John Battelle's Searchblog
DECEMBER 26, 2018
Those of us fortunate enough to have lived through the birth of the web have a habit of stewing in our own nostalgia. We’ll recall some cool site from ten or more years back, then think to ourselves (or sometimes out loud on Twitter ): “Well damn, things were way better back then.” Then we shut up. After all, we’re likely out of touch, given most of us have never hung out on Twitch.
Data Breach Today
DECEMBER 28, 2018
Tool Hides Virtual Volumes But Leaves Linux Looking 'Bit-for-Bit' Normal Digital steganography is the practice of hiding information in plain sight, especially inside other data or images. And a new toolset, which debuted earlier this month at the Black Hat Europe conference, suggests steganography is going to get much more difficult to spot in the future.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
DECEMBER 26, 2018
Modern cyber threats often are not obvious – in fact it is common for them to lurk inside a business’ systems for a long time without anyone noticing. This is referred to as ‘dwell time’, and a recent report from the Ponemon Institute indicates that the average dwell time is 191 days. Related podcast: The re-emergence of SIEMs. In an ideal world there would no dwell time at all, and threats would be identified before they can penetrate business’ defenses.
Krebs on Security
DECEMBER 23, 2018
A 22-year-old man convicted of cyberstalking and carrying out numerous bomb threats and swatting attacks — including a 2013 swatting incident at my home — was arrested Sunday morning in the Philippines after allegedly helping his best friend dump the body of a housemate into a local river. Suspects Troy Woody Jr. (left) and Mir Islam, were arrested in Manila this week for allegedly dumping the body of Woody’s girlfriend in a local river.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
AIIM
DECEMBER 28, 2018
You have led the pack in creating a digital transformation strategy but how do you get your employees to engage and help your organization realize its goals? Embracing new technology is not the major challenge – human behavior is a significant factor in the success or failure of such projects. In this article, we look at 5 ways to change your employees behavior and drive digital transformation in your organization.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
DECEMBER 23, 2018
Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. . A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform privileged operations using the web management interface.
Thales Cloud Protection & Licensing
DECEMBER 26, 2018
( Originally posted on Cards International). To reach its tipping point, cashless payment technology has come on a long way since the first magnetic stripe card almost 50 years ago. The development of chip and PIN addressed concerns over security, before the emergence of contactless catered to consumer demands for greater convenience. Today, a new stage in the evolution of payments is growing in popularity.
AIIM
DECEMBER 27, 2018
Every organization wants to increase agility and productivity by extracting maximum value from its processes and content. Organizations need to bridge the silos created by disparate lead applications to seamlessly pull structured and unstructured information together and present the whole story to the customer relationship management (CRM) users who need it.
Data Breach Today
DECEMBER 28, 2018
South Korean Resettlement Agency Breach Traces to Malware-Laden Email Personal information for 1,000 North Korean defectors, including their names and addresses, has been stolen via a malware attack, officials in South Korea warn. They've traced the leak to a malware infection at a refugee resettlement center, and say police continue to investigate.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
WIRED Threat Level
DECEMBER 27, 2018
In December 1988 a bomb downed a Pan Am jet, leaving 270 dead. It was the first mass killing of Americans by terrorists. As the head of the Justice Department’s criminal division, Robert Mueller oversaw the case. And for him, it was personal.
Thales Cloud Protection & Licensing
DECEMBER 28, 2018
As the retail industry follows suit with today’s digital transformation, customer expectations are at an all-time high. Retailers are looking to address these demands with interconnected experiences to give customers more personalized and immediate experiences both in-stores and online. But do these connected experiences actually live up to the hype?
AIIM
DECEMBER 24, 2018
The best way to think about HR process automation is by thinking about it over the lifecycle of an employment relationship and the kinds of documents that are typical in each stage of the life cycle. Here are five key issues you need to consider when thinking about Human Capital Management. Human Capital Management is not actually one process, but a series of connected processes with overlapping information requirements.
Data Breach Today
DECEMBER 22, 2018
Credit Card Information Exposed in Latest Portal Incident Web portals designed to provide convenient service to consumers can pose substantial security risks, as numerous breaches in recent years have clearly illustrated. What steps can be taken to reduce those risks?
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
DECEMBER 27, 2018
A new sample of Shamoon 3 was uploaded on December 23 to the VirusTotal platform from France, it is signed with a Baidu certificate. A new sample of the dreaded Shamoon wiper was uploaded on December 23 to the VirusTotal platform from France. This sample attempt to disguise itself as a system optimization tool developed by Chinese technology company Baidu.
