Data Breach Today
OCTOBER 23, 2018
Chorus of Criticism Against China Spying Contention Reaches New High Where is the secret spying chip devised by China that Bloomberg reported had worked its way into at least 30 companies, including Amazon and Apple? The report earlier this month alleging supply chain infiltration by China's People's Liberation Army triggered skepticism from the start - and it's growing.
Krebs on Security
OCTOBER 22, 2018
A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software. Although Agent Tesla includes a multitude of features designed to help it remain undetected on host computers, the malware’s apparent creator seems to have done little to hide his real-life identity.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
IT Governance
OCTOBER 23, 2018
There is no escaping the threat of data breaches. Organisations are being warned about data breaches in the media, regulators are demanding improved information security and the public is getting more vocal when organisations make mistakes. You may well think that staying secure and pacifying all these groups is an expensive and seemingly impossible task.
National Archives Records Express
OCTOBER 26, 2018
Many of our readers may have seen recent items in the news media, social medi a or on listservs that make it seem like the Department of the Interior is making an unusual request to destroy Federal Records. We have been busily responding to inquiries about this schedu le from individuals and the press for a few days. Those of you who work in records management understand the records scheduling process, but to others, this process can seem mysterious.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
OCTOBER 22, 2018
Separately, a Water Utility Hit by Ryuk Ransomware Vows to Restore, Not Pay A tale of two different ransomware victims' responses: One Connecticut city says it had little choice but to pay a ransom to restore crypto-locked systems. But a North Carolina water utility hit separately says that rather than bow to criminals' demands, it will rebuild affected systems and databases.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
IT Governance
OCTOBER 24, 2018
The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. As you might expect, there are a lot of intricacies involved. This blog guides you through everything you need to know about the GDPR’s personal data breach notification requirements, including how to report incidents and the potential repercussions for failing to c
Security Affairs
OCTOBER 26, 2018
Security researcher discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions. The Indian security researcher Narendra Shinde has discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions, including OpenBSD, Debian, Ubuntu, CentOS, Red Hat, and Fedora.
Data Breach Today
OCTOBER 25, 2018
Failings Leading to Cambridge Analytica Scandal Earn Sharp Rebuke From Regulator Facebook has been slammed with the maximum possible fine under U.K. law for "a very serious data incident" that exposed an estimated 87 million Facebook users' personal details to political campaign influence firm Cambridge Analytica.
Schneier on Security
OCTOBER 24, 2018
This is a long -- and somewhat technical -- paper by Chris C. Demchak and Yuval Shavitt about China's repeated hacking of the Internet Border Gateway Protocol (BGP): " China's Maxim Leave No Access Point Unexploited: The Hidden Story of China Telecom's BGP Hijacking.". BGP hacking is how large intelligence agencies manipulate Internet routing to make certain traffic easier to intercept.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
IT Governance
OCTOBER 26, 2018
Negligent employees are the leading cause of data breaches at small and medium-sized businesses across North America and the UK, according to a recent study from Keeper Security. But what do these incidents really look like on the front line? IT Governance investigates. 1) ‘Gloogle Gate’ – starring Innocent Ian. Ian doesn’t mean any harm. He’s trying his best.
Security Affairs
OCTOBER 21, 2018
Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. The hackers used the powerful cyber weapons to compromise systems used in aerospace, nuclear energy, R&D, and other industries. According to experts from Kaspersky Lab, threat actors leverage NSA tools DarkPulsar, DanderSpritz and Fuzzbunch to infect Windows Server 2003 and 2008 systems in 50 organizations in Russia, Iran, and
Data Breach Today
OCTOBER 25, 2018
Airline's Five-Month Delay Before Public Disclosure Raises Concern Hong Kong-based airline Cathay Pacific says the personal details of 9.4 million passengers were inappropriately accessed in March, a breach the company confirmed in early May but publicly revealed on Wednesday. That raises questions about whether the airline violated data breach disclosure regulations.
WIRED Threat Level
OCTOBER 25, 2018
Opinion: The fact that voter information is left on devices, unencrypted, that are then sold on the open market is malpractice.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
IT Governance
OCTOBER 22, 2018
Last week, the NCSC (National Cyber Security Centre) released its second annual review , in which it warned that a life-threatening cyber attack will hit the UK in the near future. CEO Ciaran Martin said: “I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead, what we would call a Category 1 attack.”.
