Krebs on Security
DECEMBER 12, 2018
Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair or not, a number of nascent efforts are using just such an approach to derive security scores for companies and entire industries.
Security Affairs
DECEMBER 10, 2018
The popular expert Jens ‘Atom’ Steube devised a new WiFi hack that allows cracking WiFi passwords of most modern routers. Jens ‘Atom’ Steube, the lead developer of the popular password-cracking tool Hashcat, has developed a new WiFi hacking technique that allows cracking WiFi passwords of most modern routers. Jens ‘Atom’ Steube, the lead developer of the popular password-cracking tool Hashcat, has developed a new WiFi hacking technique that allows cracking WiF
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 10, 2018
Privacy Watchdog Counts 41 Daily Breach Reports Since GDPR Enforcement Began The U.K.'s privacy watchdog says that six months after enforcement of the EU's General Data Protection Regulation began, it's seen a dramatic increase in data breach reports - as well as privacy complaints from the public.
The Last Watchdog
DECEMBER 10, 2018
The holiday season is upon us and the bright lights and greenery aren’t the only indicators that we’ve reached December. Sadly, data breaches often occur at this time of year. Recently we’ve seen major news stories about breaches at Starwood Hotels and Quora. Related podcast: The need to lock down unstructured data. Last year, at this time, it was announced that there was a significant privacy leak at eBay affecting many customers.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Krebs on Security
DECEMBER 13, 2018
A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient’s building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day. Sources at multiple U.S. based financial institutions reported receiving the threats, which included the subject line, “I advise you not to call the police.” The email reads: My man carried a bomb (Hexogen) into the building where your company is located.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 11, 2018
Google Advances Date for Mothballing Google+ Social Network for Consumers Google says a buggy API update it pushed last month for its soon-to-be-mothballed Google+ social network exposed personal information for 52.2 million users. The data-exposure alert arrives just two months after Google admitted that a March problem with the same API exposed data for 500,000 users.
The Last Watchdog
DECEMBER 12, 2018
Picture two castles. The first is impeccably built – state of the art, with impenetrable walls, a deep moat, and so many defenses that attacking it is akin to suicide. The second one isn’t quite as well-made. The walls are reasonably strong, but there are clear structural weaknesses. And while it does have a moat, that moat is easily forded. Related podcast: The case for ‘zero-trust’ security.
Krebs on Security
DECEMBER 11, 2018
Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software. Microsoft’s December patch batch is relatively light, addressing more than three dozen vulnerabilities in Windows and related applications. Adobe has issued security fixes for its Acrobat and PDF Reader products, and has a patch for yet another zero-day flaw in Flash Player that is already being exploited in the wild.
Security Affairs
DECEMBER 10, 2018
The Linux.org website was defaced last week via DNS hijack, attackers breached into associated registrar account and changed the DNS settings. Attackers changed the defacement page a few times, they protested against the new Linux kernel developer code of conduct in a regrettable way with racial slurs and the image of an individual showing the anus.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 14, 2018
Firm Says Audit 'Lays to Rest the Unwarranted Accusations' Super Micro says a third-party audit of recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.
The Last Watchdog
DECEMBER 11, 2018
SAN JOSE, Calif. – Dec. 11, 2018 – NetSecOPEN , the first industry organization focused on the creation of open, transparent network security performance testing standards, today announced that 11 prominent security vendors, test solutions and services vendors, and testing laboratories have joined the organization as founding members. Related podcast: The importance of sharing alliances.
IT Governance
DECEMBER 13, 2018
This blog has been updated to reflect industry updates. Originally published 24 October 2018. The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. As you might expect, there are a lot of intricacies involved.
Security Affairs
DECEMBER 13, 2018
McAfee uncovered a campaign tracked as Operation Sharpshooter that hit at least 87 organizations in global defense and critical infrastructure. Security experts at McAfee uncovered a hacking campaign, tracked as Operation Sharpshooter, aimed at infrastructure companies worldwide. The threat actors are using malware associated with Lazarus APT group that carried out Sony Pictures attack back in 2014.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 10, 2018
Baylor Scott & White Medical Center - Frisco Notifying Those Affected The hacking of a credit card processing system has prompted a Texas hospital to notify federal regulators and affected individuals of a breach as required by the HIPAA Breach Notification Rule.
