Krebs on Security

AUGUST 2, 2018

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack ). But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and

Phishing 137

Phishing Passwords Data breaches Personal data 137

Thales Cloud Protection & Licensing

JULY 31, 2018

The newest CipherTrust Cloud Key Manager capability. CipherTrust Cloud Key Manager is a multi-cloud encryption key management solution ideal for customers using Microsoft Azure Key Vault , Amazon Web Services Key Management Service , Microsoft Office365 or Salesforce Shield Platform Encryption. Before I talk about the importance of the newest feature of Cipher Trust Key Manager let’s define some terms to get everyone thinking similarly about keys and key management.

Encryption 54

Encryption Cloud Compliance Security 54

WIRED Threat Level

AUGUST 1, 2018

The tech community has known about the risk of using SMS in two-factor authentication for years. Reddit appears to have missed the memo.

Authentication 61

Authentication Risk Security 61

The Last Watchdog

JULY 30, 2018

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. One of more fascinating innovators in this space is 11-year-old DataLocker, based in Overland Park, Kansas. Related: How DataLocker got its start h. Co-founder Jay took a business trip to South Korea in the fall of 2007.

Encryption 190

Encryption Military Passwords Authentication 190

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Krebs on Security

AUGUST 1, 2018

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

Authentication 186

Authentication Passwords Phishing Data breaches 186

John Battelle's Searchblog

JULY 30, 2018

I first moved to the Bay area in 1983. I graduated from high school, spent my summer as an exchange student/day laborer in England (long story), then began studies at Berkeley, where I had a Navy scholarship (another long story). 1983. 35 years ago. 1983 was one year before the introduction of the Macintosh (my first job was covering Apple and the Mac).

IT 110

IT 110

The Last Watchdog

AUGUST 3, 2018

Illicit crypto mining is advancing apace. It was easy to see this coming. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Cryptojacking was born. And now, the next-level shift is underway. Related article: Illicit crypto mining hits cloud services. Cybercriminals have shifted their focus to burrowing onto company servers and then redirecting those corporate computing resources to crypto mining chores.

Mining 163

Mining Data breaches Ransomware Cloud 163

Krebs on Security

AUGUST 3, 2018

TCM Bank , a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018. TCM is a subsidiary of Washington, D.C.

Data breaches 150

Data breaches Retail Risk Marketing 150

Data Breach Today

AUGUST 3, 2018

Marketing Cloud Data Potentially Accessed or Corrupted Over 6-Week Period Cloud-based CRM giant Salesforce.com is warning some of its Marketing Cloud users that any data they stored may have been accessed by third parties or inadvertently corrupted because of an API error that persisted for six weeks.

Marketing 167

Marketing Cloud Security Access 167

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

AIIM

AUGUST 1, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 83

GDPR Compliance Privacy Marketing 83

The Last Watchdog

AUGUST 2, 2018

The targeting of Sen. Claire McCaskill by Russian intelligency agency hackers, as she runs for re-election, underscores the need for each individual and organization to take online privacy and security as a core part of our everyday lives. Related: Using ‘gamification’ for security training. The National Cyber Security Alliance is a non-profit group, underwritten by the top tech companies and biggest banks, that has been out there since 2001 promoting best practices and supplying pr

Cybersecurity 111

Cybersecurity Security Cleanup Education 111

IT Governance

JULY 30, 2018

Another month passes where I’m left thinking ‘I should really create a Healthcare category’. So, from next month – I’ll be doing exactly that. There were some incredibly sensitive breaches this month, the majority of which were caused by human error. I imagine human error will continue to be the main cause of data breaches for decades to come – damn humans.

Data breaches 101

Data breaches Ransomware Personal data Phishing 101

Data Breach Today

AUGUST 2, 2018

86 Percent of Bugs Patchable Within 24 Hours, Says Flexera's Alejandro Lavie One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.

Security 157

Security IT 157

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

AIIM

AUGUST 2, 2018

Consider the following stats about women in the workplace: When women are in senior executive positions, companies achieve 70% stronger stock price growth. Companies with the highest gender diversity see a 10% greater return on equity and 48% higher operating result. Having at least 1 woman on a board decreases bankruptcy by 20%. Gender diversity is so important in business, especially in fields such as IT that tend to be historically male-dominant.

Libraries 82

Libraries Education Access IT 82

The Last Watchdog

JULY 30, 2018

Understanding today’s cybersecurity landscape is complex. The amount of threats aimed at enterprises is staggering. More than 230,000 new malware samples are launched every day. The average small and medium-size business experiences a cyber attack 44 times every day. And the cost of damage directly related to cybercrime is adding up, expected to reach $6 trillion by 2021.

