Wed.Sep 12, 2018

article thumbnail

U.S. Mobile Giants Want to be Your Online Identity

Krebs on Security

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. Here’s a look at what’s coming, and the potential security and privacy trade-offs of trusting the carriers to handle online authentication on your behalf.

article thumbnail

Google and EU Fight France Over 'Right to Be Forgotten'

Data Breach Today

Case Will Decide If Europeans' Privacy Rights Should Apply Worldwide Should Europe's "right to be forgotten" apply worldwide? That's the focus of a case before the EU's highest court, which has pitted proponents - including Austria and France - against Google, Microsoft and the European Commission, who argue that the EU law provision should only apply in Europe.

Privacy 133
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GDPR and The Data Governance Imperative

AIIM

This is the 12th post in a series on privacy by Andrew Pery. You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law.

GDPR 92
article thumbnail

FDA to Ramp Up Medical Device Cybersecurity Scrutiny

Data Breach Today

New OIG Report Spells Out Need for Better Premarket Reviews The Food and Drug Administration should increase its scrutiny of the cybersecurity of networked medical devices before they're approved to be marketed, a new government watchdog agency report says. FDA says it will carry out the report's recommendations.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Understanding IoT Security Challenges – An Interview with an Industry Expert

Thales Cloud Protection & Licensing

The Internet of Things (IoT) is rapidly growing and expected to affect all industry verticals as well as our private lives. It is no secret that security plays a very important part in the successful deployment and management of this technology, and its applications are set to transform the way we live and do business. In this blog, we reached out to our technology partner Nexus to better understand the challenges that the industry faces to ensure safe deployment and management of IoT technologi

IoT 92

More Trending

article thumbnail

Has the cause of the BA data breach been identified?

IT Governance

Last week it was announced that the personal and financial details of 380,000 British Airways customers had been stolen by cyber criminals. The latest news reports claim that the cause of the data breach has been identified by a RiskIQ researcher, who has analysed the code from BA’s website and app. They say that there is evidence of a “skimming” script designed to scrape data from online payment forms.

article thumbnail

New PyLocky Ransomware stands out for anti-machine learning capability

Security Affairs

Security experts from Trend Micro have spotted a new strain of ransomware involved in attacks in July and August, the malicious code was posing as the Locky ransomware. Researchers at Trend Micro have detected a new ransomware family, dubbed PyLocky, that was used in attacks between July and August, the malware was posing as the Locky ransomware using its ransom note.

article thumbnail

“Cryptoassets are here to stay”: EU Authorities to Provide Guidance on Cryptocurrencies and ICOs

Data Matters

On September 4, the Innovation Group of the European Parliament’s Committee on Economic and Monetary Affairs met to discuss a proposal presented by the rapporteur Ashley Fox, 1 member of the European Parliament, to include a framework for initial coin offerings (ICOs) within the proposed European Union (EU) financial services regulatory regime for crowdfunding 2 (see European Commission (Commission) proposal COM(2018) 113 final). 3.

article thumbnail

PowerShell Obfuscation Ups the Ante on Antivirus

Threatpost

The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods.

IT 78
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

8 Cryptomining Malware Families to Keep on the Radar

Dark Reading

Cryptojacking attacks at the hands of cryptomining malware is on the rise as these variants of Trojans, worms, and exploit kits make their rounds.

74
article thumbnail

Application Security: How to Secure the Many Apps in Your Enterprise

eSecurity Planet

These step can help organizations find and fix security vulnerabilities in applications, whether from third parties or developed in-house.

article thumbnail

4 Trends Giving CISOs Sleepless Nights

Dark Reading

IoT attacks, budget shortfalls, and the skills gap are among the problems keeping security pros up at night.

IoT 76
article thumbnail

Security Vulnerability in Smart Electric Outlets

Schneier on Security

A security vulnerability in Belkin's Wemo Insight "smartplugs" allows hackers to not only take over the plug, but use it as a jumping-off point to attack everything else on the network. From the Register : The bug underscores the primary risk posed by IoT devices and connected appliances. Because they are commonly built by bolting on network connectivity to existing appliances, many IoT devices have little in the way of built-in network security.

IoT 61
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Mobile Attack Rates Up 24% Globally, 44% in US

Dark Reading

One-third of all fraud targets are mobile, a growing source of all digital transactions.

