Data Breach Today
SEPTEMBER 28, 2018
Port Remains Open and Accessible to Ships, Officials Say Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline. Port officials say the attacker has demanded a ransom, payable in bitcoin, for the promise of a decryption key.
Krebs on Security
SEPTEMBER 28, 2018
Facebook said today some 90 million of its users may get forcibly logged out of their accounts after the company fixed a rather glaring security vulnerability in its Web site that may have let attackers hijack user profiles. In a short blog post published this afternoon, Facebook said hackers have been exploiting a vulnerability in Facebook’s site code that impacted a feature called “View As,” which lets users see how their profile appears to other people. “This allowed t
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 28, 2018
Vulnerability in 'View As' Feature Exploited Facebook revealed Friday that it had discovered a breach that affected almost 50 million user accounts. Attackers exploited a vulnerability that enabled them to steal "access tokens," digital keys that keep users logged in so they don't need to re-enter their password.
AIIM
SEPTEMBER 28, 2018
While “technical debt” is a term that’s frequently used by technologists, the implication and understanding of it tends to be opaque to the business until it’s too late - just look at how Nokia lost the mobile market that it helped create. The business and finance side of Nokia had the usual tools for assessing financial risks - but why do we not have an equivalent tool for the operational or existential risks when the debts come from the more intangible investment in technology?
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
SEPTEMBER 28, 2018
Hacker Who Kept 'Hacky Hack Hack Methods' Folder on His Computer Gets Probation An Australian man who as a teenager managed to infiltrate Apple's networks and do it again after the company expelled him - aided by a folder on his laptop storing his "Hacky Hack Hack Methods" - has been sentenced to serve eight months of probation, according to news reports.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 28, 2018
Because business associates have been culprits in heath data breaches impacting millions of individuals, healthcare entities need to be diligent in taking steps to reduce the persistent risks these vendors pose, says privacy and security expert Susan Lucci.
WIRED Threat Level
SEPTEMBER 28, 2018
The social networking giant confirmed Friday that sites you use Facebook to login to could have been accessed as a result of its massive breach.
Data Breach Today
SEPTEMBER 28, 2018
Leading the latest edition of the ISMG Security Report: The reaction to the recently released White House cybersecurity strategy. Also featured: A discussion of GDPR's impact on class action lawsuits.
Security Affairs
SEPTEMBER 28, 2018
Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. The vulnerability was introduced in August 2014 with the release of version 3.16 of the Linux kernel. The issue could be exploited by an attacker trigger a DoS condition or to execute arbitrary code with root privileges on the vulnerable system.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
SEPTEMBER 28, 2018
A vulnerability in Facebook's "View As" feature let attackers steal security tokens linked to 50 million accounts, the company confirms.
WIRED Threat Level
SEPTEMBER 28, 2018
Up to 50 million Facebook users were affected—and possibly 40 million more—when hackers compromised the social network's systems.
Security Affairs
SEPTEMBER 28, 2018
The QRecorder app in the Play Store impersonating a phone call and voice recording utility embedded a banking malware used to target European banks. Security experts from ESET have discovered a malicious app in the official Google Play Store that impersonates a phone call and voice recording utility, it was hiding a banking malware used to target customers of European banks.
Dark Reading
SEPTEMBER 28, 2018
The most popular subject lines crafted to trick targets into opening malicious messages, gleaned from thousands of phishing emails.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
SEPTEMBER 28, 2018
Port of San Diego suffered a ransomware-based attack, a few days after the Port of Barcelona was hit by a cyber attack that caused several problems. A few days ago the Port of Barcelona was hit by a cyber attack that caused several problems to the critical infrastructure, now another major international port was targeted by attackers. The second attack was reported on September 25 and hit the Port of San Diego, in the United States.
Dark Reading
SEPTEMBER 28, 2018
When it comes to protecting information, we can all do better. But encouraging a can-do attitude goes a long way toward discouraging users' risky behaviors.
Schneier on Security
SEPTEMBER 28, 2018
The major tech companies, scared that states like California might impose actual privacy regulations , have now decided that they can better lobby the federal government for much weaker national legislation that will preempt any stricter state measures. I'm sure they'll still do all they can to weaken the California law, but they know they'll do better at the national level.
Dark Reading
SEPTEMBER 28, 2018
Stealth, persistence mechanism and ability to infect a wide swath of devices make malware dangerous and very different from the usual Mirai knockoffs, Avast says.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Gimmal
SEPTEMBER 28, 2018
So, what makes a record different from any other piece of information - electronic or physical? How does one identify something as a record? Who gets to decide? Is there an approval process for verifying business records? Does every piece of content need to be investigated for record quality? How about voice messages, text messages, and chat threads?
WIRED Threat Level
SEPTEMBER 28, 2018
A new report details dozens of vulnerabilities across seven models of voting machines—all of which are currently in use.
Threatpost
SEPTEMBER 28, 2018
Bypass works on iOS 12 and Apple's latest iPhone XS model phones allowing an attacker to access contacts and photos.
Hunton Privacy
SEPTEMBER 28, 2018
On September 26, 2018, the U.S. Senate Committee on Commerce, Science, and Transportation convened a hearing on Examining Consumer Privacy Protections with representatives of major technology and communications firms to discuss approaches to protecting consumer privacy, how the U.S. might craft a federal privacy law, and companies’ experiences in implementing the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
SEPTEMBER 28, 2018
Companies with a solid track record of cybersecurity share these practices and characteristics.
HL Chronicle of Data Protection
SEPTEMBER 28, 2018
Please join us for our October 2018 Privacy and Cybersecurity Events. October 3. Data Privacy on Steroids. Harriet Pearson will speak on a panel at the Minority Corporate Counsel Association Conference. It is entitled “ Data Privacy on Steroids: Sweeping New Data Privacy/Security Regulation in the EU and California, and What it Means for American Business. ”.
Dark Reading
SEPTEMBER 28, 2018
Government agencies remind users that RDP can be used for malicious purposes by criminal actors.
Hunton Privacy
SEPTEMBER 28, 2018
On September 26, 2018, the U.S. Department of Commerce’s National Telecommunications and Information Administration (“NTIA”) announced that it is seeking public comments on a proposed approach to advancing consumer privacy. The approach is divided into two parts: (1) a set of desired user-centric privacy outcomes of organizational practices, including transparency, control, reasonable minimization (of data collection, storage length, use and sharing), security, access and correction, risk manage
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Threatpost
SEPTEMBER 28, 2018
Hackers exploited a flaw in Facebook’s code impacting its “View As” feature.
OpenText Information Management
SEPTEMBER 28, 2018
In the ever-changing landscape of marketing, how does a creative agency stay competitive? How do you maintain excellence in client service with so many campaigns in flight? For HZ, the solution was to turn to OpenText™ Hightail™. HZ is a fully integrated creative agency specializing in branding, marketing, content and digital marketing. HZ works on … The post How HZ improved consistency and efficiency of creative reviews with the use of OpenText Hightail appeared first on OpenText Blogs.
Threatpost
SEPTEMBER 28, 2018
A research team suggested a new secure-by-design API after discovering design flaws in the way Android apps are verified by password managers.
Expert insights. Personalized for you.
253 
Let's personalize your content