Sat.Mar 02, 2019 - Fri.Mar 08, 2019

Data Governance Stock Check: Using Data Governance to Take Stock of Your Data Assets

erwin

For regulatory compliance (e.g., GDPR) and to ensure peak business performance, organizations often bring consultants on board to help take stock of their data assets. This sort of data governance “stock check” is important but can be arduous without the right approach and technology.

Cybersecurity for the Public Interest

Schneier on Security

The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals.

Consumer Privacy: Reasons for Optimism As Well As Concern

Data Breach Today

ACLU's Jon Callas Briefs RSA Conference on Evolution of Privacy Discussion At the start of RSA Conference 2019, Jon Callas of the ACLU discusses how attitudes toward privacy continue to evolve and why the general tenor of the conversation is not as bad as some headlines suggest

MyEquifax.com Bypasses Credit Freeze PIN

Krebs on Security

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed.

Tools 264

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

A common thread runs through the cyber attacks that continue to defeat the best layered defenses money can buy. Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core.

More Trending

Health Data Hacking Incident Affects 400,000

Data Breach Today

Columbia Surgical Specialists of Spokane Reports Breach Columbia Surgical Specialists of Spokane has reported a breach impacting 400,000 individuals, the largest added to the federal health data breach tally so far in 2019. Meanwhile, a medical center in Chicago has also reported a major breach

Hackers Sell Access to Bait-and-Switch Empire

Krebs on Security

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S.

Access 195

The Latest in Creepy Spyware

Schneier on Security

The Nest home alarm system shipped with a secret microphone , which -- according to the company -- was only an accidental secret : On Tuesday, a Google spokesperson told Business Insider the company had made an "error." "The

More than billion records exposed online by email validation biz Verifications.io

Security Affairs

Experts found an unprotected server exposing online 4 MongoDB databases belonging to the email validation company Verifications.io. A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million records.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Guilty Plea in Rare HIPAA Criminal Case

Data Breach Today

Former Patient Coordinator Wrongfully Disclosed Patient Information A former patient coordinator at UPMC, a medical center in Pittsburgh, has pleaded guilty to wrongfully disclosing health information in a rare case involving criminal prosecution for violating HIPAA

219
219

To Become Like Living People

The Schedule

The following is a RMS guest post by Maarja Krusten, a retired Federal government historian who worked on records, archives, and historical research assignments and served for 14 years as an archivist in NARA’s Office of Presidential Libraries. . Margaret M.

Digital Signatures in PDFs Are Broken

Schneier on Security

Researchers have demonstrated spoofing of digital signatures in PDF files. This would matter more if PDF digital signatures were widely used. Still, the researchers have worked with the various companies that make PDF readers to close the vulnerabilities. You should update your software.

Evading AV with JavaScript Obfuscation

Security Affairs

A few days ago, Cybaze-Yoroi ZLAB researchers spotted a suspicious JavaScript file that implemented several techniques to evade detection of all AV solutions. Introduction.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

A Vision of the Role for Machines in Security

Data Breach Today

RSA President Rohit Ghai on Humans and Machines Working Together as 'Trustworthy Twins' In a keynote address at the RSA Conference 2019, RSA President Rohit Ghai encouraged attendees to work in the coming years to "implement a security program with machines and humans working together.

Weekly Update 128

Troy Hunt

I'm not intentionally pushing these out later than usual, but events have just been such over the last few weeks that it's worked out that way.

Protect yourself and your customers from formjacking

IT Governance

Online retailers and other organisations using ecommerce functionality must prepare for the threat of formjacking, Symantec has warned , after detecting 3.7 million instances of the attack method in 2018.

NSA released Ghidra, its multi-platform reverse engineering framework

Security Affairs

The NSA released the Ghidra, a multi-platform reverse engineering framework that could be used to find vulnerabilities and security holes in applications. In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA.

IT 111

Who Faces Biggest Financial Risks From Cyberattacks?

Data Breach Today

Risk 211

The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source

WIRED Threat Level

No one's better at hacking than the NSA. And now one if its powerful tools is available to everyone for free. Security

Tools 87

International Women’s Day: Supporting gender diversity in cybersecurity, putting the skills gap into the history books

Thales eSecurity

Last year was the first time companies in Great Britain had to disclose their gender pay gap figures.

StealthWorker Malware Uses Windows, Linux Bots to Hack Websites

Security Affairs

Security experts at FortiGuard uncovered a new malware campaign aimed at delivering the StealthWorker brute-force malware. The malicious code targets both Windows and Linux systems, compromised systems are used to carry out brute force attacks along with other infected systems.

GRC: A Status Report

Data Breach Today

Matt Kunkel of LogicGate Offers Update on Governance, Risk Management and Compliance How are governance, risk management and compliance changing as a result of evolving privacy regulations? Matt Kunkel of LogicGate offers an update

GDPR compliance and information security: reducing data breach risks

IT Governance

The GDPR (General Data Protection Regulation) isn’t only about preventing data breaches (it’s equally focused on strengthening data subjects’ rights), but organisations have understandably honed in on the importance of effective data protection.

Innovations in Adobe Analytics via AEM Authoring

Perficient Data & Analytics

In 2015 the Ford Motor Company made the significant investment to purchase and integrate the full Adobe Marketing Cloud solution with the goal to deliver personalized and optimized content through its myriad of digital channels.

Google discloses Windows zero-day actively exploited in targeted attacks

Security Affairs

Google this week revealed a Windows zero-day that is being actively exploited in targeted attacks alongside a recently fixed Chrome flaw.

Course 101

GDPR: Still Plenty of Lessons to Learn

Data Breach Today

GDPR 196

Infographic: List of data breaches in 2018

IT Governance

2018 saw some of the biggest data breaches yet , with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. It was also the year of the GDPR (General Data Protection Regulation) , which changed the way organisations handle customers’ personal data and introduced hefty fines for non-compliance. However, the Regulation didn’t seem to reduce the number of data breaches: there were approximately 2.3

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

Research confirms rampant sale of SSL/TLS certificates on darkweb

Security Affairs

A study conducted by academics discovered that SSL and TLS certificates and associated services can be easily acquired from dark web marketplaces. A study sponsored by Venafi and conducted by researchers from Georgia State University in the U.S. and the University of Surrey in the U.K.

Sales 98

Are Autonomous Vehicles Trustworthy?

Data Breach Today

Summer Craze Fowler of Argo AI on the Concept of 'Prosilience' Autonomous vehicles are coming, but can we trust them? Summer Craze Fowler of Argo AI explains how "prosilience" is key to the future of self-driving cars and IoT

IoT 196

International Women’s Day 2019

OpenText Information Management

At OpenText, we are deeply committed to creating a diverse and inclusive culture where all voices are heard. There is a tsunami of new technologies on the horizon (AI, 5G, Robotics) and we need the future to be an inclusive one, so we can continue to lead the way.

Blog 84