Krebs on Security

MAY 30, 2019

Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software. In March 2019, the Canadian Radio-television and Telecommunications Commission (CRTC) — Canada’s equivalent of the U.S. Federal Communications Commission (FCC), executed a search warrant in tandem with the Royal Canadian Mounted Police (RCMP) at the home of a Toronto softwa

Computer and Electronics 194

Computer and Electronics Compliance Communications Marketing 194

Data Breach Today

MAY 30, 2019

No Patch Available Yet, But Exploiting the Flaw Would Be 'Challenging' A security researcher has found a significant flaw all versions of Docker, an open source container platform, that can give attackers read and write access to all the files within the host system, allowing them to execute arbitrary code. As of now, there's no patch available.

Access 191

Access Security 191

IT Governance

MAY 30, 2019

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. The offender this time is the First American Financial Corp. , which breached sixteen years’ worth of insurance data. That incident accounted for more than 60% of all of May’s breached records. In total, at least 1,389,463,242 records were compromised.

Data breaches 112

Data breaches Personal data Ransomware Phishing 112

Data Breach Today

MAY 30, 2019

Hashed and Salted Usernames and Passwords Exposed News aggregator Flipboard has initiated a systemwide password reset affecting as many as 150 million users following two database intrusions. Flipboard doesn't collect ID or financial information, but users could be at risk if they have reused their Flipboard password on other services.

Passwords 179

Passwords Risk 179

Advertisement

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

Analytics

Security Affairs

MAY 30, 2019

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. Recent research by the cybersecurity experts at VPNpro shows that the popular mobile VPN developer Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt.

Privacy 108

Privacy Cybersecurity GDPR Security 108

Thales Cloud Protection & Licensing

MAY 30, 2019

As I noted in my last blog post , containers, which are now pervasive in enterprises, are ephemeral, and microservices frameworks like Kubernetes treat them as such. Data security is a complex subject, and, unfortunately, microservices only add to the complexity. I frequently try to untangle the threads of knotty issues by asking questions. So, in this and my next few blogs, I will share some questions you might want to ask as you go about securing your data in a microservices environment.

Security 97

Security Authentication Access Paper 97

Data Breach Today

MAY 30, 2019

On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation.

Security 156

Security Risk 156

Hunton Privacy

MAY 30, 2019

On May 27, 2019, Thailand’s Personal Data Protection Act B.E. 2562 (A.D. 2019) (the “PDPA”), which was passed by the National Legislative Assembly on February 28, 2019, was finally published in the Government Gazette, and thus became effective on May 28, 2019. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilitie

Personal data 100

Personal data Government Information Security Security 100

Security Affairs

MAY 30, 2019

The WordPress plugin Convert Plus is affected by a critical flaw that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. The WordPress plugin Convert Plus is affected by a critical vulnerability that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. A vulnerability ties with the lack of filtering when processing a new user subscription via a form implemented by the Convert Plus plugin that already

Passwords 92

Passwords Sales Cybersecurity Security 92

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Schneier on Security

MAY 30, 2019

The term "fake news" has lost much of its meaning, but it describes a real and dangerous Internet trend. Because it's hard for many people to differentiate a real news site from a fraudulent one, they can be hoodwinked by fictitious news stories pretending to be real. The result is that otherwise reasonable people believe lies. The trends fostering fake news are more general, though, and we need to start thinking about how it could affect different areas of our lives.

Paper 88

Paper Archiving IT Security 88

Dark Reading

MAY 30, 2019

Baltimore has so far refused to comply with a ransom demand. It's being forced to make a decision all such victims face: to act morally or practically.

Government 89

Government Ransomware IT 89

Threatpost

MAY 30, 2019

One of the most popular U.S. drive-through restaurants has been hit with a data breach due to POS malware.

Data breaches 101

Data breaches Sales Security 101

Dark Reading

MAY 30, 2019

Digital Shadows researchers scanned various online file-sharing services and concluded the number of exposed files is up 50% from March of 2018.

86

86

Advertisement

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

Analytics

Jamf

MAY 30, 2019

Jamf Connect has expanded the list of cloud identity providers it supports to include Ping Identity. This integration offers support for both Jamf Connect LoginWindow and Verify (password sync).