Analytics 104

Analytics Cybersecurity Data collection Security 104

Schneier on Security

JULY 30, 2018

Interesting research: " You are your Metadata: Identification and Obfuscation of Social Media Users using Metadata Information ," by Beatrice Perez, Mirco Musolesi, and Gianluca Stringhini. Abstract: Metadata are associated to most of the information we produce in our daily interactions and communication in the digital world. Yet, surprisingly, metadata are often still categorized as non-sensitive.

Metadata 95

Metadata Paper Communications IT 95

Data Breach Today

AUGUST 1, 2018

Propaganda Efforts - and Adversary OPSEC - Continue to Improve, Experts Warn Facebook has suspended eight pages and 24 accounts for "coordinated inauthentic behavior" tied to apparent political influence campaigns ahead of an event in Washington. While Facebook declined to attribute the activities to specific individuals or groups, U.S. lawmakers are blaming the Kremlin.

154

154

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

AIIM

AUGUST 2, 2018

Consider the following stats about women in the workplace: When women are in senior executive positions, companies achieve 70% stronger stock price growth. Companies with the highest gender diversity see a 10% greater return on equity and 48% higher operating result. Having at least 1 woman on a board decreases bankruptcy by 20%. Gender diversity is so important in business, especially in fields such as IT that tend to be historically male-dominant.

Libraries 80

Libraries Education Access IT 80

Dark Reading

JULY 31, 2018

The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar - yet.

Cybersecurity 111

Cybersecurity Security 111

Schneier on Security

AUGUST 3, 2018

Humble Bundle sells groups of e-books at ridiculously low prices, DRM free. This month , the bundles are all Wiley titles, including three of my books: Applied Cryptography , Secrets and Lies , and Cryptography Engineering. $15 gets you everything, and they're all DRM-free. Even better, a portion of the proceeds goes to the EFF. As a board member, I've seen the other side of this.

IT 94

IT 94

Data Breach Today

AUGUST 1, 2018

Mikhail Malykhin's Schemes Drove Healthcare Benefits Firm Out of Business Russian national Mikhail Malykhin, who was illegally residing in the U.S., has received a 70-month prison sentence after admitting to hack attacks and conspiring to use fraudulent debit cards issued via a hacked healthcare benefits administrator.

150

150

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

AIIM

AUGUST 1, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 80

GDPR Compliance Privacy Marketing 80

WIRED Threat Level

JULY 29, 2018

Inside Cloudflare's San Francisco office, 100 units of Edward Craven Walker’s groovy hardware help guard the internet.

Security 112

Security 112

TAB OnRecord

AUGUST 1, 2018

Physical records are necessary for day-to-day business operations, risk management and as evidence of regulatory compliance. With paper production up 180% in the past five years, and collections growing, it’s more important than ever to organize, manage and access files as efficiently as possible. Read More. The post Six ways to optimize your physical records appeared first on TAB Records Management Blog | TAB OnRecord.

Records Management 79

Records Management Paper Compliance Risk 79

Data Breach Today

JULY 31, 2018

Social Media Company Stops Short of Blaming Russians Facebook said Tuesday that it had shut down 32 pages and accounts that it says were "engaged in coordinated inauthentic behavior" apparently designed to influence U.S. politics, but it stopped short of attributing the "bad actors" to Russia.

IT 145

IT 145

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Information Governance Perspectives

AUGUST 1, 2018

We realized that current models for getting people out of poverty have failed. Those models have failed because they look at the ability to help people out of poverty separate from enabling people in poverty to participate in the supply chain.

Blockchain 80

Blockchain Information governance GDPR Government 80

Schneier on Security

AUGUST 1, 2018

The UK's GCHQ delivers a brutally blunt assessment of quantum key distribution: QKD protocols address only the problem of agreeing keys for encrypting data. Ubiquitous on-demand modern services (such as verifying identities and data integrity, establishing network sessions, providing access control, and automatic software updates) rely more on authentication and integrity mechanisms -- such as digital signatures -- than on encryption.

Authentication 79

Authentication Encryption Big data IoT 79

Daymark

AUGUST 3, 2018

T hanks to All on Team Daymark. For the 9th straight year, Daymark employees, their families and clients supported “Run to Home Base” an annual event committed to helping veterans suffering from mental trauma and brain injuries. It’s an inspiring event that Daymark employees are fully committed to. At this year’s event we were able to offer our clients the unique opportunity to join “Team Daymark” thanks to our partnership with Cisco.

75

75