AIIM
DECEMBER 10, 2018
Are your Human Resources processes intelligent ? Before you try and answer that, let me explain more about what I mean. This idea of intelligent processes stems from an evolving set of capabilities that transform the way we manage information into something smarter and more connected than ever before. AIIM calls this Intelligent Information Management - and we believe it has the power to revamp your business processes, including Human Capital Management (HCM).
IT Governance
DECEMBER 11, 2018
Google has announced yet another data breach affecting its Google+ social network. This incident is separate to the one that came to light in October, which prompted Google to announce that it would shut Google+ down – a decision that the Wall Street Journal said was calculated to avoid reputational damage and regulatory interest. Following the latest incident, Google has decided to close Google+ four months earlier than originally planned.
Security Affairs
DECEMBER 12, 2018
Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. The flaw, tracked as CVE-2018-8611, is as a privilege escalation flaw caused by the failure of the Windows kernel to properly handle objects in memory. “An elevation of privilege vulne
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
DECEMBER 11, 2018
DHS, Philips Issue Advisories for HealthSuite Android Health App The lack of strong encryption in Philips' HealthSuite Health Android app leaves the mobile health software vulnerable to hacking, according to a new advisory issued by the medical device manufacturer and an alert from the Department of Homeland Security.
AIIM
DECEMBER 14, 2018
IoT, or the Internet of Things, is a grand ambition of the most influential kind. It is a unified goal that seeks to create an internet age of unity and equality that we may not ever see in any other industry. In this article, we will explain why cybersecurity will save IoT and let us progress well into the future with greatly reduced hazard. The Internet of Things becomes larger every day.
IT Governance
DECEMBER 11, 2018
Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect earlier this year. For many, that has included the mandatory appointment of a DPO (data protection officer) to ensure key requirements of the Regulation are being met. But with so many uncertainties about what effective data protection should look like, many DPOs have been thrust into the role without time to think about how best
Security Affairs
DECEMBER 9, 2018
Experts from security firm Wordfence discovered a Botnet of 20,000 WordPress Sites Infecting other WordPress installs. Experts from security firm Wordfence uncovered a botnet composed of over 20,000 WordPress sites that is being used to compromise other websites running on the popular CMS and recruit them. . “The threat actors (hackers) use a group of four command and control (C2) servers to send requests to over 14,000 proxy servers provided by a Russian proxy provider called best-proxi
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Data Breach Today
DECEMBER 14, 2018
Splunk's Jim Apger on Streamlining Omni-Channel Defenses The data being used to drive effective anti-fraud efforts can be rich in context and useful for other activities. Jim Apger of Splunk describes emerging fraud schemes and solutions, highlighting the role of machine learning.
AIIM
DECEMBER 12, 2018
Skilled project managers are the glue that keeps your team together. Without the shrewd judgment of an experienced project leader, your team is doomed to wander aimlessly from objective to objective with lowering morale, rising costs, and mounting hurdles. To hire the best project manager, your company will need to leverage all of the available tools.
Dark Reading
DECEMBER 12, 2018
Constant learning is a requirement for cybersecurity professionals. Here are 15 books recommended by professionals to continue a professional's education.
Security Affairs
DECEMBER 9, 2018
STOLEN PENCIL campaign – North Korea-linked APT group has been targeting academic institutions since at least May of this year. North Korea-linked threat actors are targeting academic institutions with spear phishing attacks. The phishing messages include a link to a website where a decoy document that attempts to trick users into installing a malicious Google Chrome extension.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Data Breach Today
DECEMBER 12, 2018
Because Breached Businesses' 'Take Your Security Seriously' Is there anything better than being offered one year of "free" identity theft monitoring? Regularly offered with strings attached by organizations that mishandled your personal details, the efficacy and use of such services looks set for a U.S. Government Accountability Office review.
AIIM
DECEMBER 11, 2018
Following on from our previous article where we identified how digital disruption is breeding new roles in the project and business landscape. We are now going to focus on the hands-on Digital Project Sponsor. With digital disruption shaking up the corporate world, there are more and more initiatives, ideas, projects, and products being launched than ever before.
Jamf
DECEMBER 14, 2018
See how Apple and Jamf are helping hospitals deliver a better patient experience by making it easy for them to stay connected with their care teams and enjoy a mental break from their surroundings.
Expert insights. Personalized for you.
183 
Let's personalize your content