Mon.Jul 09, 2018

article thumbnail

Tokenization: Ready for Prime Time

Thales Cloud Protection & Licensing

The digital transformation has changed how the world does business. It has created whole new enterprises and industries, but it has also left many organizations vulnerable to new and destructive threats. Digital transformation can and does deliver increased efficiencies, improved decision-making, lower costs, improved reach, and higher profits. But it also frequently relies on increasing amounts of personal and other sensitive data.

article thumbnail

The Worst Cybersecurity Breaches of 2018 So Far

WIRED Threat Level

There haven't been as many hacks and attacks compared to this time last year, but that's where the good news ends.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Cybersecurity Is Critical to Healthcare Innovation

Data Breach Today

Groups Offer Feedback on HHS's Plans for Workgroup Focused on Spurring Investments As the Department of Health and Human Services explores how to spur innovation and investment in the healthcare sector, cybersecurity is among top issues that need to be addressed, some industry organizations stress.

article thumbnail

How analytics superhero Mike Tamir uses data to fight fake news

IBM Big Data Hub

How can we always be sure the stories we’re reading are accurate? Is there an agenda to distort facts to change opinions? Does a story assert falsehoods, misquote its subjects or rely on hyperbole? In short: is the news we’re consuming the truth? Or is it “fake news?” Meet Mike Tamir, an analytics hero who uses data science to take fake news head-on.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

HealthEngine Offered $25 Gift Vouchers for Dental Invoices

Data Breach Today

Patients, Dentist Alarmed By HealthEngine, Which Claims It Had Consent Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.

Privacy 176

More Trending

article thumbnail

Bringing Vendor Risk Management to the Midmarket

Data Breach Today

A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.

Risk 113
article thumbnail

Data Breaches at Timehop, Macy's Highlight Need for Multi-Factor Authentication

Dark Reading

Names, email addresses, and some phone numbers belonging to 21 million people exposed in Timehop intrusion; Macy's incident impacts 'small number' of customers.

article thumbnail

The Battle for Data Integrity

Data Breach Today

Microsoft's Diana Kelley on How to Ensure Your Data's Reliability Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses the emerging topic of data integrity and how to preserve it.

IT 100
article thumbnail

PROPagate Code Injection Seen in the Wild

Schneier on Security

Last year, researchers wrote about a new Windows code injection technique called PROPagate. Last week, it was first seen in malware: This technique abuses the SetWindowsSubclass function -- a process used to install or update subclass windows running on the system -- and can be used to modify the properties of windows running in the same session. This can be used to inject code and drop files while also hiding the fact it has happened, making it a useful, stealthy attack.

IT 50
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Creating a Defensible Security Architecture

Dark Reading

Take the time to learn about your assets. You'll be able to layer in multiple prevention and detection solutions and have a highly effective security architecture.

article thumbnail

How to Solve the Developer vs. Cybersecurity Team Battle

Threatpost

InfoSec Insider Chris Eng tackles how companies can bring bridge the divide between software developers and cybersecurity teams to bring to market reliable and secure applications.

article thumbnail

Two More Convicted in $30M Massive Hacking, Securities Fraud Operation

Dark Reading

A former hedge fund manager and securities trader participated in a scheme that made $30 million by trading on information from stolen press releases.

article thumbnail

ABC7 Interview: Rippleshot Co-Founder Shares Gas Station Skimmer Tips

Rippleshot

Gas station skimmers have been a heated topic across the fraud management ecosystem for years. Since the EMV chip card compliance deadline isn’t until October 2020 — r oughly five years after the liability shift was implemented for merchants — this gap has left gas stations in the fraud spotlight. Just last week, heading into the July 4th holiday, the U.S.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Chinese Wind Turbine Manufacturer Gets Max. Fine for Source Code Theft

Dark Reading

Sinovel Wind Group has been sentenced for stealing trade secrets from the company formerly known as American Superconductor Inc.

