Tue.Dec 05, 2017

article thumbnail

‘Mailsploit’ Lets Hackers Forge Perfect Email Spoofs

WIRED Threat Level

The attack uncovers bugs in how more than a dozen programs implement email's creaky protocol.

Security 213
article thumbnail

Why risk assessments are crucial for ISO 27001 compliance

IT Governance

Experts often say that risk assessments are the most important part of an organisation’s ISO 27001 compliance project, but why is this? ISO 27001 risk assessments are designed to provide an accurate snapshot of the threats facing an organisation’s information security at a given point in time. They are intended to help organisations discover which incidents could occur and then find the most appropriate ways to avoid them.

Risk 89
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ethiopian Espionage Shows Commercial Spyware Is Out of Control

WIRED Threat Level

Opinion: A new report from Citizen Lab shows that governments are using commercial spyware to surveil dissidents and journalists.

article thumbnail

The real magic is anticipating customer need

OpenText Information Management

There is something ‘cool’ or futuristic about not having to pull out your wallet to pay. As the idea has gained mainstream acceptance more companies have started to put forward solutions. It’s a longstanding concept at hotels that you can use your room key or room number as a payment method in the restaurants and … The post The real magic is anticipating customer need appeared first on OpenText Blogs.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Phishing Schemes Are Using HTTPS Encrypted Sites to Seem Legit

WIRED Threat Level

A green padlock might make it seem like a site is secure, but increasingly phishers are using it to lure victims into giving up sensitive info.

More Trending

article thumbnail

Ghostery 8 Deploys Artificial Intelligence in the Fight Against Ad Trackers

WIRED Threat Level

With the release of Ghostery 8, the popular ad-blocker introduces artificial intelligence and Smart Mode, a whole new level of usability for beginners.

article thumbnail

Study: Simulated Attacks Uncover Real-World Problems in IT Security

Dark Reading

Some 70% of simulated attacks on real networks were able to move laterally within the network, while more than half infiltrated the perimeter and exfiltrated data.

IT 71
article thumbnail

Ten things impacting the world: the nature of commerce

OpenText Information Management

Innovations in digital payments are expanding the economy. As consumers (most notably Millennials) opt for new ways to pay for goods and services, traditional financial institutions are being circumvented. Alternative payment methods like mobile wallets, peer-to-peer (P2P) networks, crowdfunding, and cryptocurrencies are moving steadily into the mainstream.

article thumbnail

TeamViewer Rushes Fix for Permissions Bug

Threatpost

TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission.

IT 58
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Matt Blaze on Securing Voting Machines

Schneier on Security

Matt Blaze's House testimony on the security of voting machines is an excellent read. (Details on the entire hearing is here.) I have not watched the video.

article thumbnail

How to achieve and maintain PCI DSS compliance

IT Governance

All organisations that accept card payments need to comply with the Payment Card Industry Data Security Standard (PCI DSS). This is not a simple task: if you make mistakes when implementing the Standard’s requirements, you’ll struggle to maintain compliance and expose yourself to data breaches and regulatory fines. We understand that PCI DSS compliance is difficult, so we’ve laid out some recommendations based on our experience as a Qualified Security Assessor (QSA).

article thumbnail

Bitcoin Sites Become Hot Targets for DDoS Attacks

Dark Reading

The Bitcoin industry is now one of the top 10 most-targeted industries for DDoS campaigns. Price manipulation could be one goal, Imperva says.

53
article thumbnail

Nearly all firms found vulnerability to insider data security threats

Information Management Resources

The main risk factors include too many users with excessive access privileges, an increasing number of devices with access to sensitive data, and the increasing complexity of IT.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

6 Personality Profiles of White-Hat Hackers

Dark Reading

From making the Internet safer to promoting their security careers, bug bounty hunters have a broad range of motivators for hacking � most just like the challenge.

article thumbnail

Adopting an agile and lean mindset: 3 steps for leaders

CGI

Adopting an agile and lean mindset: 3 steps for leaders. ravi.kumarv@cgi.com. Tue, 12/05/2017 - 15:37. Being a good leader is hard. Being a bad leader is expensive. The more organizations look to agile and lean practices to help them accelerate value delivery, the more they need good leaders to work with an agile and lean mindset to clear the way for the team to accomplish astonishing results.

