Data, Surveillance, and the AI Arms Race
Schneier on Security
JUNE 17, 2019
Thales Cloud Protection & Licensing
JUNE 18, 2019
As organizations move more of their sensitive data to cloud platforms for the efficiency, flexibility and scalability that it promises, security and control continue to be a significant obstacle to this adoption. Although the 2019 Thales Data Threat Report-Global Edition tells us that 90% of organizations report using the cloud and 71% say they are using sensitive data in cloud environments, it also finds that, globally, 60% of organizations surveyed have been breached at some point in their his
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JUNE 21, 2019
BeyondTrust's Karl Lankford on Mitigating the Unmanaged Privilege Threat Attackers crave insider-level access to IT infrastructure and regularly target insiders - and especially administrators- to steal their credentials, says BeyondTrust's Karl Lankford, who advises organizations to ensure they manage, monitor and audit all privileged access.
Krebs on Security
JUNE 19, 2019
A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers. The filing, first reported by Bloomberg, comes from the Retrieval-Masters Creditors Bureau , the parent company of the American Medical Collection Agency (AMCA).
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
National Archives Records Express
JUNE 21, 2019
NARA is in the final stages of our records scheduling process with U.S. Immigration and Customs Enforcement (ICE) for schedule DAA-0567-2015-0013, Detainee Records. This schedule was originally proposed to NARA on October 26, 2015. NARA published notice of the pending schedule in the Federal Register on July 14, 2017. The schedule, which covers records related to deaths of detainees and allegations of sexual assault and abuse of detainees, received a record number of public comments.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JUNE 19, 2019
Focus on 'Total Cost of Control,' Says BlackBerry Cylance's John McClurg After years of organizations being stuck in a reactive security posture, proactive prevention is finally possible thanks to machine learning backed by AI math models, says BlackBerry Cylance's John McClurg.
AIIM
JUNE 19, 2019
Last week, I had the privilege of teaching our inaugural Foundations of Intelligent Information Management course in Denver, CO. We had students from a variety of industries and locations take part in the course, which is designed to provide participants with a thorough understanding of the fundamentals of information management. Over four days, we covered the entire lifecycle of information management: Creating and capturing information.
Security Affairs
JUNE 16, 2019
On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim ema i l servers, that already compromised some Azure installs. Bad actors continue to target cloud services in the attempt of abusing them for several malicious purposes, like storing malware or implementing command and control servers. Microsoft Azure is not immune , recently experts reported several attacks leveraging the platform to host tech-support scam and phishing templates.
Schneier on Security
JUNE 21, 2019
In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here , the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JUNE 21, 2019
Barracuda's Michael Flouton on Social Engineering, Account Takeover and More The early days of email attacks - so much noise in the form of malware, spam and links - have given way to attacks that often rely on little more than words, and email gateways often struggle to arrest social engineering ploys, says Michael Flouton of Barracuda Networks.
Dark Reading
JUNE 18, 2019
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
Security Affairs
JUNE 17, 2019
Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT.
Schneier on Security
JUNE 19, 2019
Stuart Schechter writes about the security risks of using a password manager. It's a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
JUNE 20, 2019
State's Department of Human Services Now Says 645,000 Affected The number of individuals affected by a phishing-related breach disclosed in March by the Oregon Department of Human Services has nearly doubled, according to a new notification statement, which offers more details.
IT Governance
JUNE 21, 2019
Anyone looking for advice on how to achieve effective cyber security should consider the NCSC’s (National Cyber Security Centre) 10-step guide. Originally published in 2012, it is now used by the majority of FTSE 350 organisations. In this blog, we explain each step and provide advice on how to get started. 1. Risk management regime. Organisations must understand the risks they face before implementing security measures.
Security Affairs
JUNE 15, 2019
Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA).
Schneier on Security
JUNE 20, 2019
Security researchers Gabriel Campana and Jean-Baptiste Bédrune are giving a hardware security module (HSM) talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. It will demonstrate several attack paths, some of them allowing unauthenticated attackers to take full control of the HSM.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Data Breach Today
JUNE 17, 2019
Agency Says It Tested Remote Code Execution Exploit Yet another warning has been issued about the BlueKeep vulnerability in older versions of Microsoft Windows. The latest comes from the Department of Homeland Security, which tested a remote code execution exploit.
IBM Big Data Hub
JUNE 18, 2019
In my last blog , I stressed the need for a modern data architecture (MDA) to underpin the next generation of the cognitive enterprise , fully harness data using the latest technologies, and sustain a
Security Affairs
JUNE 17, 2019
Today I’d like to share an interesting and heavily obfuscated Malware which made me thinking about the meaning of ‘Targeted Attack’ Nowadays a Targeted Attack is mostly used to address state assets or business areas. For example a targeted attack might address Naval industry ( MartyMcFly example is definitely a great example) or USA companies ( Botnet Against USA, Canada and Italy is another great example) and are mainly built focusing specific target sectors.
Dark Reading
JUNE 20, 2019
Early information suggests threat actors gained access to the managed service provider's remote monitoring and management tools and used them to attack the firm's clients.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Data Breach Today
JUNE 20, 2019
More Data, Use of the Cloud and IoT Presage Even More Big, Bad Breaches Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.
IBM Big Data Hub
JUNE 17, 2019
AutoAI in IBM Watson Studio makes it possible for you to automate many of the often complicated and laborious tasks associated with designing, optimizing and governing AI in the enterprise.
Security Affairs
JUNE 21, 2019
Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating Linux. Researchers at MalwareBytes have spotted a new cryptominer, tracked as Bird Miner, that targets macOS and emulates Linux. The malware spreads via a cracked installer for the music production software Ableton Live that is distributed on a piracy website called VST Crack, and that is over 2.6 GB in size. “ A new Mac cryptocurrency miner Malwarebytes detects as Bird
Dark Reading
JUNE 19, 2019
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Data Breach Today
JUNE 19, 2019
Court Documents Outline a 'Host of Negative Consequences' The parent company of American Medical Collection Agency has filed for bankruptcy in the wake of a data breach affecting millions of patients. The filing provides an inside look at the "cascade of events" and financial havoc wreaked by a security incident.
Schneier on Security
JUNE 20, 2019
Matthew Green intelligently speculates about how Apple's new "Find My" feature works. If you haven't already been inspired by the description above, let me phrase the question you ought to be asking: how is this system going to avoid being a massive privacy nightmare? Let me count the concerns: If your device is constantly emitting a BLE signal that uniquely identifies it, the whole world is going to have (yet another) way to track you.
Security Affairs
JUNE 20, 2019
The Riviera Beach City, Florida, agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. The Riviera Beach City Council voted unanimously to pay $600,000 in ransom to decrypt its records after a ransomware attack hit its systems. The council has previously agreed to spend $941,000 to modernize the entire IT infrastructure after hackers broke into the city’s system three weeks ago, ecrypting data managed by the City.
Let's personalize your content