The Last Watchdog

OCTOBER 15, 2019

If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. Compromised logins continue to facilitate cyber attacks at all levels, from phishing ruses to credential stuffing to enabling hackers to probe deep inside of a breached network.

Passwords 129

Passwords Authentication Data breaches B2B 129

Krebs on Security

OCTOBER 15, 2019

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.

Sales 201

Sales Marketing Retail Government 201

Data Breach Today

OCTOBER 15, 2019

Law enforcement success inevitably sparks criminals to become more innovative, including shifting from centralized markets - such as Hansa and Wall Street Market - to encrypted and distributed marketplaces, says the University of Surrey's Alan Woodward.

Marketing 168

Marketing Encryption 168

Thales Cloud Protection & Licensing

OCTOBER 15, 2019

It is the year 2030, and you have had another busy day. As you finish what you thought would be your last espresso and grab your laptop to leave work, your colleague tells you that you need to stay late for an urgent meeting. Panic sets in, but you push past it and put a plan into motion. To pick your daughter up from school, you call a driverless car.

Security 113

Security Encryption Systems administration Access 113

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

OCTOBER 15, 2019

Amnesty International Says NSO Group Spyware May Have Been Used Hackers apparently used sophisticated spying tools to plant malware on the smartphones of two human rights activists in Morocco, according to Amnesty International.

164

164

Data Breach Today

OCTOBER 15, 2019

'All Options' Under Consideration for Recovery, Mailing Equipment Giant Says Pitney Bowes says it was infected by file-encrypting malware that has affected online accounts and mailing products but that client data doesn't appear at risk. The postage meter maker says "all options" are being considered for recovery, meaning the it could pay a ransom.

Ransomware 157

Ransomware Encryption Risk IT 157

Security Affairs

OCTOBER 15, 2019

Experts discovered a security policy bypass issue in the Sudo utility that is installed as a command on almost every Linux and Unix system. The Sudo utility that is installed as a command on almost every Linux and Unix system is affected by a security policy bypass issue tracked as CVE-2019-14287. The vulnerability could be exploited by an ill-intentioned user or a malicious program to execute arbitrary commands as root on a targeted Linux system, even if the “ sudoers configuration”

Passwords 92

Passwords Authentication Access Security 92

Data Breach Today

OCTOBER 15, 2019

In the wake of a federal appeals court ruling last year vacating a Federal Trade Commission enforcement action against LabMD, the FTC's data security consent orders are becoming far more detailed and rigorous, says former FTC attorney Julie O'Neill.

Security 157

Security 157

Schneier on Security

OCTOBER 15, 2019

Lots of them weren't very good : BSD co-inventor Dennis Ritchie, for instance, used "dmac" (his middle name was MacAlistair); Stephen R. Bourne, creator of the Bourne shell command line interpreter, chose "bourne"; Eric Schmidt, an early developer of Unix software and now the executive chairman of Google parent company Alphabet, relied on "wendy!!!" (the name of his wife); and Stuart Feldman, author of Unix automation tool make and the first Fortran compiler, used "axolotl" (the name of a Mexica

Passwords 84

Passwords 84

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

OCTOBER 15, 2019

Mastercard, Visa, PayPal Defect From Facebook's Libra Cryptocurrency The not-for-profit Libra Association, which would govern Facebook's new Libra cryptocurrency, launched Monday despite Visa, MasterCard and others dropping their participation. Meanwhile, Facebook CEO Mark Zuckerberg is scheduled to testify before Congress next week to address concerns about the project.

Government 153

Government 153

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. The Regulation comprises a list of rules which seek to ensure the safety of children’s personal data and promote a healthy upbringing for children.

Personal data 68

Personal data Privacy Compliance Cybersecurity 68

Data Breach Today

OCTOBER 15, 2019

FireEye Says Financial Hacking Group Is Deploying New Dropper and Payload Despite a crackdown on some of its members in 2018, the FIN7 gang has returned with new malicious tools, including a revamped dropper and payload, according to analysts at FireEye. The hacking group is known for targeting point-of-sale machines and IT networks at a wide variety of businesses.

Sales 138

Sales IT 138

Collibra

OCTOBER 15, 2019

Last month saw the introduction of Automatic Data Classification, a new machine learning (ML) powered feature in Collibra Catalog. This new feature increases the productivity of data stewards by automatically classifying data that is onboarded into our catalog. At Collibra, we believe that machine learning algorithms offer significant potential to enhance our products and improve our customers’ productivity.

