Tue.Oct 22, 2019

article thumbnail

Ransomware Hits B2B Payments Firm Billtrust

Krebs on Security

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. The company said it is in the final stages of bringing all of its systems back online from backups. With more than 550 employees, Lawrence Township, N.J.-based Billtrust is a cloud-based service that lets customers view invoices, pay, or request bills via email or fax.

B2B 114
article thumbnail

Facebook Shuts Misleading Accounts Ahead of 2020 Election

Data Breach Today

Newly Discovered Pages Tied to Russia, Iran Facebook has removed four networks - three from Iran and one from Russia - after its investigation revealed they were spreading misinformation regarding politics and news related to the 2020 U.S. presidential election. The action is part of a larger effort by the social media firm to clamp down on abuse.

IT 133
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Capturing Paper Documents - Best Practices and Common Questions

AIIM

What is Capture? Despite technology, most companies continue to struggle to manage the burden of paper in many important business processes. And while there are many technological approaches to digital transformation, the first step is often scanning. Also known as “capture,” this capability is characterized by the ability to scan paper documents to store and use them in digital form instead of paper.

Paper 91
article thumbnail

NordVPN Says Server Compromised Due to Misconfiguration

Data Breach Today

Security Expert Says Attacker Would Have Had 'God Mode' on VPN Node Virtual private network provider NordVPN says an error by its Finish data center provider allowed an attacker to gain control of a server, but it says its broader service was not hacked. One security expert, however, says the attacker would have had "God mode" on one VPN node.

Security 124
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

This post is the first in a three part series taking a deep dive into the five key articles of the Attorney General’s CCPA draft regulations: Article 2 on Notice to Consumers; Article 3 on Business Practices for Handling Consumer Requests; Article 4 on Verification of Requests; Article 5 on Special Rules Regarding Minors; and Article 6 on Non-Discrimination.

Privacy 60

More Trending

article thumbnail

Former Virginia Gov. Terry McAuliffe Joins Hunton as Global Strategy Advisor for Cybersecurity at the Centre for Information Policy Leadership

Hunton Privacy

Hunton Andrews Kurth LLP announced today that former Virginia Gov. Terry McAuliffe has joined the firm as global strategy advisor at the Centre for Information Policy Leadership (“CIPL”), the firm’s global privacy and cybersecurity think tank. McAuliffe will provide strategic counsel to CIPL, the firm, and clients with a particular focus on cybersecurity and privacy issues given his work and recognition in those fields during his governorship.

article thumbnail

Veterans' Data at Risk on Shared Network Storage Devices

Data Breach Today

OIG Report Highlights the Risks; Do Others Face Similar Challenges? Inadequately protected shared network storage devices at a Department of Veterans Affairs regional office left veterans' personal and health information vulnerable to ID theft, fraud and other compromises, according to a new report. Security experts say this kind of security lapse is common in other sectors.

Risk 113
article thumbnail

SnoPUD connects content to business processes to realize operational excellence

OpenText Information Management

At Enterprise World 2019 in Toronto, we hosted a panel with a few of our customers to discuss their various digital transformation journeys and how they’re supporting their organizational goals by deploying content services technologies. One of the panelists was Jill Stelter from Snohomish County PUD (aka SnoPUD), an electric and water utility company North … The post SnoPUD connects content to business processes to realize operational excellence appeared first on OpenText Blogs.

article thumbnail

Analysis: Draft CCPA Regulations Fail to Clarify Ambiguities

Data Breach Today

Draft regulations to carry out the California Consumer Protection Act do not go far enough to clarify ambiguities in the law, which goes into effect Jan. 1, 2020, says privacy attorney Sadia Mirza of the law firm Troutman Sanders, who encourages organizations to submit comments on the proposed regs.

Privacy 113
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Is Your Data Protection Ready for the Hybrid Data Center? [On-demand Webcast]

Quest Software

Going hybrid? Learn how to protect your data both on premises and in the cloud. This webcast prepares you to think about everywhere your data is now.( read more ).

Cloud 58
article thumbnail

It's Time to Get a Password Manager: Bitwarden, 1Password, Dashlane, LastPass

WIRED Threat Level

Your brain has better things to do than store secure passwords. Get a dedicated password manager to keep your login data synced and secure across all devices.

article thumbnail

Experts believe the Magecart Group 5 could be linked to the Carbanak APT

Security Affairs

Security experts linked the Magecart group 5 to the infamous Dridex banking Trojan and the Carbanak cybercrime group. Researchers at Malwarebytes found a link between a scheme associated with the Magecart group and Dridex phishing campaigns and the activities of the Carbanak group. . The Magecart group tracked as Magecart Group 5 , one of the most active crime gangs under the Magecart umbrella, appears to be connected to the Carbanak crime gang. .

article thumbnail

Public Voice Launches Petition for an International Moratorium on Using Facial Recognition for Mass Surveillance

Schneier on Security

Coming out of the Privacy Commissioners' Conference in Albania , Public Voice is launching a petition for an international moratorium on using facial recognition software for mass surveillance. You can sign on as an individual or an organization. I did. You should as well. No, I don't think that countries will magically adopt this moratorium. But it's important for us all to register our dissent.

