November, 2019

article thumbnail

Data Protection on Demand: The Key to Cloud-Based Key Management

Thales Cloud Protection & Licensing

Some organizations presume that encryption is a one-and-done affair that can solve all of their security woes. But that’s not the case. Even when organizations effectively implement encryption, they might forget to safely store their encryption keys. This oversight poses a serious threat to organizations’ data security, as digital criminals can compromise those keys and gain access to an organization’s sensitive data.

Cloud 106
article thumbnail

3 Everyday Things in Your Office That Could Lead to a Data Breach

Adam Levin

When you think about cyberthreats , what comes to mind? An extortionist announcing your doom with a dark monitor and a laughing skull? State-sponsored cyber-warriors working from a secure command post? President Trump’s certain, “somebody sitting on their bed that weighs 400 pounds ?” Chances are good, your version of cyber risk involves one of the above “types” hunched over a keyboard deploying massively sophisticated malware on the networks of unsuspecting bus

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Think Twice Before Giving Gifts With a Microphone or Camera

WIRED Threat Level

Black Friday is going to be overrun with cheap, internet-connected gifts. Just make sure you know exactly what you’re buying.

article thumbnail

Technology and Policymakers

Schneier on Security

Technologists and policymakers largely inhabit two separate worlds. It's an old problem, one that the British scientist CP Snow identified in a 1959 essay entitled The Two Cultures. He called them sciences and humanities, and pointed to the split as a major hindrance to solving the world's problems. The essay was influential -- but 60 years later, nothing has changed.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Federal Data Privacy Bill Takes Aim at Tech Giants

Threatpost

The COPRA legislation would provide GDPR-like data protections, and create a new FTC enforcement bureau.

More Trending

article thumbnail

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

Thales Cloud Protection & Licensing

In the modern era of a global information economy, every single day, enormous amounts of information are transmitted, stored and collected worldwide. All these transactions are made possible by the massive technological advancements in our computing and networking capabilities that have materialized in recent years. These technological advancements not only changed the landscape of our global online, social, economic and financial endeavors but also brought numerous changes in privacy and data p

GDPR 110
article thumbnail

Tainted Data Can Teach Algorithms the Wrong Lessons

WIRED Threat Level

Researchers show how AI programs can be sabotaged by even subtle tweaks to the data used to train them.

Security 108
article thumbnail

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Krebs on Security

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different compromised restaurant chains that are most prevalent across the midwest and eastern United States.

Sales 298
article thumbnail

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach. Find out how much money the company is seeking.

Insurance 341
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Enterprise Architecture Tools and the Changing Role of the Enterprise Architect

erwin

Enterprise architecture tools are becoming more important than ever. The International Enterprise Architecture Institute (IEAI) defines enterprise architecture (EA) as “the analysis and documentation of an enterprise in its current and future states from an integrated strategy, business and technology perspective.”. In the era of data-driven business, such perspective is critical.

article thumbnail

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

Until this month, I'd never heard of People Data Labs (PDL). I'd certainly heard of the sector they operate in - "Data Enrichment" - but I'd never heard of the company itself. I've become more familiar with this sector over recent years due to the frequency with which it's been suffering data breaches that have ultimately landed in my inbox. For example, there's Dun & Bradstreet's NetProspex which leaked 33M records in 2017 , Exactis who had 132M records breached last year and the Apollo dat

article thumbnail

T-Mobile data breach affects more than 1 million customers

IT Governance

T-Mobile has confirmed that its systems have been hacked, with cyber criminals stealing the personal data of more than one million US customers. According to the organisation, customer names, addresses, phone numbers, rate plans and plan features were all exposed. Other sensitive information such as passwords and financial information weren’t affected.