78
article thumbnail

UK: ICO CLARIFIES POSITION IN RESPECT OF INTERNATIONAL TRANSFERS UNDER THE GDPR

DLA Piper Privacy Matters

The UK’s supervisory authority for data protection, the Information Commissioner’s Office (“ ICO “), has published guidance in relation to international transfers under the GDPR. Of particular interest is the ICO’s stated position that a transfer of personal data to a non-EEA data importer does not constitute a restricted transfer in cases where the General Data Protection Regulation (“ GDPR “) applies directly to the processing which will be undertaken

GDPR 53
article thumbnail

New Study Details Business Benefits of Biometrics

Dark Reading

Biometric authentication can be good for security and for business, according to a new study from Goode Intelligence

article thumbnail

Leading companies redefining tomorrow

OpenText Information Management

Industries worldwide are transforming at a speed never before experienced, adapting and deploying new technologies such as AI and IoT to stay competitive, to deliver compelling customer experience and be part of the incredible new world that digital can enable. At OpenText™, we believe that information and data is at the very heart of this … The post Leading companies redefining tomorrow appeared first on OpenText Blogs.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Malware Campaign Targeting Jaxx Wallet Holders Shut Down

Dark Reading

A site spoofing the official Jaxx website was discovered packing several infections for Windows and Mac machines, and has been shut down.

58
article thumbnail

Cyber Defense Magazine – September 2018 has arrived. Enjoy it!

Security Affairs

We hope you enjoy this month’s edition…packed with 100+ pages of excellent content. InfoSec Knowledge is Power. We have 6 years of eMagazines online with timeless content. Visit our online library by clicking here. Please tell your friends to subscribe – no strings , always free emagazines: FLIPBOOK. [link]. PDF. [link]. MOBILE.

IT 50
article thumbnail

Modular Malware Brings Stealthy Attacks to Former Soviet States

Dark Reading

A new malware technique is making phishing attacks harder to spot when they succeed.

article thumbnail

Microsoft Patch Tuesday updates for September 2018 also address recently disclosed Windows zero-day

Security Affairs

Microsoft Patch Tuesday updates for September 2018 address over 60 vulnerabilities, including the recently disclosed zero-day flaw. Microsoft Patch Tuesday updates for September 2018 address 61 vulnerabilities in Internet Explorer (IE), Edge, ChakraCore, Azure, Hyper-V, Windows components,NET Framework, SQL Server, and Microsoft Office and Office Services.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Osiris Banking Trojan Displays Modern Malware Innovation

Threatpost

Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years.

IT 50
article thumbnail

September 2018 Security Notes address a total of 14 flaws in SAP products

Security Affairs

SAP today just released the September 2018 set of Security Notes that address a total of 14 flaws in its products, including a critical flaw in SAP Business Client. The September 2018 Security Patch Day includes other 13 Security Notes, three were rated High severity, 9 Medium risk, and 1 Low severity. SAP also released 8 Support Package Notes, The critical vulnerability in SAP Business Client addressed by SAP was rated as Hot News and received a CVSS score of 9.8.

article thumbnail

Dreaming of flying cars?

IBM Big Data Hub

Lunewave's Hao Xin writes, "As a kid, I dreamed about the flying cars and jetpacks that would hopefully define our future lives. Up until recently, the technology that could make them even remotely possible was both expensive and difficult to manufacture. Now, thanks to 3-D printing and machine learning, engineers can quickly and cost effectively design, test and commercialize new designs, making the era of autonomous vehicles — yes, even flying cars — closer to reality than ever.".

article thumbnail

Creators of Tools for Building Malicious Office Docs Ditch Old Exploits

Dark Reading

In their place is a collection of new exploits for more recently disclosed - and therefore not likely widely patched - vulnerabilities.

51
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Here’s a Webcast to Help You Prepare for Litigation Before it Happens: eDiscovery Webcasts

eDiscovery Daily

Information Governance (IG) has always been part of the eDiscovery landscape and it has always been important for reducing the population of potentially responsive electronically stored information (ESI) that might be subject to litigation by helping organizations adopt best practices for keeping their information “house in order”. But now with an increased concentration on the two-fold concerns of privacy and security, IG has become more important than ever.

article thumbnail

Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw

Threatpost

A flaw in Safari - that allows an attacker to spoof websites and trick victims into handing over their credentials - has yet to be patched.

article thumbnail

Announcing the PRISM International Writer’s Challenge

IG Guru

In academia the mantra is “publish or perish.” And, while that may not be the case in the world of RIM services, it is hard to argue that a ‘byline’ attached to an article doesn’t enhance one’s standing in the industry. Over the years, PRISM International and its CEO Bob Johnson, have developed a reputation for […]. The post Announcing the PRISM International Writer’s Challenge appeared first on IG GURU.

IT 40