Fri.Sep 07, 2018

article thumbnail

MY TAKE: Can Hollywood’s highly effective ‘source-code’ security tools help make IoT safe?

The Last Watchdog

Over the past couple of decades, some amazing advances in locking down software code have quietly unfolded in, of all places, Hollywood. Related: HBO hack spurs cyber insurance market. Makes sense, though. Digital media and entertainment giants like Netflix, Amazon, Hulu, HBO, ESPN, Sony, and Disney are obsessive about protecting their turf. These Tinsel Town powerhouses retain armies of investigators and lawyers engaged in a never-ending war to keep piracy and subscription fraud in check.

IoT 106
article thumbnail

Hacker Flies Away With British Airways Customer Data

Data Breach Today

'Personal and Financial Details' Stolen From 380,000 Website and App Transactions British Airways is warning customers that it suffered a hack attack that compromised up to 380,000 customers' payment cards as well as personal data over a 15-day period. The airline says it was alerted to the breach by a business partner that monitors its websites.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New Belgian Data Protection Act Takes Effect

Data Matters

On September 5, 2018, the new Belgian Data Protection Act implementing the GDPR (the Belgian Act ) was published and entered into force. Despite the GDPR being an EU regulation that directly applies to all EU Member States, several provisions of the GDPR explicitly allow, and even require, Member States to enact legislation which implements the law.

GDPR 96
article thumbnail

Alert: 'Ryuk' Ransomware Attacks the Latest Threat

Data Breach Today

Variant of Hermes Poses Major Risks, HHS Warns Organizations should be on guard for an attacks involving apparent variant of Hermes ransomware - dubbed Ryuk - that attempts to encrypt network resources. It has already victimized several global organizations in the U.S. and elsewhere, according to a federal alert, which offers mitigation advice.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Make sure your cyber security policies aren’t only ‘skin deep’

IT Governance

Saying you’ve done something doesn’t necessarily mean you’ve actually done it. Almost every data breach begins with an organisation saying they were secure until a crook comes along and shows them otherwise. . This is one of the biggest problems facing the cyber security industry. Organisations approach issues reluctantly, creating measures that seem adequate but are in fact only, to borrow from information governance expert Andrea Simmons, “skin deep”. .

More Trending

article thumbnail

Thriving as a woman in tech: A Q&A with OpenText VP, Lynn Elwood

OpenText Information Management

Gone are the days of the “job ladder” – following one linear path for your entire career. Instead, professionals today tend to create their own adventure by gaining experience across a wider range of disciplines. Lynn Elwood, VP of Cloud & Services Solutions, is a prime example of this. Lynn’s desire to be challenged and … The post Thriving as a woman in tech: A Q&A with OpenText VP, Lynn Elwood appeared first on OpenText Blogs.

Cloud 80
article thumbnail

Feds Charge Lone North Korean With Devastating Cyberattacks

Data Breach Today

WannaCry, Sony Pictures and Bangladesh Bank Attacks Tie to Suspect, FBI Says U.S. prosecutors have accused a lone, 34-year-old North Korean man of involvement in some of the most destructive and profitable cyberattacks ever seen, including the WannaCry ransomware, Sony Pictures Entertainment breach and the theft of $81 million from Bangladesh Bank.

article thumbnail

Belgium Publishes Law Adapting the Belgian Legal Framework to the GDPR

Hunton Privacy

On September 5, 2018, the Law of 30 July 2018 on the Protection of Natural Persons with regard to the Processing of Personal Data (the “Law”) was published in the Belgian Official Gazette. This is the second step in adapting the Belgian legal framework to the EU GDPR after the Law of 3 December 2017 Creating the Data Protection Authority , which reformed the Belgian Data Protection Authority.

GDPR 72
article thumbnail

Digital Payments Security: Lessons From Canada

Data Breach Today

Canada, which has a head start on the adoption of digital payments, has learned some valuable security lessons that could be beneficial to the U.S., says Gord Jamieson of Visa. He'll be a featured speaker at ISMG's Fraud & Breach Prevention Summit: Toronto, to be held Sept. 11-12.

Security 100
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Popular Mac App Adware Doctor Actually Acts Like Spyware

WIRED Threat Level

Adware Doctor has long been one of the top-selling apps in the Mac App Store. But researchers say it harvested browsing data, and sent it to China.

IT 72
article thumbnail

Computer Voting: A 'National Disgrace'

Data Breach Today

The latest edition of the ISMG Security Report features Barbara Simons, co-author of the book "Broken Ballots," discussing why she believes it's a "national disgrace" that some states are relying on computer voting with no provision for recounts. Also: Update on breach lawsuit against Premera Blue Cross.

Security 100
article thumbnail

8 Attack Vectors Puncturing Cloud Environments

Dark Reading

These methods may not yet be on your security team's radar, but given their impact, they should be.

