Sat.Feb 16, 2019 - Fri.Feb 22, 2019

article thumbnail

2019 Thales DTR: Global Edition: Facts that may surprise you

Thales Cloud Protection & Licensing

A few weeks ago, we issued the Global Edition of our 2019 Thales Data Threat Report, now in its seventh year. This year much of the emphasis within the results was on how digital transformation can put organizations’ sensitive data at risk. The results showed, for instance, that almost every organization surveyed is dealing with digital transformation at one level or another (97%), and that organizations that are aggressively investing in digital transformation had higher rates of data breaches.

article thumbnail

Password Managers Leave Crumbs in Memory, Researchers Warn

Data Breach Today

Popular Password Managers for Windows Fail to Tidy Up Before Locking Up Shop A security audit of popular password manager has revealed some concerning weaknesses. Luckily, none of the problems are showstoppers that should put people off using such applications. But the research shows that some password managers need to more thoroughly scrub data left in memory.

Passwords 259
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New Breed of Fuel Pump Skimmer Uses SMS and Bluetooth

Krebs on Security

Fraud investigators say they’ve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message, thereby enabling fraudsters to collect it from anywhere in the world. One interesting component of this criminal innovation is a small cellphone and Bluetooth-enabled device hidden inside the contactless payment terminal of the pump, which appears to act as a Bluetooth hub that wirelessly gathers card

article thumbnail

Why is Information Management Modernization So Important Right NOW?

AIIM

The combination of cloud technologies plus mobile is a volatile one when it comes to the sustainability of existing organizations. We’ve never before been in a disruptive environment quite like this one, and it demands much more agile approaches to IT. Established incumbents are being challenged on every front. Consider the following: In the banking industry, Better Mortgage can qualify a mortgage loan in 3-minutes and approve it within 24-hours.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Why Information Architecture is VITAL to Information Governance

Weissman's World

Our very own Kevin Parker has written another stellar piece on the importance of information architecture to information governance. You can read it in ARMA’s Information Management Magazine – and if you want to learn more, register for Kevin’s ARMA iMasters Webinar on February 27. He IS a busy boy! The post Why Information Architecture is VITAL to Information Governance appeared first on Holly Group.

More Trending

article thumbnail

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

Passwords 262
article thumbnail

Facebook labelled 'digital gangsters' by report on fake news

The Guardian Data Protection

Company broke privacy and competition law and should be regulated urgently, say MPs Facebook deliberately broke privacy and competition law and should urgently be subject to statutory regulation, according to a devastating parliamentary report denouncing the company and its executives as “digital gangsters”. The final report of the Digital, Culture, Media and Sport select committee’s 18-month investigation into disinformation and fake news accused Facebook of purposefully obstructing its inquiry

Privacy 111
article thumbnail

5 ways organizations can benefit from machine learning

IBM Big Data Hub

Machine learning (ML) offers huge potential to help compliance and legal teams accomplish many of their most important rule tracking, employee monitoring and documentation activities.

article thumbnail

Hackers Target Fresh Drupal CMS Flaw to Infiltrate Sites

Data Breach Today

CMS Project Team Patches "Highly Critical" Remote Code Execution Vulnerability Patch alert: Some versions of the popular content management system Drupal have a "highly critical" flaw that attackers can exploit to remotely execute code. The Drupal project team has released updates to fix the problem, which is already being targeted by hackers.

CMS 244
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

ATT&CKized Splunk – Threat Hunting with MITRE’s ATT&CK using Splunk

Security Affairs

Most of us know MITRE and the ATT&CK framework that they have come up with. What a splendid job they have done for the cyber security community by bringing most of the key attack vectors under an organized framework that segregates these attack vectors in various stages of a typical attack. Moreover, not only they have orchestrated the key attack vectors but the mitigation and detection guidance for each attack vector are also part of this framework.

Cloud 105
article thumbnail

AIIM19 Session Preview - Bot Bootcamp: How to Manage Your Artificial Employees

AIIM

There are some important sessions planned for AIIM19 this year. Topics range from artificial intelligence to business process automation and data analytics and beyond. But none will be more informative than a session planned by David Jacopille from Massachusetts Financial Services titled “Bot Bootcamp: How to Manage Your Artificial Employees.” I spoke recently with David and asked him to give us a preview of what to expect.

article thumbnail

Facebook May Be Fined for Billions for Cambridge Analytica Scandal

Adam Levin

Facebook’s long string of privacy scandals may (finally) have some meaningful repercussions by way of a multi-billion dollar fine from the Federal Trade Commission. The social media giant has been under investigation by the FTC since March 2018 in the wake of the Cambridge Analytica scandal, which affected 87 million users and may have been a pivotal influence in the 2016 election campaign.

