The Last Watchdog

AUGUST 23, 2018

Remember the old adage, you can never be too thin or too rich? The software development world has its own take on that dictum—you can never be too fast. Related: Gamification training targets iGens. Business demand dictates a frenetic pace for delivering new and better technology. To perfect the process, more organizations are taking a DevOps approach—melding software development and software operations simultaneously.

Cybersecurity 167

Cybersecurity Cloud Education Security 167

Data Breach Today

AUGUST 23, 2018

Securing the Expanding Attack Surface Within and Beyond the Traditional Perimeter

Cloud 100

Cloud Security 100

Krebs on Security

AUGUST 23, 2018

In September 2017, Equifax disclosed that a failure to patch one of its Internet servers against a pervasive software flaw — in a Web component known as Apache Struts — led to a breach that exposed personal data on 147 million Americans. Now security experts are warning that blueprints showing malicious hackers how to exploit a newly-discovered Apache Struts bug are available online, leaving countless organizations in a rush to apply new updates and plug the security hole before att

Personal data 156

Personal data Risk Security Access 156

Data Breach Today

AUGUST 23, 2018

Some Security Experts Recommend Replacing Struts Altogether Due to Breach Risk Apache has released an emergency fix for its Struts web application framework to patch a flaw that attackers can exploit to take full control of the application. Some incident response experts, based on the severity of breaches they've investigated, recommend dropping Struts altogether.

Risk 169

Risk Security IT 169

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Thales Cloud Protection & Licensing

AUGUST 23, 2018

While it’s no surprise to anybody reading this that data breaches are on the rise, the attacks facing healthcare organizations, most recently in Asia, are particularly worrisome. One need not look very far to find examples of the threats facing these entities: In Singapore, 1.5 million SingHealth patient records – including those of Prime Minister Lee Hsien Loong, were compromised in what is being called the Republic’s worst cyber attack.

Data breaches 72

Data breaches IoT Encryption Compliance 72

Data Matters

AUGUST 23, 2018

On 21 August 2018, the Dutch Supervisor Authority announced that it had conducted an investigation into the designation of a Data Protection Officer (DPO) under the General Data Protection Regulation (GDPR) by 91 hospitals and 33 healthcare insurers in the Netherlands. Two hospitals had not yet communicated the contact details of their DPO to the Dutch Supervisor Authority, and were given four weeks to designate a DPO.

GDPR 60

GDPR Compliance Insurance Communications 60

Data Breach Today

AUGUST 23, 2018

Matt Alderman of Layered Insight Delves Into Container Challenges Containers are much different than virtual machines, posing different kinds of challenges for security, says Matt Alderman of Layered Insight.

Security 100

Security 100

Jamf

AUGUST 23, 2018

The Jamf Now Plus plan is a new premium tier of service which offers all of the features available with Jamf Now Standard, plus custom iOS app and macOS package deployment. Get the details.

65

65

Data Breach Today

AUGUST 23, 2018

Although the outlook for advancing interoperable, secure national health information exchange is promising, many significant challenges still must be overcome, says David Kibbe, M.D., founding president and outgoing CEO of DirectTrust.

Security 100

Security 100

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

IT Governance

AUGUST 23, 2018

In this week’s podcast, we discuss the data incident at Superdrug, Facebook and Twitter removing accounts, and the ICO website being down. Hello and welcome to the IT governance podcast for the 24 th of August. Our usual host is away for a couple of weeks, so I’ll be filling in. Here are this week’s stories: High-street retailer, Superdrug, suffered a data breach earlier this week.

Passwords 61

Passwords Retail Information Security Data breaches 61

Data Breach Today

AUGUST 23, 2018

Tom Field and Naresh Persaud of CA Technologies reflect on key findings from their recent Executive Roundtable on Modern IAM.

Access 100

Access Security 100

The Texas Record

AUGUST 23, 2018

Whether it’s creating and securing electronic records or establishing a process to capture records from social media sites, records managers often find themselves working closely with their Information Technology (IT) Departments. The initial meeting to discuss such issues can be uncomfortable for some, so we’ve solicited the help of three Records Management Officers (RMO) who’ve already crossed that bridge; Interim RMO with the Employee Retirement System of Texas, Martha Whitted, Texas St

IT 60

IT Records Management Computer and Electronics Archiving 60

IT Governance

AUGUST 23, 2018

Step into the Breach. Welcome to the IT Governance Periscope Podcast. This week’s episode is an investigation into reporting on staff training and awareness, and IT Governance products and solutions for organisations that suffer a data breach. This week, we’re joined by Beth Goodyear, Product Marketing Executive (GDPR) at IT Governance. Beth was kind enough to share her knowledge of the tasks required to ensure swift and effective handling of a data breach.

Data breaches 58

Data breaches GDPR Marketing Government 58

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

WIRED Threat Level

AUGUST 23, 2018

Researchers have demonstrated that they can discern individual letters on a display based only on the ultrasonic whine it emits.

