Krebs on Security

JUNE 4, 2019

Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm. That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients.

Insurance 241

Insurance Data Privacy Access Security 241

Data Breach Today

JUNE 4, 2019

Whistleblowers Say Hospital Falsely Attested to Conducting Risk Analysis for EHR Incentive Program A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.

Risk 200

Risk Security IT 200

The Last Watchdog

JUNE 4, 2019

There’s oil in the state of Maryland – “cyber oil.” With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” Related: Port Covington cyber hub project gets underway That’s because Maryland is home to more than 40 government agencies with extensive cyber programs, including the National Security Agency, National Institute of Standards and Technology, Defense Information Systems

Cybersecurity 144

Cybersecurity Computer and Electronics Data science Marketing 144

Data Breach Today

JUNE 4, 2019

Hackers Stole 'Significant Amounts' of Student, Staff Data Australian National University has detected a data breach that resulted in the copying of "significant amounts" of staff and student data stretching back 19 years. The intrusion began in late 2018 and was detected on May 17.

Data breaches 145

Data breaches 145

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

AIIM

JUNE 4, 2019

Hopefully, you've heard by now that we're updating the Certified Information Professional (CIP) exam. To help answer questions and clear up any confusion, I’ve been covering each of the CIP domains in a blog series to explain the updated exam: what's new, what's changed, and how to be successful. In the last post, we focused on Domain 1: Creating and Capturing Information.

Metadata 90

Metadata Cleanup Artificial Intelligence Analytics 90

Schneier on Security

JUNE 4, 2019

Really interesting paper calculating the worldwide cost of cybercrime: Abstract: In 2012 we presented the first systematic study of the costs of cybercrime. In this paper,we report what has changed in the seven years since. The period has seen major platform evolution, with the mobile phone replacing the PC and laptop as the consumer terminal of choice, with Android replacing Windows, and with many services moving to the cloud.The use of social networks has become extremely widespread.

Paper 83

Paper Sales Phishing Cloud 83

IBM Big Data Hub

JUNE 4, 2019

Today’s launch of Db2 11.5 , the world’s premier AI database, is great news for any company seeking to build an architecture that supports their AI implementation. Governance, integration, and business intelligence are all important rungs on the ladder for a business to reach AI. But the first step is a solid hybrid data management practice.

Government 79

Government 79

IT Governance

JUNE 4, 2019

A version of this blog was originally published on 15 August 2017. We often talk about the benefits of ISO 27001 certification but don’t always expand on the more immediate benefits associated with implementing an ISMS (information security management system). We aim to put that right in this blog, explaining how an ISMS works and the ways it helps your organisation.

Information Security 78

Information Security Risk Compliance GDPR 78

Security Affairs

JUNE 4, 2019

A security expert disclosed technical details of a new unpatched vulnerability (CVE-2019-9510) that affects Microsoft Windows Remote Desktop Protocol (RDP). Security expert Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), discovered a new unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP). The flaw, tracked as CVE-2019-9510, could be exploited by client-side attackers to bypass the lock screen on remote desktop (RD) sessions.

Authentication 80

Authentication Security Access IT 80

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

OpenText Information Management

JUNE 4, 2019

Following a Learn Path at OpenText Enterprise World this July in Toronto is a perfect way to make the most of your time at the event, to earn professional accreditation and to learn valuable tips and tricks that you can take back to your organization and implement from Day 1. We will be running 6 … The post Experience Learn Paths at OpenText Enterprise World appeared first on OpenText Blogs.

Customer Experience 75

Customer Experience 75

Security Affairs

JUNE 4, 2019

A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. A new email hacking tool associated with the Iran-linked OilRig APT group was leaked through the same Telegram channel that in April leaked the source code of 6 tools used by the crew.

Passwords 80

Passwords Cybersecurity Government Security 80

Dark Reading

JUNE 4, 2019

Investigation of the cybercrime group's attack on an East European bank shows how some attackers require very little time to broaden their access and establish persistence on a network.

Access 74

Access 74

eSecurity Planet

JUNE 4, 2019

User and entity behavior analytics uses machine learning to protect against insider threats and external attacks. We analyze the top UEBA products.