article thumbnail

Improve Signal-to-Noise Ratio with 'Content Curation:' 5 Steps

Dark Reading

By intelligently managing signatures, correlation rules, filters and searches, you can see where your security architecture falls down, and how your tools can better defend the network.

article thumbnail

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

CGI

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). cgiadmin. Tue, 12/05/2017 - 17:24. In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives. We conduct these interviews each year to get a pulse on clients’ top trends, along with their business and IT priorities, so that we can align our strategies and offerings with

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

e-Records 2017: “TSLAC Wants Your Electronic Records”

The Texas Record

This is the third post of a multi-part recap of the 2017 e-Records Conference. Presentation materials from the conference are available on the e-Records 2017 website. Information Governance: Take Control and Succeed. The Public Information Act and Updates from the 85th Legislative Session. TSLAC Wants Your Electronic Records. Returning for his 4th year at the e-Records Conference, Mark Myers, TSLAC’s own Senior Electronic Records Specialist, presented on the latest developments of the Texas Digi

article thumbnail

Laserfiche Wins Gold in Best in Biz Awards 2017

Info Source

Long Beach, CA – Laserfiche —the leading global provider of enterprise content management software—has been named a gold winner in the Most Customer-Friendly Company of the Year category for the Best in Biz Awards, the only independent business awards program judged each year by prominent editors and reporters from top-tier publications in North America.

ECM 40
article thumbnail

Developers Targeted in ‘ParseDroid’ PoC Attack

Threatpost

A proof of concept attack developed by researchers target users of the development platforms for Android and Java.

article thumbnail

Advanced Data Solutions Joins Crowley Reseller Network

Info Source

Frederick, Md. and Oldsmar, Fl. – The Crowley Company (Crowley) announces today that Advanced Data Solutions (ADS) has joined the company’s United States reseller network. ADS will carry the Crowley line of patron book and microfilm scanners including the Crowley ODS overhead document and book scanner, the UScan+ Universal Film scanner series and the Zeutschel zeta book copy system.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

4 software deployment tips for replacing legacy applications

Information Management Resources

When moving away from familiar systems and deploying something new, a failure to plan properly could be disastrous.

50
article thumbnail

A2iA Named Principle Recognition Engine for Check-Image Processing within the Alogent Cloud

Info Source

New York, December 5, 2017 – A2iA (@A2iA), an award-winning developer of artificial intelligence and machine-learning based software for the worldwide data capture, document processing, and payment systems markets, today announced its a2ia CheckReader™ software has been selected as the principal recognition engine for all scanner-based check-image processing within Alogent’s newly released Alogent Cloud.

Cloud 40
article thumbnail

Android Developer Tools Contain Vulnerabilities

Dark Reading

Several of the most popular cloud-based and downloadable tools Android developers use are affected.

Cloud 45
article thumbnail

Square 9® Softworks Flips the Switch to Web with Browser-Based GlobalSearch® 4.5

Info Source

NEW HAVEN, CONN., December 5, 2017 – Square 9® Softworks today released the latest generation in its award-winning Enterprise Content Management (ECM) platform. GlobalSearch 4.5 features a far-reaching redesign of ECM software with a highly intuitive, new web-based user interface. The release of GlobalSearch 4.5 concludes a three-year development plan where Square 9 created a unified user experience across its cloud, web, and on-premise platforms.

ECM 40
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Google Patches Android for 47 Vulnerabilities in Final Update for 2017

eSecurity Planet

Google end 2017 the same way it began the year, by patching media framework flaws.

IT 48
article thumbnail

Social Networks and Archival Context (SNAC), Phase II (November 2017-October 2019)

Archives Blogs

The University of Virginia Library is pleased to announce Phase II of the Social Networks and Archival Context (SNAC) Cooperative program. The University of Virginia Library is collaborating with the U.S. National Archives and Records Administration, and 27 other Cooperative members. This second and final phase of establishing the Cooperative (2017-2019) is generously funded by a $750,000 grant from The Andrew W.

article thumbnail

54 Percent of Energy Companies Lack Security Skills for IoT

eSecurity Planet

Just 2 percent say IoT presents no new security challenges.

IoT 52