article thumbnail

Polar Fitness App Exposes Location of ‘Spies’ and Military Personnel

Threatpost

The fitness app Polar Flow exposes the whereabouts of some of its high-profile users, including “spies” and those with sensitive positions in the military.

article thumbnail

6 M&A Security Tips

Dark Reading

Companies are realizing that the security posture of an acquired organization should be considered as part of their due diligence process.

article thumbnail

Timehop Data Breach Exposes 21 Million Users

Adam Levin

Timehop, an app for archiving social media activities, was breached on July 4. The breach compromised data for 21 million users from the company’s cloud environment including names, email addresses, and the phone numbers for roughly a quarter of them. In an email to their users, Timehop stated: “The damage was limited because of our long-standing commitment to only use the data we absolutely need to provide our service.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Automotive Privacy

Adam Shostack

[Update: clarified a sentence about whose privacy is touched, and where.]. I had missed the story “ Big Brother on wheels: Why your car company may know more about you than your spouse. ” There are surprising details, including that you might be able to shut it off, and the phrase “If a customer declines, we do not collect any data from the vehicle.

Privacy 40
article thumbnail

How To Determine What Your New DEF CON Group’s DCXXXX Number Will Be

Architect Security

(Reprinted from [link] As the DEF CON Groups Signaler (handling group communications), I wrote this to help all new DEF CON Groups community leaders in determining what their group name will be. ——————- How To Determine What Your New DEF CON Group’s DCXXXX Number Will Be by @aprilwright One of the most frequently asked questions […].

article thumbnail

Demand for One Hour Translation’s First of a Kind Hybrid Translation Service Shakes Up $40 Billion Global Translation Market

Info Source

The world of online translation is changing rapidly as a result of the growing penetration of Neutral Machine Translation (NMT) engines. One Hour Translation (OHT) is at the forefront of these changes being the first fully hybrid online translation service. To provide customers with the best product, OHT has partnered with the biggest names in the business: Amazon, Google, DeepL, Bing and other existing NMT engines that form the backbone of this rapidly expanding trend in the translation field.

article thumbnail

The Future of International Data Transfers

HL Chronicle of Data Protection

With the current focus on the coming into effect of the EU General Data Protection Regulation (GDPR), one could (almost) be forgiven for forgetting about the question of international data flows. However, given the political and legal developments currently affecting the future of international data transfers, that would be a very serious strategic mistake.

GDPR 40
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

U.S. states pass data protection laws on the heels of the GDPR

Data Protection Report

Several U.S. states have recently introduced and passed legislation to expand data breach notification rules and to mirror some of the protections provided by Europe’s newly enacted General Data Protection Regulation (“GDPR”). See our previous blog posts on GDPR here and here. Like their European counterparts, these state laws are intended to provide consumers with greater transparency and control over their personal data.

GDPR 40
article thumbnail

Insurers Sue Trustwave for $30M Over '08 Heartland Data Breach

Dark Reading

Lawsuit filed by Lexington Insurance and Beazley Insurance is in response to a Trustwave legal filing that called their claims meritless.

article thumbnail

Apple OS Update Lifts Curtain on iPhone USB Restricted Mode

Threatpost

Apple has officially added a controversial security feature, USB Restricted Mode, to iPhones as part of its new iOS 11.4.1, released on Monday.

article thumbnail

6 M&A Security Tips

Dark Reading

Companies are realizing that the security posture of an acquired organization should be considered as part of their due diligence process.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Timehop Breach Impacts Personal Data of 21 Million Users

Threatpost

A massive breach has impacted up to 21 million users' personal data and their social media "access tokens.".

article thumbnail

How organizations can develop an AI governance strategy

Information Management Resources

With the ability of artificial intelligence to arrive at its own conclusions, governance over the machines is critical for the sake of business executives and customers alike.

article thumbnail

Newsmaker Interview: Patrick Wardle Talks Apple Malware Flubs and Successes

Threatpost

Researcher brings Apple down to earth, addressing Mac malware questions and the company’s smart moves to bolster security.