Privacy 49
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

No ‘Silver Bullet’ Fix for Alexa, Google Smart Speaker Hacks

Threatpost

Karsten Nohl, who was behind this week's research that outlined new eavesdropping hacks for Alexa and Google Home, says that privacy for smart home assistants still has a ways to go.

Privacy 47
article thumbnail

Calculating the Benefits of the Advanced Encryption Standard

Schneier on Security

NIST has completed a study -- it was published last year, but I just saw it recently -- calculating the costs and benefits of the Advanced Encryption Standard. From the conclusion: The result of performing that operation on the series of cumulated benefits extrapolated for the 169 survey respondents finds that present value of benefits from today's perspective is approximately $8.9 billion.

article thumbnail

Security Affairs - Untitled Article

Security Affairs

German company Pilz, one of the world’s biggest producers of automation tools is still down after getting infected by ransomware more than a week ago. German firm Pilz was still down after getting infected by the BitPaymer ransomware more than a week ago, on October 13, 2019. “Since Sunday, October 13, 2019, all servers and PC workstations, including the company’s communication, have been affected worldwide,” reads the security advisory published by Pilz. “As a precaution

article thumbnail

How Much Security Is Enough? Practitioners Weigh In

Dark Reading

Most IT and security pros surveyed say they could afford some, but not all, of the minimum security needed to protect themselves.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Request for Feedback on the Universal Electronic Records Management Requirements

National Archives Records Express

We released the Universal Electronic Records Management Requirements in August 2017. These requirements marked the first major milestone in the Federal Electronic Records Modernization Initiative (FERMI). These requirements identify high level business needs for managing electronic records and come from existing NARA regulations, policy, and guidance. .

article thumbnail

Trend Micro Anti-Threat Toolkit could be used to run malware on Win PCs

Security Affairs

A vulnerability in the Trend Micro Anti-Threat Toolkit (ATTK) can be exploited by attackers to run malware on targets’ Windows systems. The security expert and bug-hunter John “hyp3rlinx” Page discovered an arbitrary code execution vulnerability, tracked as CVE-2019-9491, in the Trend Micro Anti-Threat Toolkit. Trend Micro ATTK allows analyzing malware issues and clean infections.

article thumbnail

Alliance Forms to Focus on Securing Operational Technology

Dark Reading

While mainly made up of vendors, the Operational Technology Cyber Security Alliance aims to offer security best practices for infrastructure operators and industrial partners.

article thumbnail

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. Security experts at vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. The data leak exposed sensitive personal information of thousands of users worldwide and hotel guests, along with a hotel and travel reservations. “Led by Noam Rotem and R

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Autoclerk Database Spills 179GB of Customer, US Government Data

Dark Reading

An open Elasticsearch database exposed hundreds of thousands of hotel booking reservations, compromising data from full names to room numbers.

article thumbnail

FTC Cracks Down on Stalkerware With Retina-X App Bans

Threatpost

The FTC has banned the sale of three apps - marketed to monitor children and employees - unless the developers can prove that the apps will be used for legitimate purposes.

Sales 42
article thumbnail

NordVPN Breached Via Data Center Provider's Error

Dark Reading

The VPN company said that one of its 3,000 servers in a third-party data center was open to exploitation through a misconfigured management tool.

IT 47
article thumbnail

Survey Finds People are Privacy Hypocrites

Threatpost

A report by HP found that most people admit to looking at others’ computer screens and documents in the workplace while still keeping their own privacy top of mind.

Privacy 42
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The DoorDash Data Breach – Third Certainty #7

Adam Levin

In the seventh episode of Third Certainty, Adam Levin explains the dangers of exposed personally identifiable information and shares some tips about how consumers can protect themselves. The post The DoorDash Data Breach – Third Certainty #7 appeared first on Adam Levin.

article thumbnail

The AI (R)evolution: Why Humans Will Always Have a Place in the SOC

Dark Reading

In cybersecurity, the combination of men, women and machines can do what neither can do alone -- form a complementary team capable of upholding order and fighting the forces of evil.

article thumbnail

A Look at the Partnership Between Hyland and Blue Prism

Info Source

At CommunityLIVE 2019, Hyland announced a partnership with Blue Prism, a leader in the RPA market. This comes a year after Hyland announced plans to develop its own RPA technology. “We are excited about the relationship with Blue Prism,” said Hyland CEO Bill Priemer. “Both companies have a lot of customer adoption on their own, but using the two technologies together is a very powerful concept.

ECM 40