WIRED Threat Level

JANUARY 29, 2019

Google wants to get rid of URLs. But first, it needs to show you why.

IT 111

IT Security 111

Data Breach Today

JANUARY 29, 2019

Callers Can Hear and See Recipients Before They Pick Up Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.

IT 261

IT 261

The Last Watchdog

JANUARY 28, 2019

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. Yet it’s my experience that most people don’t fully appreciate the profound risks they face online and all too many still do not practice simple behaviors that can dramatically reduce their chances of being victimized

Privacy 145

Privacy Passwords Security Access 145

Krebs on Security

FEBRUARY 1, 2019

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol , the European Union’s law enforcement agency. In April 2018, investigators in the U.S., U.K. and the Netherlands took down attack-for-hire service WebStresser[.]org and arrested its alleged administrators.

Computer and Electronics 169

Computer and Electronics Access IT Security 169

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

AIIM

JANUARY 30, 2019

There‘s a lot of excitement about Artificial Intelligence and business automation these days, and for good reason. Developments in AI — and its sidekicks “Deep Learning” and “Machine Learning” — bring the promise of transforming work as we know it. Those transformed work processes will operate in a completely different way: fully automated and autonomous, with smart machines doing the work.

Artificial Intelligence 122

Artificial Intelligence Records Management Analytics Metadata 122

The Last Watchdog

FEBRUARY 1, 2019

Some chilling hard evidence has surfaced illustrating where stolen personal information ultimately ends up, once it has flowed through the nether reaches of the cyber underground. Wired magazine reported this week on findings by independent security researchers who have been tracking the wide open availability of a massive cache of some 2.2 billion stolen usernames, passwords and other personal data.

Passwords 129

Passwords Authentication Risk Personal data 129

Security Affairs

JANUARY 26, 2019

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. “Shortly after last week’s discovery of a PDF exploit which used the method of this.getPageNumWords() & this.getPageNthWord() for obfuscation, we found another, but much more powerful exploit ob

IT 104

IT Security 104

IT Governance

FEBRUARY 1, 2019

Follow our advice to successfully manage risks and respond to a variety of information security incidents. Any day during which you find out that you’ve been breached will be bad. But do you know what would be worse? Realising three days later that you’ve missed the deadline for reporting the incident to your supervisory authority. Under the GDPR (General Data Protection Regulation) , organisations have 72 hours from the moment they become aware of a breach to report the incident.

Data breaches 99

Data breaches GDPR Personal data Compliance 99

Data Breach Today

JANUARY 31, 2019

Facebook's Internal iOS Apps Break After Apple Revokes Developer Certificate Apple has revoked Facebook's enterprise certificate, leaving the social network's employees unable to access internal iOS apps, after Facebook used it to distribute an app that monitored smartphone activity, sometimes from minors, in exchange for monthly payments. Facebook says it did nothing wrong.

Access 240

Access IT 240

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

The Last Watchdog

JANUARY 30, 2019

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 million patients when hackers gained unauthorized access to databases operated by a third-party billing vendor. Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — witho

Risk 117

Risk Financial Services Insurance Cybersecurity 117

Security Affairs

JANUARY 31, 2019

Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Early this month, security firm Qualys disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd , a software suite that provides fundamental building blocks for a Linux op

Security 99

Security Communications Access IT 99

Dark Reading

JANUARY 31, 2019

The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.

Cybersecurity 99

Cybersecurity 99

Data Breach Today

JANUARY 31, 2019

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline?

Privacy 235

Privacy Data Privacy 235

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

The Last Watchdog

JANUARY 31, 2019

A report co-sponsored by Lloyd’s of London paints a chilling scenario for how a worldwide cyberattack could trigger economic losses of some $200 billion for companies and government agencies ill-equipped to deflect a very plausible ransomware attack designed to sweep across the globe. Related: U.S. cyber foes exploit government shutdown. The Cyber Risk Management (CyRiM) project lays out in detail how a theoretical ransomware attack – dubbed the “Bashe” campaign – could improve upon the real lif

Ransomware 105

Ransomware Government Risk Access 105

Security Affairs

JANUARY 31, 2019

Cyber security expert Marco Ramilli, founder of Yoroi ,discovered a way to spread CSV malware via Google Sheets … but Big G says it is an Intended behavior. A. CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor ! When I personally saw this technique back in 2017 (please take a look to here , here and here ) I was fascinated.

Communications 99

Communications Cybersecurity IT Security 99

IT Governance

JANUARY 29, 2019

Singapore’s IHiS (Integrated Health Information Systems) has sacked two managers and fined five senior staff , including CEO Bruce Liang, for their part in last year’s SingHealth data breach. The incident affected 1.5 million people – just under a third of the country’s population – with criminal hackers accessing patients’ names, dates of birth, NRIC (National Registration Identity Card) numbers, and details of their gender and race.