Dark Reading
DECEMBER 27, 2018
Machine intelligence, in its many forms, began having a significant impact on cybersecurity this year - setting the stage for growing intelligence in security automation for 2019.
Schneier on Security
DECEMBER 28, 2018
This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced "eve") used their large reservoir of trusted IP addresses to conceal a fraud that otherwise would have been easy for advertisers to detect. The scheme employed a thousand servers hosted inside data centers to impersonate real human beings who purportedly "viewed" ads that were hosted on bogus pages run by the scammers themselves -- who then received a check f
Data Breach Today
DECEMBER 28, 2018
Leading the latest edition of the ISMG Security Report: Microsoft's Joram Borenstein highlights his top three areas of focus for 2019. Plus, Randy Vanderhoof of the US Payments Forum on securing card transactions in the coming year.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Security Affairs
DECEMBER 28, 2018
The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser ( CVE-2018-8629 ). The vulnerability affects the JavaScript engine Chakra implemented in the Edge web browser, an attacker could exploit it to execute arbitrary code on the target machine with the same privileges as the logged user. “A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
Dark Reading
DECEMBER 27, 2018
The joining of 'deep learning' and 'fake news' makes it possible to create audio and video of real people saying words they never spoke or things they never did.
Schneier on Security
DECEMBER 24, 2018
Last week, the Scientific Working Group on Digital Evidence published a draft document -- " SWGDE Position on the Use of MD5 and SHA1 Hash Algorithms in Digital and Multimedia Forensics " -- where it accepts the use of MD5 and SHA-1 in digital forensics applications: While SWGDE promotes the adoption of SHA2 and SHA3 by vendors and practitioners, the MD5 and SHA1 algorithms remain acceptable for integrity verification and file identification applications in digital forensics.
Data Breach Today
DECEMBER 27, 2018
Sizing Up the Threats and Reviewing the Mitigation Effort In an increasingly complex world of interconnected information systems and devices, more must be done to protect critical infrastructure, says Ron Ross of the National Institute of Standards and Technology.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
DECEMBER 26, 2018
Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. The campaign targeted organizations in the US and the UK, the attackers have been abusing Google Cloud Storage to deliver payload. The spam campaign uses messages including links that point to archive files such as.zip or.gz.
Dark Reading
DECEMBER 26, 2018
By encouraging female participation through education and retaining this interest through an inclusive culture and visible role models, we can begin to close the skill and gender gap in cybersecurity.
Schneier on Security
DECEMBER 26, 2018
Good essay: " Advancing Human-Rights-By-Design In The Dual-Use Technology Industry ," by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses can do far more than these basic measures. They could adopt a "human-rights-by-design" principle whereby they commit to designing tools, technologies, and services to respect human rights by default, rather than permit abuse or exploitation as part of their business model.
Data Breach Today
DECEMBER 24, 2018
DDoS-as-a-Service Providers Targeted by Arrests and Takedowns Fifteen of the world's biggest "stresser/booter" services, designed to enable users to launch DDoS attacks against sites on demand, have been shut down, and three men who allegedly ran such services have been charged.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Security Affairs
DECEMBER 22, 2018
The Department of Justice (DoJ) announced that the FBI seized 15 domains associated with DDoS-for-hire services. The FBI has seized 15 domains associated with DDoS-for-hire services (aka booters or stressers ) that were used by their customers to launch powerful DDoS attacks. U.S. Authorities Take Down 15 DDoS-for-Hire Websites. The Department of Justice (DoJ) announced that the FBI seized 15 domains associated with DDoS-for-hire services.
Dark Reading
DECEMBER 28, 2018
In-flight airplanes, social engineers, and robotic vacuums were among the targets of resourceful white-hat hackers this year.
Troy Hunt
DECEMBER 28, 2018
I'm home! And it's a nice hot Christmas! And I've got a new car! And that's where the discussion kinda started heading south this week. As I say in the video, the reaction to my tweet about it was actually overwhelmingly positive, but there was this unhealthy undercurrent of negativity which was really disappointing to see. Several other non-related events following that demonstrated similar online aggressiveness and I don't know if it was a case of too much eggnog or simply people having more d
Expert insights. Personalized for you.
102 
Let's personalize your content