Analytics 76

Analytics 76

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

JUNE 4, 2019

At Infosecurity Europe, a security expert from Guardicore discusses a new cryptomining malware campaign called Nanshou and why the cryptojacking threat is set to get worse.

Security 67

Security 67

Dark Reading

JUNE 4, 2019

The heavily obfuscated adware was found in 238 different apps on Google Play.

97

97

Threatpost

JUNE 4, 2019

During Infosecurity Europe in London this week, cybersecurity experts sounded off on worries about artificial intelligence being used for nation state cyber weapons.

Artificial Intelligence 65

Artificial Intelligence Cybersecurity Government 65

DXC Technology

JUNE 4, 2019

Los servicios financieros están evolucionando hacia plataformas de funciones y procesos de negocio, y eso es algo bueno. Pasar de aplicaciones a Software como servicio (SaaS), y luego a Plataforma como servicio (PaaS), puede generar nuevas cadenas de valor bancarias. También reducirá drásticamente el número de procesos manuales, típicos en casos de error, y fomentar […].

Digital transformation 60

Digital transformation Marketing 60

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

JUNE 4, 2019

0patch has released an interim micropatch for the dangerous LPE bug while we wait for Microsoft's official patch.

80

80

Dark Reading

JUNE 4, 2019

The tactics and techniques most commonly used to slip past security defenses and catch employees off guard.

Security 78

Security 78

Hunton Privacy

JUNE 4, 2019

On May 28, 2019, shortly after the appointment of the new Belgian commissioner and the Director of the Litigation Chamber , the Belgian Data Protection Authority (the “Belgian DPA”) imposed its first fine since the EU General Data Protection Regulation ( “GDPR”) came into effect. The Belgian DPA fined a Belgian mayor EUR 2,000 for abusive use of personal data obtained in the context of his mayoral functions for election campaign purposes.

GDPR 57

GDPR Personal data Compliance IT 57

Dark Reading

JUNE 4, 2019

Attackers appear to have used a ransomware-as-a-service platform to wage the attack.

Ransomware 85

Ransomware 85

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Threatpost

JUNE 4, 2019

The login scheme promises it won't share data -- and will be required for all developers using third-party sign-ins.

Marketing 71

Marketing Privacy IT Cloud 71

DXC Technology

JUNE 4, 2019

Long anticipated, digital transformation is redefining jobs and roles. Digital technologies have transcended simple process acceleration and are deconstructing our old notions about work and the workplace. Multiple gigs instead of one role Mobile technologies in particular have catalyzed the development of the gig economy. What constitutes a job, who is an employee and how […].

Digital transformation 53

Digital transformation 53

Threatpost

JUNE 4, 2019

Threat detection tools don't take into account the emotional aspect of insider threats, a panel of experts said at Infosecurity Europe this week.

Data Privacy 59

Data Privacy Privacy Security 59

Hunton Privacy

JUNE 4, 2019

On May 27, 2019, the Illinois General Assembly voted 79-32 to approve Senate Bill 1624 , an amendment to the Personal Information Protection Act (“PIPA”). The bill’s sponsor, Senator Suzy Glowiak (D), expects Illinois Governor J.B. Pritzker (D) to sign the bill into law in short order. The amendment had already unanimously passed the state Senate last month.

Retail 52

Retail Data breaches Passwords Risk 52

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Adam Levin

JUNE 4, 2019

At least 11 million public and private photographs were found on an unsecured database connected to an online photo sharing service. Researchers from VPNMentor discovered an online database that they traced back to Theta360, a photo service specializing in panoramic photos taken with Ricoh-brand cameras. The unsecured data contained photographs, usernames, full names, and photo captions, including those marked by users as private.

IoT 50

IoT Access Security 50

Hunton Privacy

JUNE 4, 2019

On May 28, 2019, a federal jury returned a verdict awarding $1,000 to each of the roughly 68,000 class members whose criminal history was made publicly available online. The jury found that Bucks County willfully violated Pennsylvania’s Criminal History Records Information Act (“CHRIA”) and awarded the statutory minimum to each of the class members.

Privacy 49

Privacy Government IT Cybersecurity 49

Dark Reading

JUNE 4, 2019

The breach of the website of American Medical Collection Agency leaves the personal and financial information of nearly 12 million patients at risk.

Risk 55

Risk 55