Krebs on Security

AUGUST 12, 2019

The U.S. Securities and Exchange Commissio n (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned. First American Financial Corp. In May, KrebsOnSecurity broke the news that the Web site for Santa Ana, Calif.

Insurance 217

Insurance Access Authentication Cybersecurity 217

Data Breach Today

AUGUST 12, 2019

Move Generates Praise From Security Experts Apple is opening up its bug bounty program to all researchers, increasing the rewards and expanding the scope of qualifying products in a bid to attract tips on critical software flaws. The changes were announced at last week's Black Hat security conference in Las Vegas.

Security 200

Security IT 200

The Last Watchdog

AUGUST 12, 2019

In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments. From Atlanta to Baltimore to school districts in Louisiana, cyber criminals have launched a wave of ransomware attacks on governments across the country. Related: SMBs struggle to mitigate cyber attacks As city governments struggle to recover access to their data, hackers are already turning their sites on their next targets: small and medium-sized businesses (SMBs).

Cybersecurity 117

Cybersecurity Risk Insurance Government 117

Data Breach Today

AUGUST 12, 2019

Splunk's Haiyan Song Shares Insights on Addressing Emerging Threats Big data analytics can help security professionals stay ahead of emerging challenges in a rapidly changing threat landscape, says Splunk's Haiyan Song.

Big data 160

Big data Analytics Security 160

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

TAB OnRecord

AUGUST 12, 2019

This blog series highlights the components of a successful physical filing system. In part one we’ll introduce the concept of a complete filing system and take a look at the first three components, including storage equipment, containers and coding. Later, in part 2, we’ll look at the final two components which are file management tools [.] Read More.

Records Management 102

Records Management 102

AIIM

AUGUST 12, 2019

AIIM believes that every organization should be on a Digital Transformation journey and that Intelligent Information Management is the driver for that transformation. But how do you begin to put all of the pieces together into an approach that will make a difference? That is the subject of a new eBook from AIIM titled How to Become a Modern Records Manager (and a Business Enabler).

Records Management 86

Records Management Digital transformation Customer Experience Compliance 86

Data Breach Today

AUGUST 12, 2019

A new professional credential aims to help healthcare organizations bolster their security leadership bench strength, says William Brad Marsh, co-chair of a committee that developed the certification.

Security 145

Security 145

Security Affairs

AUGUST 12, 2019

The FBI is searching for contractors to monitor social media for potential threats, the announcement raises concerns for user privacy. The abuse of social media passwords for malicious purpose is quite common, for this reason, the FBI is searching for contractors to monitor them. However, monitoring activity could threaten user privacy and set up possible conflicts with social media giants, such as Facebook, over privacy. “The Federal Bureau of Investigation (FBI) intends to award a firm f

Privacy 100

Privacy Passwords Compliance Security 100

Data Breach Today

AUGUST 12, 2019

IBM's Etay Maor on Building an Effective Cybersecurity Strategy An important component of building an effective cybersecurity strategy is to understand the mindset of attackers, says IBM Security's Etay Maor, who offers insights.

Cybersecurity 142

Cybersecurity Security 142

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Schneier on Security

AUGUST 12, 2019

Interesting analysis: " Examining the Anomalies, Explaining the Value: Should the USA FREEDOM Act's Metadata Program be Extended? " by Susan Landau and Asaf Lubin. Abstract: The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake of the 9/11 attacks.

Metadata 84

Metadata Communications Paper Encryption 84

Data Breach Today

AUGUST 12, 2019

Study Identifies 40 Certified Drivers From 20 Vendors That Open the Door to Attacks Researchers from the security firm Eclypsium have identified 40 poorly designed drivers from 20 hardware and BIOS vendors that can give attackers numerous way to hack into various versions of Windows.