article thumbnail

Brexit data firm broke Canadian privacy laws, watchdog finds

The Guardian Data Protection

AggregateIQ, hired by Vote Leave in 2016, failed to ensure authorisation to disclose UK voter information The Canadian data firm AggregateIQ (AIQ) broke privacy laws with some of the work it did for a leading pro-Brexit group in Britain and a number of US political campaigns, according to a watchdog’s official report. Canada’s federal privacy commissioner, Daniel Therrien, along with his counterpart in the province of British Columbia, said on Tuesday that AIQ had not taken measures to ensure it

Privacy 142
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Hidden Cam Above Bluetooth Pump Skimmer

Krebs on Security

Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I’d never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices. Apparently, I’m not alone. “I believe this is the first time I’ve seen a camera on a gas pump with a Bluetooth card skimmer,” said Detective Matt Jogodka of the Las Vegas Police Departm

Sales 297
article thumbnail

Ransomware Attackers Leak Stolen Data

Data Breach Today

Maze Crew Reportedly Threatens to Release More of Allied Universal's Data Unless Ransom Paid Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.

article thumbnail

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Security Affairs

Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. According to the company, the cause of behavior that violates their policies is a couple of “malicious” software development kits (SDKs) used by the third-party iOS and Android apps.

article thumbnail

Home Safe: 20 Cybersecurity Tips for Your Remote Workers

Dark Reading

How can you protect your precious corporate endpoints from the mysterious dangers that might await when you're not by their side? Empower home office users with these tips.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today. That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs.

IoT 122
article thumbnail

Major Hotel Group Leaks 1TB of Customer Data

Adam Levin

One terabyte of data belonging to a major hotel booking platform was found leaked online. A huge trove of customer data belonging to Gekko Group was found online in an unsecured format. The data contained a wide array of records, including full names, credit card details, client login information, email addresses, home addresses and hotel reservations.

B2B 118
article thumbnail

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Krebs on Security

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

article thumbnail

Dell Considering Selling RSA: Report

Data Breach Today

Company Acquired RSA as One Component of Its Purchase of EMC in 2016 Dell Technologies is considering the possible sale of its RSA security division, hoping such a deal could be worth $1 billion, according to Bloomberg, which cites "people familiar with the matter.

Sales 273
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Security Affairs

Microsoft revealed that the new Dexphot cryptocurrency miner has already infected more than 80,000 computers worldwide. Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency , according to the experts it has already infected 80,000 computers worldwide.

article thumbnail

Leaks of NSA, CIA Tools Have Leveled Nation-State Cybercriminal Capabilities

Dark Reading

The wide availability of tools leaked by the Shadow Brokers and WikiLeaks in 2016 and 2017 have given emerging cyber powers a way to catch up, DarkOwl says.

132
132
article thumbnail

Teach Your Kids to Code with Ari in Oslo and London

Troy Hunt

When I first started writing code a few decades ago, it was a rather bland affair involving a basic text editor and physical books for reference. I didn't have an opportunity to create anything usable by others until years later and perhaps most importantly in the context of this blog post, I didn't have anyone in my family able to teach me about coding.

IT 113
article thumbnail

Black Friday Shoppers Targeted By Scams and Fake Domains

Threatpost

Cybercriminals are tapping in on Black Friday and Cyber Monday shoppers with an array of scams and malware - including domain impersonation, social media giveaway scams, and a malicious Chrome extension.

Phishing 112
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Ransomware Bites 400 Veterinary Hospitals

Krebs on Security

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software.

article thumbnail

Attackers Demand $14 Million Ransom From IT Services Firm

Data Breach Today

Incident Could Have Ripple Effect on Virtual Care Provider's 110 Healthcare Clients Virtual Care Provider Inc., which provides cloud hosting and other services to more than 110 healthcare entities, including nursing homes and assisted living facilities, is struggling to bounce back from a ransomware attack in which hackers demanded a $14 million ransom.

IT 288
article thumbnail

A Ransomware infected the network of the cybersecurity firm Prosegur

Security Affairs

A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it. The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. Comunicado sobre incidencia de seguridad informática pic.twitter.com/TMdOJzkFCB — Prosegur (@Prosegur) November 27, 2019.