Tue.Oct 16, 2018

article thumbnail

Anthem Mega-Breach: Record $16 Million HIPAA Settlement

Data Breach Today

Regulators Say Health Insurer Failed to Take Basic Security Steps Federal regulators have smacked health insurer Anthem with a record $16 million HIPAA settlement in the wake of a cyberattack revealed in 2015, which impacted nearly 79 million individuals. What missteps does the settlement highlight?

Insurance 240
article thumbnail

CIP Spotlight: Devon McCollum is Serious About the Information Industry

AIIM

Why choose certification? For me, it's about proof (to myself and to employers) of my expertise. The Certified Information Professional (CIP) started with a group of industry experts and focus groups that worked together to define the body of knowledge necessary for information professionals to be successful in the digital economy. From there, AIIM worked to build a certification exam based upon this body of knowledge - and the CIP was born.

ECM 98
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

10 Cyberattacks Investigated Weekly by UK

Data Breach Today

Majority of Incidents Trace to Hostile Nation-States, NCSC Says The U.K.'s National Cyber Security Center incident response teams have investigated more than 1,000 significant incidents in the past two years, the majority of which trace to nation-state attackers, officials say.

Security 210
article thumbnail

How to detect a data breach

IT Governance

The need for speed. Data breaches can have serious financial consequences for organisations of all sizes. The faster a breach can be detected and contained, the lower the costs for the organisation. Having systems in place to help identify and contain breaches promptly should be a priority for all management teams. With criminal hackers and malicious insiders causing the majority of data breaches, organisations need to strengthen their security posture and carefully consider all of their interna

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

US Voter Records for Sale on Hacker Forum

Data Breach Today

Exposure Highlights Scant Protection Afforded to Voter Registration Records A batch of U.S. voter registration records from 20 states has appeared for sale online in what appears to be an illegitimate offering. While it's far from the largest-ever seen leak of voter data, the incident again highlights the lax controls too often applied to voter records.

Sales 233

More Trending

article thumbnail

Privacy for Tigers

Schneier on Security

Ross Anderson has some new work : As mobile phone masts went up across the world's jungles, savannas and mountains, so did poaching. Wildlife crime syndicates can not only coordinate better but can mine growing public data sets, often of geotagged images. Privacy matters for tigers, for snow leopards, for elephants and rhinos ­ and even for tortoises and sharks.

Privacy 82
article thumbnail

35 million US voter records available for sale in a hacking forum

Security Affairs

Millions of voter records are available for sale on the Dark Web, experts discovered over 35 million US voter records for sale in a hacking forum. Millions of voter records are available for sale on the Dark Web , experts from Anomali and Intel 471 discovered 35 million US voter records for sale in a hacking forum. Researchers have analyzed a sample of voter records and determined the data to be valid with a high degree of confidence.

Sales 89
article thumbnail

Cybersecurity Awareness Month Blog Series: It’s Cybersecurity Awareness Month – advice to SMBs

Thales Cloud Protection & Licensing

This October marks the 15 th year of Cybersecurity Awareness Month. While we in the industry know that cybersecurity is a 365 day a year commitment, I’m happy to use October as the platform to remind small and medium sized businesses (SMBs) what they could and should be doing to keep their company, employees and customer data safe. Take a page from the enterprise.

article thumbnail

A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence

Security Affairs

A water utility in the US state of North Carolina suffered a severe ransomware attack in the week after Hurricane Florence hit the East Coast of the U.S. According to the Onslow Water and Sewer Authority (aka ONWASA) some internal systems were infected with the Emotet malware, but the regular water service was not impacted. According to ONWASA , the infections would require several of the main databases to be completely recreated, fortunately, no customer information was compromised.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

How Insight delivers a modern technology choice program

Jamf

Evan Tomlin, Director of Solutions Architecture at Insight, explains the benefits of offering and supporting a Mac choice program and provides insight for any organization considering Mac in their environment.

75
article thumbnail

Expert disclosed a new passcode bypass to access photos and contacts on a locked iPhone

Security Affairs

iOS passionate Jose Rodriguez disclosed a new passcode bypass bug that could be to access photos and contacts on a locked iPhone XS. The security passionate Jose Rodriguez has discovered a new passcode bypass bug that could be exploited on the recently released iOS 12.0.1. A few weeks ago, Rodriguez discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could have been exploited to access photos, contacts on a locked iPhone XS.

