance and surveys of various stakeholders are an important step in the production of new rules and materials, and the UK Information Commissioner’s Office (ICO) and the European Data Protection Board (EDPB) currently have a number of open consultations.

article thumbnail

7 Loyalty Program and Rewards App Attacks

Dark Reading

The number of attacks targeting loyalty and rewards programs is growing. Here are some of the lowlights.

76
article thumbnail

Two Out of Three Companies Haven’t Reviewed Their Breach Preparedness Plans: Cybersecurity Trends

eDiscovery Daily

The singer Meat Loaf (real name Marvin Lee Aday) had a song once called Two Out of Three Ain’t Bad. Well, in this case, it is. According to a new study, many companies haven’t updated their data breach plans since developing them, report a lack of adequate employee training on data protection, and still haven’t figured out how to guard cloud services and mobile devices.