Security Affairs

OCTOBER 31, 2018

Ahead of the 2018 US midterm elections , sellers are flooding the cybercrime underground markets with data from voter databases. Experts at cybersecurity company Carbon Black found tens of different state voter databases available for sale on the dark web. “Carbon Black researchers found 20 different state voter databases available for purchase on the dark web, several from swing states.” reads the report published by Carbon Black. “Critical information in these offerings inc

Sales 96

Sales Cybersecurity Government Marketing 96

Krebs on Security

NOVEMBER 2, 2018

Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Recent arrests in Ohio shed light on how this scam works. A number of financial institutions are now offering cardless ATM transactions that allow customers to withdraw cash using nothing more than their mobile phones.

Phishing 232

Phishing Passwords IT 232

The Last Watchdog

NOVEMBER 1, 2018

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary. One recent validation comes from two long established, and much larger cybersecurity vendors – Check Point and Palo Alto Networks – that have recently begun integrating Silverfort’s innovative MFA solution into their respective malware detection and

Authentication 101

Authentication Digital transformation Military IoT 101

Data Breach Today

NOVEMBER 2, 2018

Hotel Giant Has Yet to Disclose Total Number of Affected Victims Radisson Hotel Group has suffered a data breach that resulted in the theft of data for its global loyalty program members. The company, which operates 1,400 hotels, says the breach touched data for "less than 10 percent" of all Radisson Rewards members, but it hasn't released a victim count.

Data breaches 246

Data breaches IT 246

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

AIIM

OCTOBER 30, 2018

No matter what industry you are in, audits are stressful. Many of your company’s processes and documents must be analyzed to make sure you are compliant and up to standard. That means the auditor is going to need to see a lot of paperwork. If you currently use filing cabinets, inboxes, and hard drives to store your documents, then an audit is likely your worst nightmare.

Archiving 97

Archiving Access Education Compliance 97

The Last Watchdog

OCTOBER 29, 2018

The United States has experienced the most cybersecurity breaches in the world and the Equifax Breach was one of the first to be considered a “mega breach.”. The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology.

Security 129

Security Data Privacy Privacy Data breaches 129

Data Breach Today

OCTOBER 31, 2018

Attackers Send a Leaked Password as 'Proof' Victim Was Hacked Scammers behind an ongoing "sextortion" campaign have been emailing a legitimate password - likely from a publicly leaked list - to victims with a threat to release a compromising video of the recipient unless they pay up in bitcoins, Barracuda Networks warns.

Passwords 238

Passwords 238

IT Governance

OCTOBER 30, 2018

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. These monthly blogs will now look at three lesser-known stories in detail, as well as give a total number for all records exposed in the month. It’s been the usual mix of data breaches this month, with lots of mistakes being made and lots of ransoms being paid.

Data breaches 110

Data breaches Computer and Electronics Passwords Insurance 110

AIIM

OCTOBER 29, 2018

In The State of Intelligent Information Management: Getting Ahead of the Digital Transformation Curve and in GDPR after the Deadline: Progress, But a Long Way to Go , AIIM began an examination of one of the four key IIM practice areas — Automating Compliance and Governance. That research revealed that 51% of organizations say they are planning to spend “more” or “a lot more” on information governance (records management and digital preservation) in the next 18-24 months.

Compliance 89

Compliance Government Digital preservation Records Management 89

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

NOVEMBER 1, 2018

0x20k of Ghost Squad Hackers has released the full source code of the 0day exploit used to targeting Apache Hadoop and build the FICORA Botnet. In direct response to the publication of Radware’s analysis of the new discovery of the DemonBot malware strain effecting Hadoop clusters earlier the week, October 25th, 2018, 0x20k of Ghost Squad Hackers has released the full source code of the 0day exploit used to build his newest model; the FICORA Botnet. 0x20k, who is also credited as the autho

e-Discovery 111

e-Discovery Passwords Security Education 111

Data Breach Today

OCTOBER 29, 2018

Paras Jha Launched DDoS Attacks Against Rutgers, Ran Click-Fraud Botnets One of the co-authors of the devastating Mirai botnet malware has been sentenced to home incarceration and community service, and ordered to pay $8.6 million in restitution, for his role in a series of damaging distributed denial-of-service attacks that disrupted operations at Rutgers University.

232

232

IT Governance

OCTOBER 30, 2018

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. These monthly blogs will now look at three lesser-known stories in detail, as well as give a total number for all records exposed in the month. It’s been the usual mix of data breaches this month, with lots of mistakes being made and lots of ransoms being paid.

Data breaches 110

Data breaches Computer and Electronics Passwords Insurance 110

AIIM

NOVEMBER 1, 2018

We're getting close to our November Virtual Event and we have an exciting announcement! As a "Thank You", we're going to be giving away two Emerging Technologies training courses on Robotic Process Automation (RPA). That's $220 worth of AIIM training for free! To be eligible, simply register and attend our FREE Virtual Event on Thursday, November 8th from 11am-3pm EST.

Digital transformation 82

Digital transformation IT 82

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

OCTOBER 30, 2018

A few hours after Apple released iOS 12.1 the iPhone bug hunter Jose Rodriguez has found a new passcode bypass issue that could be exploited to see all contacts’ private information on a locked iPhone. “Jose Rodriguez, a Spanish security researcher, contacted The Hacker News and confirmed that he discovered an iPhone passcode bypass bug in the latest version of its iOS mobile operating system, iOS 12.1, released by Apple today.” reads a post published by THN.