Access 88
article thumbnail

Gimmal Extends its DoD 5015.2 Certified Records Management Certification to SharePoint 2016

Gimmal

Gimmal, the world’s leading provider of records management and information governance software, is excited to announce that Gimmal Records Management , which already provides DoD 5015.2-certified for Microsoft SharePoint 2010 and 2013, is now extending its certification to Microsoft 2016. Gimmal has always been the first to offer this certification for Microsoft’s SharePoint platform and has become the standard when implementing DoD 5015.2 solutions.

article thumbnail

A simple message containing certain symbols could crash the Sony PlayStation 4

Security Affairs

PlayStation 4 gaming consoles could crash when they receive messages containing certain symbols from fellow gamers. The consoles could freeze on while the owners are playing their preferred games, the DoS condition is triggered while the devices are parsing symbols in messages received. “There is a new glitch that basically bricks your console and forces you to factory reset it.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

FICO & US Chamber of Commerce Score Cyber-Risk Across 10 Sectors

Dark Reading

Media, telecom, and technology firms are far more likely to experience a data breach in the near future than organizations in sectors including energy, construction, and transportation.

Risk 71
article thumbnail

As End of Life Nears, More Than Half of Websites Still Use PHP V5

Threatpost

Support for PHP 5.6 drops on December 31 - but a recent report found that almost 62 percent of websites are still using version 5.

article thumbnail

6 Reasons Why Employees Violate Security Policies

Dark Reading

Get into their heads to find out why they're flouting your corporate cybersecurity rules.

article thumbnail

How Cyber Essentials can help secure your Internet connection

IT Governance

In this blog series, we will discuss each of the Cyber Essentials scheme’s five security controls that, according to the UK government, could prevent “around 80% of cyber attacks”. For our second blog post, we’ll be looking at using a firewall to secure your Internet. This includes configuring the firewall to protect all your devices, particularly those that connect to public networks.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Spies Among Us: Tracking, IoT & the Truly Inside Threat

Dark Reading

In today's ultra-connected world, it's important for users to understand how to safeguard security while browsing the web and using electronic devices.

IoT 70
article thumbnail

Data gathering 'may deny rape victims access to justice'

The Guardian Data Protection

Exclusive: commissioner says cases are dropped unless accusers give police intimate information The intrusive gathering of data about possible rape victims is unlawful and risks preventing them coming forward, according to London’s victims’ commissioner. Claire Waxman from the Mayor’s Office for Policing and Crime (Mopac) has written to the Information Commissioner’s Office (ICO) saying victims were routinely being told their cases would be dropped unless they signed consent forms that gave defe

Access 61
article thumbnail

A Cybersecurity Weak Link: Linux and IoT

Dark Reading

Linux powers many of the IoT devices on which we've come to rely -- something that enterprises must address.

IoT 80
article thumbnail

The best cyber security defense: Thinking like an adversary

Information Management Resources

Enterprises need to shift their mindset from thinking primarily from a defensive perspective to thinking about how an attacker would infiltrate their system and use that knowledge to inform their defensive posture.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack

Threatpost

The Emotet Trojan is behind a crippling ransomware attack that hit the Onslow Water and Sewer Authority.

article thumbnail

NC Water Utility Fights Post-Hurricane Ransomware

Dark Reading

North Carolina's Onslow Water and Sewer Authority was hit with an advanced attack in the wake of Hurricane Florence.

article thumbnail

ThreatList: Half of Execs Feel Unprepared to Respond to a Cyber-Incident

Threatpost

Deloitte estimates cybercrime costs to reach $6 trillion annually -- but companies still lag in preparedness.

article thumbnail

Measuring ROI for DMARC

Adam Shostack

I’m pleased to be able to share work that Shostack & Associates and the Cyentia Institute have been doing for the Global Cyber Alliance. In doing this, we created some new threat models for email, and some new statistical analysis of. It shows the 1,046 domains that have successfully activated strong protection with GCA’s DMARC tools will save an estimated $19 million to $66 million dollars from limiting BEC for the year of 2018 alone.

IT 49
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Privacy Regulation Could Be a Test for States’ Rights

Threatpost

As more states take cybersecurity and privacy issues into their own hands, experts worry that big tech will push for preemption.

Privacy 57
article thumbnail

The future of applications is low code

OpenText Information Management

To meet the needs of the business and maintain a competitive edge, organizations need to be able to develop applications that solve business problems quickly and efficiently. Currently, it can take teams of 10 or more months to develop an application. But with low code application development, it’s now easier than ever to create, deploy, … The post The future of applications is low code appeared first on OpenText Blogs.

article thumbnail

Facebook Expands Efforts to Squash Voter Suppression

Threatpost

The social network will crack down on those spreading disinformation in an effort to keep people away from the polls.