Cloud 86
article thumbnail

British Airways breach affects 380,000 customers

IT Governance

British Airways has apologised after the personal and financial information of more than 380,000 customers was compromised in a “sophisticated, malicious criminal attack”. The airline said the breach occurred between 22:58 BST on 21 August and 21:45 BST on 5 September, and only affects customers who bought tickets during that period. BA’s CEO, Alex Cruz, said: “At the moment, our number one purpose is contacting those customers that made those transactions to make sure they contact their credit

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Top MacOS App Exfiltrates Browser Histories Behind Users’ Backs

Threatpost

A macOS App called Adware Doctor blocks ads, but share’s user browser history with a China-based domain.

Privacy 78
article thumbnail

Does size matter? The repercussions of data breaches for small and large organisations

IT Governance

Data breaches can happen to anybody. Incidents at large organisations – such as Dixons Carphone and Superdrug – might be reported on more often, giving you the impression that they are the most frequent targets, but these are actually the exception. Breaches occur most often at SMEs (small and medium-sized enterprises), if only because there are a lot more of them.

article thumbnail

Apple in education: A love story

Jamf

From Apple School Manager to Shared iPads, see how Apple continues to open a world of educational possibilities for students and educators.

article thumbnail

Apple (Finally) Removes MacOS App Caught Stealing User Browser Histories

Dark Reading

The fact that the app likely has been exfiltrating data for years is "rather f#@&'d" up, says the security researcher who reported the issue to Apple one month ago.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Flaw in update process for BMCs in Supermicro servers allows to deliver persistent malware or brick the server

Security Affairs

A team of security researchers discovered a vulnerability in the baseboard management controller (BMC) hardware used by Supermicro servers. Researchers from security firm Eclypsium have discovered a vulnerability in the firmware update mechanism that could be exploited by hackers to deliver persistent malware, completely wipe and reinstall of the operating system. “Using the vulnerabilities we discovered, it is possible to make arbitrary modifications to the BMC code and data.

article thumbnail

British Airways data breach: what to do if you have been affected

The Guardian Data Protection

From which payments have been compromised to future bookings and compensation British Airways customer data stolen from its website BA chief vows to compensate customers after data breach British Airways has warned customers that around 380,000 card payments on its website and app were compromised during a 15-day data breach. Here is what to do if you think you have been affected.

article thumbnail

Police arrested Apophis Squad member responsible for ProtonMail DDoS attack

Security Affairs

UK NCA arrested a member of the Apophis Squad hacker group that launched distributed denial-of-service (DDoS) attacks against many organizations, including ProtonMail. The U.K. National Crime Agency (NCA) announced the arrest of the 19-year-old George Duke-Cohan from Hertfordshire that was involved in the ProtonMail DDoS attack. The teenager, aka “7R1D3N7,” “DoubleParallax” and “optcz1,”was arrested on August 31 and is still in custody after he pleaded guilty to three counts of making hoax bom

article thumbnail

Fake Beto O'Rourke Texts Expose New Playground for Trolls

WIRED Threat Level

Someone hijacked a volunteer tool to make it look like Beto O'Rourke encouraged voter fraud—and that could just be the beginning.

IT 59
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

The Role of Incident Response in ICS Security Compliance

Dark Reading

The data-driven nature of IR can provide many of the reporting requirements governing industrial control system safety, finance, consumer privacy, and notifications.

article thumbnail

Open.Git Directories Leave 390K Websites Vulnerable

Threatpost

An exhaustive scan shows hundreds of thousands of websites potentially exposing sensitive data such as database passwords, API keys and so on.

article thumbnail

Weekly Update 103

Troy Hunt

It's been a week of travel for me with API Days in Melbourne on Tuesday, Fortinet Fast & Secure in Sydney on Wednesday then the Varonis webinar yesterday (recorded, I'll share once it's online). Be that as it may, I did manage to pump out a long-awaited blog post on the total cost of running Pwned Passwords in HIBP and its. 2.6c per day ??. This week there's also a few random things ranging from online authenticity (the human kind), changes in Chrome 69 (there's some major visual security in

article thumbnail

How did hackers manage to lift the details of BA customers?

The Guardian Data Protection

Airline says only information entered within a two-week period was taken British Airways customer data stolen from its website BA chief vows to compensate customers after data breach BA data breach: what to do if you have been affected As British Airways reels from yet another IT scandal, speculation about how the “world’s favourite airline” could allow the credit card details of 380,000 customers to be stolen from under its nose for two weeks swirls.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

British Airways Hacked, Consumer Data Compromised

Adam Levin

On the heels of last weeks news that Air Canada suffered a breach affecting thousands of customers, British Airways announced a major breach affecting 380,000 customers who used the company’s website and app over a two-week period. From August 21 to September 5, hackers stole British Airways customer user names, addresses, email addresses and credit card information (including expiration dates and security codes).

article thumbnail

British Airways Issues Apology for Severe Data Breach

Dark Reading

The airline "is deeply sorry" for its worst-ever cyberattack, which has affected 380,000 customers.

article thumbnail

Healthcare Data Breaches: The Way Forward

IG Guru

February 7, 2018 Editors note: The following blog was authored by Navneeta Rathor, Dr. Mansur Hasib Has reviewed and approved the content. Navneeta is currently pursuing a Master’s degree in Cybersecurity at UMBC. During her study of cybersecurity leadership and risk management under the guidance of Dr. Hasib, Navneeta analyzed several major organizations and their […].