Sat.Aug 10, 2019 - Fri.Aug 16, 2019

article thumbnail

6 Tough Questions to Ask ANY SaaS Provider Before You Use Their Software

Docuware

Not only do today’s cloud solutions more closely align technology and business processes, they also offer access to the advanced capabilities that were once only available to large corporations. Going to the cloud is no longer considered risky thanks to tremendous advances in the security, scalability and reliability of cloud infrastructures. However, not all cloud partners bring the same experience, expertise and capabilities to the table.

Cloud 41
article thumbnail

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

“All we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” This is an excerpt from a chilling ransom note Baltimore IT officials received from hackers who managed to lock up most of the city’s servers in May. The attackers demanded $76,000, paid in Bitcoin, for a decryption key. Baltimore refused to pay – choosing, instead, to absorb an estimated $18 million in recovery costs.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Apple Expands Bug Bounty; Raises Max Reward to $1 Million

Data Breach Today

Move Generates Praise From Security Experts Apple is opening up its bug bounty program to all researchers, increasing the rewards and expanding the scope of qualifying products in a bid to attract tips on critical software flaws. The changes were announced at last week's Black Hat security conference in Las Vegas.

Security 202
article thumbnail

Extended Validation Certificates are (Really, Really) Dead

Troy Hunt

101
101
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Meet Bluetana, the Scourge of Pump Skimmers

Krebs on Security

“ Bluetana ,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous.

More Trending

article thumbnail

Choice Hotels: 700,000 Guest Records Exposed

Data Breach Today

Vendor Copied Data Without Authorization; Left MongoDB Open to Internet Choice Hotels says about 700,000 records for guests were exposed after one of its vendors copied data from its systems. Fraudsters discovered the data and tried to hold the hotel chain to ransom, which it ignored.

IT 255
article thumbnail

A Call to Service – Seeking Leaders to Help AIIM Soar to New Heights

AIIM

“To Fly. To Serve.” That’s the motto of British Airways, a carrier I have flown for many years. When I first saw those words displayed on a plaque in the cabin as I boarded my flight, I chuckled. At the time, they seemed rather pretentious for what has become a very commonplace, almost plebeian way to get folks from one place to another. Of course, the more I thought about it, the more I warmed to the seriousness with which somebody at BA viewed the enormous responsibility inherent in transporti

Education 104
article thumbnail

SEC Investigating Data Leak at First American Financial Corp.

Krebs on Security

The U.S. Securities and Exchange Commissio n (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned. First American Financial Corp. In May, KrebsOnSecurity broke the news that the Web site for Santa Ana, Calif.

Insurance 218
article thumbnail

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

The Last Watchdog

In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments. From Atlanta to Baltimore to school districts in Louisiana, cyber criminals have launched a wave of ransomware attacks on governments across the country. Related: SMBs struggle to mitigate cyber attacks As city governments struggle to recover access to their data, hackers are already turning their sites on their next targets: small and medium-sized businesses (SMBs).

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Report: SEC Investigates First American Data Exposure

Data Breach Today

Title and Settlement Company Exposed Hundreds of Millions of Data Records The U.S. Securities and Exchange Commission is investigating the exposure of personal and mortgage-related records from First American Financial Corp., according to Brian Krebs. First American spent $1.7 million on the incident in its second quarter, but investigations and lawsuits are looming.

Security 212
article thumbnail

Payments and Security: Putting security where your money is

Thales Cloud Protection & Licensing

Originally published in Payments Journal on July 31, 2019. There’s a very tough question on the table that no one can afford to ignore: If more than half of global IT and security executives say they actively fear the exposure of payment card data and other personal identifiable information, why are 70% of them not deploying measures such as encryption to maintain security?

Security 115
article thumbnail

Patch Tuesday, August 2019 Edition

Krebs on Security

Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out. Fortunately, this month’s patch batch from Redmond is mercifully light, at least compared to last month.

article thumbnail

Successful Information Governance when the Bosses Just Don't Care

AIIM

We regularly discuss the value and importance of information governance - at our conference, in our training courses, in our virtual events. And we're by no means alone - every association and consulting firm in the industry has been making the same points for years. And if you're reading this post, you probably get it already. But what if your bosses still don't care?