Data breaches 97

Data breaches Security awareness Passwords Risk 97

Data Breach Today

JANUARY 29, 2019

Nation to Allow Researchers to Brute-Force 200 Million Devices Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.

IoT 220

IoT Security Cybersecurity IT 220

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Thales Cloud Protection & Licensing

JANUARY 29, 2019

Around this time each year, Thales eSecurity releases our annual Data Threat Report (DTR). Now in its sixth year, the report is squarely focused on digital transformation and what that means for organizations and their data security. Today, it’s almost impossible to do business of any kind without some sensitive data being exchanged, managed or stored in the cloud or on servers with an outgoing connection to the web.

Digital transformation 92

Digital transformation Encryption Cloud Customer Experience 92

OpenText Information Management

JANUARY 31, 2019

I’m pleased to announce that OpenText has acquired Catalyst Repository Systems, Inc., a leading provider of cloud-based eDiscovery software for large-scale discovery and regulatory compliance. This acquisition extends our leadership in both the Enterprise eDiscovery and Legal Tech markets, increasing our scale and scope with new capabilities, new enterprise customers and deeper coverage of the … The post OpenText Buys Catalyst Repository Systems, Inc. appeared first on OpenText Blogs.

Compliance 95

Compliance Marketing Cloud Artificial Intelligence 95

IT Governance

JANUARY 31, 2019

Information security professionals invariably spend most of their time and resources developing measures to prevent crooks breaking into their systems, but did you know that the majority of data breaches are caused by an employee misplacing, stealing or being tricked into handing over sensitive information ? These kinds of incidents thrive because organisations don’t place enough emphasis on security awareness programmes , which reduce the risk of human error and malicious insiders.

Security awareness 94

Security awareness Information Security Data breaches GDPR 94

Data Breach Today

JANUARY 30, 2019

Judge Slams Attorneys' Fees, Security Shortcomings in $50 Million Proposal Court order: Yahoo's proposed settlement for a class-action lawsuit must return to the drawing board, after a federal judge said a proposal to place $50 million into a settlement fund for breach victims lacked security specifics and awarded excessive attorneys' fees. The case could go to trial.

Data breaches 211

Data breaches Security 211

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Elie

JANUARY 27, 2019

A critical part of child sexual abuse criminal world is the creation and distribution of child sexual abuse imagery (CSAI) on the Internet. To combat this crime efficiently and illuminate current defense short-coming, it is vital to understand how CSAI content is disseminated on the Internet. Despite the importance of the topic very little work was done on the subject so far.

Metadata 90

Metadata IT 90

Security Affairs

JANUARY 28, 2019

Cisco released security updates to address security flaws in several products including Small Business RV320/RV325 routers and hackers are already targeting them. The tech giant addressed two serious issues in Cisco’s Small Business RV320 and RV325 routers. The first one could be exploited by a remote and unauthenticated attacker with admin privileges. to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ).

IoT 92

IoT Passwords Security IT 92

Schneier on Security

JANUARY 31, 2019

A year ago , the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children. A recent analysis checked if anything had improved after that torrent of bad press. Short answer: no. Guess what: a train wreck.

Security 90

Security Passwords Access IT 90

Data Breach Today

JANUARY 30, 2019

China, Russia, Iran and North Korea Pose Increasing Risk, Congress Hears Efforts to exploit U.S. election security continue, and China, Russia, Iran and North Korea's "cyber espionage, attack and influence capabilities" pose an increasing threat, Director of National Intelligence Dan Coats told the Senate Intelligence Committee.

Risk 206

Risk Security 206

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Dark Reading

JANUARY 28, 2019

For Data Privacy Day, let's commit to a culture of privacy by design, nurtured by a knowledgeable team that can execute an effective operational compliance program.

Privacy 92

Privacy Data Privacy Compliance 92

Security Affairs

JANUARY 28, 2019

Security experts at Wordfence security firms discovered WordPress Sites compromised via Zero-Day vulnerabilities in Total Donations Plugin. The Total Donations WordPress plugin was abandoned by its developers for this reason security experts are recommending to delete it after they discovered multiple zero-day flaws that were exploited by threat actors.

CMS 90

CMS Access Security IT 90

Schneier on Security

JANUARY 28, 2019

The Japanese government is going to run penetration tests against all the IoT devices in their country, in an effort to (1) figure out what's insecure, and (2) help consumers secure them: The survey is scheduled to kick off next month, when authorities plan to test the password security of over 200 million IoT devices, beginning with routers and web cameras.

IoT 88

IoT Government Passwords Security 88