Security 134

Security 134

Security Affairs

AUGUST 12, 2019

Canon DSLR Camera Infected with Ransomware Over the Air. A researcher discovered 6 flaws in the image transfer protocol used in Canon EOS 80D DSLR cameras that allow him to infect the device with ransomware over the air. Security researcher Eyal Itkin from Check Point analyzed the Picture Transfer Protocol (PTP) implementation in Canon EOS 80D DSLR cameras and discovered six vulnerabilities that could be exploited for several attacks.

Ransomware 83

Ransomware Encryption Libraries Authentication 83

Data Breach Today

AUGUST 12, 2019

RiskIQ's Aaron Mog on the Need for a Security Rebirth The velocity of change at large corporations has made traditional IT security methods inadequate, but cloud-based solutions can play an important role, says Aaron Mog of RiskIQ.

Cloud 134

Cloud Security IT 134

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

AUGUST 12, 2019

A new initiative to pull data from social media platforms may clash with policies prohibiting the use of information for mass surveillance.

Privacy 94

Privacy 94

Security Affairs

AUGUST 12, 2019

Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations. The Cloud Atlas cyberespionage group, aka Inception, continues to carry out attacks against government organizations and was observed using a new piece of polymorphic malware dubbed VBShower. The Cloud Atlas was first observed by researchers at Kaspersky Lab back in 2014, at the time the group was targeting government, diplomatic and research organizations.

Cloud 80

Cloud Phishing Government Military 80

Dark Reading

AUGUST 12, 2019

Research presented at DEF CON shows that attackers can hijack Wi-Fi- and Bluetooth-connected speakers to produce damaging sounds.

88

88

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. Last week media reported the hack of StockX , the fashion and sneaker trading platform. A threat actor stole details of 6 million users, the stolen data includes user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords (salted MD5).

Passwords 76

Passwords Archiving Data breaches Sales 76

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

AUGUST 12, 2019

An elevation-of-privilege bug allows attackers to run any program on a target machine with high privileges.

Security 96

Security 96

IBM Big Data Hub

AUGUST 12, 2019

The best decisions are made by extracting value from all the disparate data across your business. Yet aggregating data across external sources, regional silos and various forms of storage is not an easy challenge to solve.

Cloud 72

Cloud 72

Threatpost

AUGUST 12, 2019

Threatpost breaks down the highs and lows from Black Hat 2019, from new vulnerabilities and industry collaboration to a scandal around a sponsored session.

Encryption 76

Encryption IoT Security 76

Jamf

AUGUST 12, 2019

Kyle Ericson, a systems engineer at a large manufacturing organization, explains how to easily move from an existing mobile device management (MDM) solution to Jamf.

MDM 73

MDM Manufacturing 73

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

AUGUST 12, 2019

New technique involves query hijacking to trigger a wide range of memory safety issues within the widely used database engine, Check Point says.

79

79

Jamf

AUGUST 12, 2019

Kyle Ericson, a systems engineer at a large manufacturing organization, explains how to easily move from an existing mobile device management (MDM) solution to Jamf.

MDM 73

MDM Manufacturing 73

Dark Reading

AUGUST 12, 2019

As businesses look to the future and invest in next-generation tools, here are some considerations for more effective planning.

82

82

The Texas Record

AUGUST 12, 2019

Earlier this year, former analyst Gina Cervantes and I were invited to the lovely Guenther Street office of the San Antonio River Authority (SARA) to present a class on managing electronic records. It was a lovely experience and a bond between TSLAC and SARA was forged. Andrew Glass talking about when Bulletin B rules kick in. Last month, SARA came up to Austin to visit TSLAC.

Archiving 66

Archiving Records Management Libraries Government 66

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

AUGUST 12, 2019

DHS, security experts worry about nation-state or other actors waging a disruptive or other attack on the 2020 election to sow distrust of the election process.

Risk 71

Risk IT Security 71

Threatpost

AUGUST 12, 2019

"Never trust, always verify" is a solid security concept -- but it's important to realize that putting it into practice can be complex.

Security 76

Security IT 76

Dark Reading

AUGUST 12, 2019

Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate.

Cybersecurity 77

Cybersecurity Security Government 77