Security Affairs
OCTOBER 24, 2018
The security researcher SandboxEscaper has released the proof-of-concept exploit code for a new Windows zero-day, Windows users are now exposed to attacks. The security researcher using the Twitter handle @SandboxEscaper is back and has released the proof-of-concept exploit code for a new Windows zero-day vulnerability. At the end of August, the same researcher disclosed the details of zero-day privilege escalation vulnerability affecting the Microsoft’s Windows Windows Task Scheduler that coul
Data Breach Today
OCTOBER 26, 2018
Investigators Now Count 565,000 Data Breach Victims British Airways has discovered that hackers compromised payment card data and personal details for 185,000 more customers than it had originally suspected and that its systems were first breached not in August, but April. The airline now counts 565,000 data breach victims.
Schneier on Security
OCTOBER 22, 2018
IoT devices are surveillance devices, and manufacturers generally use them to collect data on their customers. Surveillance is still the business model of the Internet, and this data is used against the customers' interests: either by the device manufacturer or by some third-party the manufacturer sells the data to. Of course, this data can be used by the police as well; the purpose depends on the country.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
IT Governance
OCTOBER 26, 2018
The EU GDPR (General Data Protection Regulation) has heralded a new era in which individuals have greater control over their personal data. Organisations need to be much clearer about what information they’re processing, what it’s being used for and how data subjects can review and request changes to their data. But did you know the GDPR has also made it easier for individuals to claim compensation when an organisation fails to meet its data protection requirements?
Security Affairs
OCTOBER 25, 2018
Good news for the victims of the infamous GandCrab ransomware, security experts have created a decryption tool that allows them to decrypts files without paying the ransom. Bitdefender security firm along with Europol, the FBI, Romanian Police, and other law enforcement agencies has developed a free ransomware decryption tool. “The good news is that now you can have your data back without paying a cent to the cyber-criminals, as Bitdefender has released a free utility that automates the da
Data Breach Today
OCTOBER 26, 2018
Crypto-Locking Ransomware Cracked Thanks to Gang's Shoddy Code Quality Good news for anyone whose data has been crypto-locked by attackers wielding GandCrab, the year's most aggressive strain of ransomware: You may be able to get your data back, thanks to a free decryptor.
Data Matters
OCTOBER 23, 2018
On October 3, 2018, the European Parliament passed its long awaited resolution on distributed ledger technologies and blockchains (the “Blockchain Resolution”). The Blockchain Resolution was adopted to protect and empower EU citizens and businesses with respect to the specific issues that arise in relation to the blockchain or “distributed ledger” technology, one of which being the tension with data protection rights and the GDPR in general.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
OCTOBER 24, 2018
Operating one's own local DNS resolution servers is one of the simplest and lowest-cost things an IT administrator can do to monitor and protect applications, services, and users from potential risks.
Security Affairs
OCTOBER 20, 2018
The developers of the GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The authors of the infamous GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. Gandcrab developers’ post – Source Bleeping Computer. The crooks decided to release the decryption keys after a Syrian Twitter user published a harrowing message asking for help after photos of his deceased chil
Data Breach Today
OCTOBER 22, 2018
'Project Lakhta' Allegedly Poured Millions Into Promoting Social Conflict A Russian national has been charged with coordinating a four-year campaign to spread divisive themes aimed at disrupting the U.S. political system. "Project Lakhta" allegedly employed hundreds of people who created bogus accounts on such platforms as Facebook and Twitter to sow false narratives.
IT Governance
OCTOBER 25, 2018
There is a lot you need to do after you discover a data breach, so it’s a good idea to keep a checklist. This will help you keep track of your progress during a hectic few days and ensure that you’ve done everything necessary to comply with the EU GDPR (General Data Protection Regulation). We recommend using a list such as this: Find out what types of data are affected.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
TAB OnRecord
OCTOBER 25, 2018
A digital evolution is only as effective as the people behind it. This makes effective change management a key factor in any successful digital transformation. In this three-part post we will present six change management tips to help you meet challenges that may arise during your digital evolution. Tip #1 – Know the culture No [.] Read More. The post Effective change management for your digital evolution – Part 1 appeared first on TAB Records Management Blog | TAB OnRecord.
Security Affairs
OCTOBER 22, 2018
Researchers found that one of the most popular Internet of Things real-time operating system, FreeRTOS, is affected by serious vulnerabilities. Researchers at Zimperium’s zLabs team have found that one of the most popular Internet of Things real-time operating system, FreeRTOS , is affected by serious vulnerabilities. The researcher Ori Karliner and his team analyzed some of the most popular operating systems in the IoT market, including the FreeRTOS.
Data Breach Today
OCTOBER 24, 2018
Victims Would Get Credit Monitoring, Reimbursement For ID Theft A proposed agreement that would end a class-action suit against Yahoo over devastating data breaches could see the company pay as much as $85 million. That adds to the $35 million fine levied by the SEC earlier this year, showing the high price to be paid for Yahoo's record data breaches.
Expert insights. Personalized for you.
221 
Let's personalize your content