IT 69

IT Security 69

Schneier on Security

AUGUST 23, 2018

Another excellent paper by the Mueller/Stewart team: " Terrorism and Bathtubs: Comparing and Assessing the Risks ": Abstract : The likelihood that anyone outside a war zone will be killed by an Islamist extremist terrorist is extremely small. In the United States, for example, some six people have perished each year since 9/11 at the hands of such terrorists -- vastly smaller than the number of people who die in bathtub drownings.

Risk 55

Risk Paper Communications IT 55

Security Affairs

AUGUST 23, 2018

Security expert discovered a username enumeration vulnerability in the OpenSSH client that affects all versions of the software that was released since 1999. Security expert Darek Tytko from securitum.pl has discovered a username enumeration vulnerability in the OpenSSH client. The flaw tracked as CVE-2018-15473 affects all versions of the software that was released since 1999.

Authentication 54

Authentication Passwords Security IT 54

Threatpost

AUGUST 23, 2018

Bridging the divide between hype and reality when it comes to what artificial intelligence and machine learning can do to help protect a business.

Artificial Intelligence 60

Artificial Intelligence Security IT 60

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Gimmal

AUGUST 23, 2018

The below blog post comes from a white paper produced by ASUG and Gimmal: Cruising Along the Information Highway: Understanding your SAP EIM Environment. It discusses the results of a recent survey of the ASUG community surrounding information management best practice awareness.

Paper 53

Paper IT ECM 53

IT Governance

AUGUST 23, 2018

The NIS Regulations were enforced in the UK on 10 May 2018. They aim to improve national cyber security capabilities and increase cooperation between EU member states. Under the NIS Regulations, OES (operators of essential services) and DSPs (digital service providers) are required to implement effective security measures appropriate to the risk , as well as incident response measures.

Compliance 53

Compliance Information Security Risk Security 53

Info Source

AUGUST 23, 2018

For a few years now, Harvey Spencer Associates has been promoting blockchain as a natural extension of capture technology. The Harvard Business Review describes blockchain as “an open, distributed ledger that can record transactions between two parties efficiently and in a verifiable and permanent way.” The technology is currently primarily used for financial transactions and is the basis for bitcoin.

Blockchain 45

Blockchain Content services ECM Marketing 45

IT Governance

AUGUST 23, 2018

The NIS Regulations (Network and Information Systems Regulations 2018) is the new UK cyber security law that came into force on 10 May 2018. This law transposes the EU-wide NIS Directive (Directive on security of network and information systems) into UK law. The Regulations apply to organisations that provide services essential to society, which are broken down into two classifications: OES (operators of essential services) and DSPs (digital service providers).

Compliance 49

Compliance Government Risk Security 49

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

OpenText Information Management

AUGUST 23, 2018

OpenText™ Enterprise World is always an amazing event and this year was no exception. The world’s largest information management conference was packed with sessions designed to help manufacturers get the most from their digital journey. Among the many things happening during the show was a very significant launch: OpenText’s new Digital Manufacturing eBook.

Manufacturing 45

Manufacturing Digital transformation 45

Security Affairs

AUGUST 23, 2018

Malware researchers from ESET have published a detailed report on the latest variant of the Turla backdoor that leverages email PDF attachments as C&C. Malware researchers from ESET have conducted a new analysis of a backdoor used by the Russia-linked APT Turla in targeted espionage operations. The new analysis revealed a list of high-profile victims that was previously unknown.

Metadata 45

Metadata Military Libraries Access 45

Dark Reading

AUGUST 23, 2018

While plenty of progress has been made on the training front, there's still some work ahead in getting the word out and doing so effectively.

Security awareness 50

Security awareness Security 50

Security Affairs

AUGUST 23, 2018

Check Point reported that organizations worldwide have been targeted with the Ryuk ransomware that was developed by North Korea-linked threat actor. Security experts from Check Point have uncovered a ransomware-based campaign aimed at organizations around the world conducted by North Korea-linked threat actor. The campaign appears as targeted and well-planned, crooks targeted several enterprises and encrypted hundreds of PC, storage and data centers in each infected company.

Ransomware 42

Ransomware Encryption IT Security 42

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

AUGUST 23, 2018

IBM research scientist discusses DeepLocker, a stealthy artificial intelligence-enhanced proof-of-concept that won't release any payload until the attacker reaches its ultimate target.

Artificial Intelligence 43

Artificial Intelligence IT 43

Threatpost

AUGUST 23, 2018

Facebook has been struggling to keep its data privacy woes at bay this week, between banning apps on its social media platform - and pulling its own app from Apple's store.

Data Privacy 41

Data Privacy Privacy IT 41

Dark Reading

AUGUST 23, 2018

The Russian-speaking group's latest tactic is the only known case of malware that's completely controllable via email, researchers at ESET say.

46

46