Passwords 74

Passwords Cloud IT 74

Security Affairs

MAY 30, 2019

Checkers and Rally’s, one of the largest chains of double drive-thru restaurants in the United States, disclosed a credit card breach. “We recently became aware of a data security issue involving malware at certain Checkers and Rally’s locations.” reads a breach notice published by the company. “After discovering the issue, we quickly engaged leading data security experts to conduct an extensive investigation and coordinated with affected restaurants and federal law enfor

Sales 75

Sales Security Cybersecurity Data breaches 75

OpenText Information Management

MAY 30, 2019

If you rely on OpenText™ fax and notifications solutions in your business, we’ve added a new element to Enterprise World that you need to know about: technology-specific Learn Paths designed to provide practical, technical and insightful information on the latest product features and capabilities. The Fax & Omnichannel Communications Learn Path delivers practical training, tools … The post Fax & Omnichannel Communications Learn Path at Enterprise World appeared first on OpenText B

Communications 73

Communications 73

IBM Big Data Hub

MAY 30, 2019

It’s been one year since we launched IBM Cloud Pak for Data (previously IBM Cloud Private for Data), IBM's data and AI platform for today's modern enterprise. Since then, this platform has been embraced by hundreds of customers, and Forrester ranked it No.

Cloud 72

Cloud IT 72

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Threatpost

MAY 30, 2019

HiddenWasp is unique for Linux-based malware in that it targets systems to remotely control them.

IT 98

IT 98

Dark Reading

MAY 30, 2019

The reality for business owners and CISOs looking to protect their business from a cyberattack is that cyber insurance is not a catchall for protecting against risk and loss.

Insurance 71

Insurance Risk 71

Threatpost

MAY 30, 2019

The complexity and scale of the 5G ecosystem, combined with a lack of skills and training in software-centric security, will be important drivers for AI deployment in the carrier space.

Security 68

Security Artificial Intelligence IoT Cloud 68

Dark Reading

MAY 30, 2019

A old vulnerability in Alpine Linux containers has spread and propagated to as much as 20% of the containers on the Docker Store.

Passwords 84

Passwords 84

Advertisement

While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.

Artificial Intelligence

Security Affairs

MAY 30, 2019

Chinese Cyber-Spies Target Government Organizations in Middle East. Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Experts at Palo Alto Networks reported that the Chinese APT group Emissary Panda (aka APT27 , TG-3390 , Bronze Union , and Lucky Mouse ) has been targeting government organizations in two different countries in the Middle East.

Government 70

Government Financial Services Security Cybersecurity 70

IT Governance

MAY 30, 2019

Do your research. Ditch the jargon and learn how to implement an ISMS (information security management system) in nine steps with our free guide. We’ve also got a handy pocket guide – Nine Steps to Success – An ISO 27001 Implementation Overview – that explains (in layman’s terms) how to develop and deploy an ISMS. Read the Standard. ISO/IEC 27001:2013 sets out the basic elements of an ISMS.

Risk 65

Risk Information Security Government IT 65

Information Management Resources

MAY 30, 2019

A U.S. District judge is overseeing dozens of suits alleging users have no real control over their personal information, and that the company has repeatedly misled users to continue mining it.

Mining 62

Mining Privacy IT Data Privacy 62

Dark Reading

MAY 30, 2019

The company also agreed to buy container security company Twistlock as it develops its cloud security suite.

Cloud 73

Cloud Security IT 73

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Information Management Resources

MAY 30, 2019

A majority of C-suite executives and policy makers in the United States think investing in security software infrastructure and emerging technologies is critical to protecting U.S. data.

Risk 58

Risk Security 58

DXC Technology

MAY 30, 2019

I’ve been working from my home for the past 20 years, a situation for which I am extremely grateful. It has all the advantages you could imagine. There’s no stressful, time-wasting commute. I control of my environment and have the flexibility to set my own schedule and take breaks without raising eyebrows. Plus I’m always […].

IT 51

IT 51

IBM Big Data Hub

MAY 30, 2019

Learn how to upgrade your marketing plans with some insights from Ventana Research.

Marketing 76

Marketing 76