Computer and Electronics 74

Computer and Electronics Metadata GDPR Communications 74

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Breach Today

OCTOBER 15, 2019

What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.

Privacy 138

Privacy Compliance Information Security Security 138

Collibra

OCTOBER 15, 2019

Last month saw the introduction of Automatic Data Classification, a new machine learning (ML) powered feature in Collibra Catalog. This new feature increases the productivity of data stewards by automatically classifying data that is onboarded into our catalog. At Collibra, we believe that machine learning algorithms offer significant potential to enhance our products and improve our customers’ productivity.

Computer and Electronics 74

Computer and Electronics Metadata GDPR Communications 74

Security Affairs

OCTOBER 15, 2019

Click2Mail.com, a US Postal Service affiliate partner, has suffered a data breach that exposed the personal information of its users. The US Postal Service affiliate partner Click2Mail has suffered a data breach that exposed the personal information of its users. The company allows its users to professionally print letters, flyers or postcards and deliver them in a business day at low prices.

Data breaches 72

Data breaches Communications Security IT 72

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. This isn’t just because the Regulation says so; it’s because risk assessments are essential for effective cyber security, helping organisations address an array of problems that, if left unchecked, could cause havoc.

GDPR 71

GDPR Risk Compliance Personal data 71

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

OCTOBER 15, 2019

The global shipping and mailing services company Pitney Bowes suffered a partial outage of its service caused by a ransomware attack. The Pitney Bowes company announced that a ransomware attack infected its systems and cause a partial system outage that made some of its service unavailable for some customers. Pitney Bowes is a global technology company that provides commerce solutions in the areas of ecommerce, shipping, mailing, data and financial services. “Pitney Bowes was affected by a

Ransomware 70

Ransomware Financial Services Access Encryption 70

The Schedule

OCTOBER 15, 2019

At the 1942 annual meeting of the Society of American Archivists, held in Richmond, Virginia, Philip C. Brooks read a paper entitled “ Current Aspects of Records Administration: The Archivist’s Concern in Records Administration.” Brooks served as the first secretary of SAA (1936-1942) and would later be president (1949-1951). He worked at the National Archives.

Records Management 68

Records Management Archiving Paper IT 68

Dark Reading

OCTOBER 15, 2019

Criminals are becoming more sophisticated and targeted in going after enterprise organizations, a new Q2/Q3 report finds.

Ransomware 81

Ransomware 81

Hunton Privacy

OCTOBER 15, 2019

On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130 , which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification number, or other unique identification number issued on a government document commonly used to verify the identity of a specific individua

Authentication 62

Authentication Military Government Cybersecurity 62

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

OCTOBER 15, 2019

New research finds it's now less than $10 for full credit details on a consumer, $100 for a distributed denial-of-service attack, and $50 for access to a US bank account.

Access 65

Access IT 65

Threatpost

OCTOBER 15, 2019

The bug allows users to bypass privilege restrictions to execute commands as root.

Access 89

Access 89

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. The group has been observed using new tactics, techniques, and procedures (TTPs), it is also using updated malware to evade detection.

Mining 58

Mining Cloud Security Access 58

Dark Reading

OCTOBER 15, 2019

Researchers following the ransomware variant uncover new data on how much its affiliates earn and where they spend it.

Ransomware 72

Ransomware IT 72

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Security Affairs

OCTOBER 15, 2019

Adobe has released out-of-band security updates to address a total of 82 security vulnerabilities that affect three products of the company. On Tuesday, Adobe released out-of-band security updates to address 82 flaws in Acrobat and Reader , Experience Manager , Experience Manager Forms , and Download Manager. Out of 82 security flaws, 45 vulnerabilities affecting Adobe Acrobat and Reader have been rated critical.

Security 55

Security Marketing Access Information Security 55

Dark Reading

OCTOBER 15, 2019

New research shows attacks increased ninefold year-over-year, coming from more than a quarter-million unique IP addresses.

IoT 71

IoT 71

OpenText Information Management

OCTOBER 15, 2019

Keeping your data and IT infrastructure safe and secure is more challenging than ever in today’s “zero-trust” world. But what does “zero-trust” mean? The reality when it comes to security today is that nothing is 100-percent protected. “Zero-trust” is the assumption that bad actors ARE planning to get your data and use it to their … The post Security in a zero-trust world appeared first on OpenText Blogs.

Security 55

Security IT Cybersecurity 55