Privacy 99
article thumbnail

Toyota Australia, Healthcare Group Hit By Cyberattacks

Data Breach Today

Country Has Faced a Series of Security Incidents in Recent Weeks Australia has faced a few tough weeks on the cybersecurity front. Toyota Australia's computer systems were still down Friday after an attempted cyberattack. A healthcare group acknowledged it was the victim of a ransomware attack. And last week, suspected nation-state attackers hit Parliament's email systems.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Security experts released new GandCrab Decryptor for free

Security Affairs

Security experts at BitDefender have released a new version of the GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5. Security experts at BitDefender have released a new version of the GandCrab decryptor that could be used to decrypt versions of GandCrab 1, 4 and 5, including the latest version 5.1. The GandCrab decryptor is available for free from BitDefender and from the NoMoreRansom project.

Security 103
article thumbnail

The Russian Sleuth Who Outs Moscow's Elite Hackers and Assassins

WIRED Threat Level

Roman Dobrokhotov has been playing a dangerous game for a Russian reporter: identifying agents of the GRU military intelligence agency.

Military 111
article thumbnail

Why Cybersecurity Burnout Is Real (and What to Do About It)

Dark Reading

The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here's how to turn down the pressure.

article thumbnail

Wendy's Reaches $50 Million Breach Settlement With Banks

Data Breach Today

After Insurance, Fast-Food Chain's Breach Costs Are Nearly $34 Million Fast-food giant Wendy's has reached a $50 million settlement agreement with financial institutions that sued after attackers planted RAM-scraping malware on point-of-sale systems in 1,025 of its restaurants in 2015 and 2016, stealing massive quantities of payment card data.

Insurance 234
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

These Are the Countries With the Best and Worst Cybersecurity

Security Affairs

Cybersecurity is a growing concern among governments, businesses and individuals around the world. Cyberattacks can have severe impacts on everyone. A recent report from researchers at the University of Oxford identified 57 different impacts that cyber incidents can have. They ranged from regulatory fines to depression to damaged relationships with customers.

article thumbnail

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders.

article thumbnail

Labour reports former MP Joan Ryan over alleged data breach

The Guardian Data Protection

Party claims MP contacted its supporters after quitting for the Independence Group Labour has reported its former MP Joan Ryan to the Information Commissioner’s Office alleging she accessed party systems to contact members after resigning from the party on Tuesday to join the breakaway Independence Group. It is understood the party has informed the information commissioner about the alleged breach and that it intends to submit a full report.

article thumbnail

11 Takeaways: Targeted Ryuk Attacks Pummel Businesses

Data Breach Today

Faulty Decryptor Often Shreds Victims' Data, McAfee and Coveware Warn A rush by some media outlets to attribute a late-2018 alleged Ryuk ransomware infection at Tribune Publishing to North Korean attackers appears to have been erroneous, as many security experts warned at the time. Rather, multiple cybercrime gangs appear to be using Ryuk, say researchers at McAfee and Coveware.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Toyota PASTA Car-Hacking Tool will be soon on GitHub

Security Affairs

Toyota plans to release the PASTA (Portable Automotive Security Testbed) Car-Hacking Tool on GitHub next month. Takuya Yoshida from Toyota’s InfoTechnology Center and his colleague Tsuyoshi Toyama are members of a Toyota team that developed the new tool, called PASTA (Portable Automotive Security Testbed). PASTA is an open-source testing platform specifically designed for car hacking, it was developed to help experts to test cyber security features of modern vehicles.

Paper 99
article thumbnail

7 Scenarios for How the Mueller Probe Might End

WIRED Threat Level

New reports say that Robert Mueller will be "wrapping up" his investigation soon. Here's what that might actually mean.

Security 111
article thumbnail

6 Tips for Getting the Most from Your VPN

Dark Reading

VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.

article thumbnail

WhatsApp Flaw Could Enable iOS Message Snooping

Data Breach Today

Facebook Promises Quick Patch for Face ID and Touch ID Bypassing Problem Facebook says it will soon issue a patch for a bug in its WhatsApp messenger application that can circumvent a security feature launched just last month for Apple devices. The flaw could let someone with physical access to a device bypass Face ID and Touch ID.

Access 231
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Facebook login phishing campaign can deceive tech-savvy users

Security Affairs

Security experts at Myki have recently discovered a new phishing campaign that could deceive even most tech-savvy users. The technique relies upon the concept of being able to reproduce a social login prompt in a very realistic format inside an HTML block. Crooks are distributing links to blogs and services that display users “login using Facebook account” to read an exclusive article or purchase a discounted product.

article thumbnail

Unactioned data subject access requests could lead to legal action

IT Governance

Buckinghamshire-based housing developer Magnacrest has been fined for failing to respond to DSARs (data subject access requests) , giving organisations a fresh reminder of the importance of the public’s legal rights to review the information that’s processed about them. The investigation into Magnacrest predates the GDPR (General Data Protection Regulation) , resulting in a relatively small fine.

Access 91
article thumbnail

North Korea's Lazarus Group Targets Russian Companies For First Time

Dark Reading

In an unusual development, the group known for its attacks against companies in countries viewed as geopolitical foes is now going after companies in a country considered an ally, Check Point Software says.

IT 84