Access 106

Access Security IT 106

Data Breach Today

OCTOBER 31, 2018

Ransomware-as-a-Service Operation Joins Forces With Fallout Exploit Kit A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn. Absent offline backups, victims have little chance of recovering from its crypto-locking attacks.

Ransomware 227

Ransomware IT 227

IT Governance

OCTOBER 31, 2018

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches. If you want to keep your organisation secure, you need your employees to know what they’re doing.

Security 104

Security GDPR Information Security Data breaches 104

AIIM

NOVEMBER 2, 2018

We’re less than a week away from our virtual event, “ Going Digital: Strategies for Digitalizing the Enterprise ”! In anticipation of the big day, we reached out to our speakers and asked them to share a preview of their talk. Throughout the week we’ll offer a glimpse of what they had to say. Our opening Keynote will be delivered by Peggy Winton, President of AIIM.

Digital transformation 80

Digital transformation ECM Information governance Government 80

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Hunton Privacy

OCTOBER 29, 2018

Recently, the French Data Protection Authority (the “CNIL”) published a statistical review of personal data breaches during the first four months of the EU General Data Protection Regulation’s (“GDPR”) entry into application. View the review (in French). . Types of breaches. Between May 25 and October 1, 2018, the CNIL received 742 notifications of personal data breaches that affected 33,727,384 individuals located in France or elsewhere.

Data breaches 96

Data breaches GDPR Personal data Risk 96

Data Breach Today

OCTOBER 29, 2018

Sorting Out What Kinds of Incidents Are Most Common This Year What kinds of health data breaches have been most common so far in 2018? An analysis of the official HHS breach tally reveals the latest trends, and security experts offer an analysis.

Data breaches 215

Data breaches Security 215

IT Governance

OCTOBER 31, 2018

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches. If you want to keep your organisation secure, you need your employees to know what they’re doing.

Security 104

Security GDPR Information Security Data breaches 104

WIRED Threat Level

OCTOBER 31, 2018

A series of high-profile cases involving alleged Chinese recruits shows how the country identifies and develops potential spies stateside.

Security 110

Security 110

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Schneier on Security

NOVEMBER 1, 2018

This is not surprising : This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines -- those that were used in the 2016 election -- are running Windows CE and have USB ports, along with other components, that make them even easier to exploit than the older ones. Our voting machines, billed as "next generation," and still in use today, are worse than they were before­ -- dispersed, disorganized, and susceptible to manipulation.

Security 95

Security IT 95

Data Breach Today

NOVEMBER 1, 2018

Scheme Sought to Steal Data on Turbofan Engines, Saving on Development Costs The Justice Department says two Chinese intelligence officers and eight others were indicted for stealing trade secrets that are intended to help the country shortcut technology research. The indictment comes as tension over intellectual property hacking has risen between the U.S. and China.

212

212

IT Governance

NOVEMBER 1, 2018

Worried that you or someone in your organisation will be responsible for a data breach? Then take a look at these three basic tips for staying secure. Cyber security can feel overwhelming. You just want to browse the Internet and do your job without having to worry about whether a cyber criminal is going to attack. Besides, isn’t it IT’s job to keep you and your organisation secure?

Passwords 103

Passwords Security Data breaches Paper 103

Thales Cloud Protection & Licensing

OCTOBER 31, 2018

The unexplained and seemingly paranormal are actually a year-round phenomenon in IT Security. This year has been no exception. The shrieks and screams coming from CISOs and their staffs over malware has led to zombie-like stares. Because the never-ending battle against the evil forces of the dark web continues with regard to ransomware and its ghoulish close cousins – leakware and scareware.

Ransomware 91

Ransomware Encryption Access Mining 91

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

OCTOBER 27, 2018

Security researchers at FortiGuard Labs have discovered a new DDoS-for-hire service called “ 0x-booter” built with leaked code that implements an easy to use interface. “ 0x-booter ” first appeared on October 17, 2018, a post published on Facebook advertises over 500 Gbps of power and 20,000 bots. “During our regular monitoring, the FortiGuard Labs team recently discovered a new platform offering DDoS-for-hire service called “0x-booter. ”” reads the analysis published by Fort

IoT 102

IoT Security IT 102

Data Breach Today

NOVEMBER 1, 2018

Organizations Must Comply With Data Breach Reporting Requirements or Face Fines Private sector organizations in Canada must now report all serious data breaches to the country's privacy watchdog as part of revised rules to Canada's PIPEDA privacy law. Violators face fines of up to $100,000 for every breach victim they fail to notify or breach they attempt to hide.

Data breaches 207

Data breaches Privacy 207

IT Governance

NOVEMBER 1, 2018

Worried that you or someone in your organisation will be responsible for a data breach? Then take a look at these three basic tips for staying secure. Cyber security can feel overwhelming. You just want to browse the Internet and do your job without having to worry about whether a cyber criminal is going to attack. Besides, isn’t it IT’s job to keep you and your organisation secure?

Passwords 103

Passwords Security Data breaches Paper 103