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

A Summer of Data Breach Discontent

Data Breach Today

Ransomware Attacks, Vendors Mishaps Are Top Culprits in Healthcare Data Breach Drama When we look at many of the biggest healthcare data breaches reported so far this summer, two big culprits pop out: ransomware attacks and vendor mishaps. What other trends will emerge?

article thumbnail

Filing Systems: The five components to success, part 1

TAB OnRecord

This blog series highlights the components of a successful physical filing system. In part one we’ll introduce the concept of a complete filing system and take a look at the first three components, including storage equipment, containers and coding. Later, in part 2, we’ll look at the final two components which are file management tools [.] Read More.

article thumbnail

Major breach found in biometrics system used by banks, UK police and defence firms

The Guardian Data Protection

Fingerprints, facial recognition and other personal information from Biostar 2 discovered on publicly accessible database The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan Police, defence contractors and banks.

Passwords 112
article thumbnail

Boffins hacked Siemens Simatic S7, most secure controllers in the industry

Security Affairs

A group of Israeli researchers demonstrated that it is possible to take over the Simatic S7 controller one of the most secure controllers in the industry. A team of Israeli researchers demonstrated that it is possible to take control of the Simatic S7 controller without the knowledge of the operators. The team was composed of researchers from the Cyber ??

Security 111
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

European Central Bank Closes a Website Following Hack

Data Breach Today

Malware Found; Personal Data Apparently Exposed The European Central Bank has closed one of its websites after its IT staff found that a hacker compromised some personal information on the site and also planted malware.

article thumbnail

Enterprise Architecture Tools Are Key to Managing Ideation and Innovation

erwin

Organizations largely recognize the need for enterprise architecture tools, yet some still struggle to communicate their value and prioritize such initiatives. As data-driven business thrives , organizations will have to overcome these challenges because managing IT trends and emerging technologies makes enterprise architecture (EA) increasingly relevant.

article thumbnail

Modern Records Management Puts the “I” in IIM

AIIM

AIIM believes that every organization should be on a Digital Transformation journey and that Intelligent Information Management is the driver for that transformation. But how do you begin to put all of the pieces together into an approach that will make a difference? That is the subject of a new eBook from AIIM titled How to Become a Modern Records Manager (and a Business Enabler).

article thumbnail

FBI is searching for contractors to monitor social media

Security Affairs

The FBI is searching for contractors to monitor social media for potential threats, the announcement raises concerns for user privacy. The abuse of social media passwords for malicious purpose is quite common, for this reason, the FBI is searching for contractors to monitor them. However, monitoring activity could threaten user privacy and set up possible conflicts with social media giants, such as Facebook, over privacy. “The Federal Bureau of Investigation (FBI) intends to award a firm f

Privacy 105
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Biometric Security Vendor Exposes Fingerprints, Face Data

Data Breach Today

Researchers Find Open Database for Suprema's BioStar 2 A South Korean company that makes a biometric access control platform exposed fingerprint, facial recognition data and personal information after leaving an Elasticsearch database open, security researchers say. They found 23GB of data belonging to organizations that use Suprema's BioStar 2 system.

Security 166
article thumbnail

How to prepare for the California Consumer Privacy Act

Thales Cloud Protection & Licensing

On June 28, 2018 the governor of California Jerry Brown signed into law with Assembly Bill No. 375 the California Consumer Privacy Act (CCPA), making California the first U.S. state to pass its own data privacy law. Last August, my colleague Ashvin Kamaraju wrote a blog shortly after this took place. The CCPA, which will come into effect on Jan. 1, 2020, grants to the state’s over 40 million people a range of rights comparable to the rights given to European citizens with the General Data Protec

Privacy 91
article thumbnail

GDPR Data Subject Access Requests: How to Respond

IT Governance

The EU GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. This is known as a DSAR (data subject access request). Subject access requests are not new, but the GDPR introduced several changes that make responding to them more challenging. Organisations now have less time to respond, and may no longer charge a fee (except in certain circumstances).

GDPR 94
article thumbnail

City of Naples, Florida, lost $700K after a cyberattack

Security Affairs

Another city in the United States was hit by a cyber attack, according to officials in the city of Naples (Florida) they lost $700,000 in a recent attack. According to officials in the city of Naples, Florida, a cyberattack caused an economic loss of $700,000. This is the last incident in order of time that involved several cities in the United States.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Prosecutors Allege Capital One Suspect Stole From Many Others

Data Breach Today

New Court Documents Describe What Was Found on Her Servers Paige A. Thompson, who's been arrested on a charge of hacking into Capital One's network and taking the personal and financial data of 106 million individuals, is also suspected of stealing information from over 30 other organizations, according to new court documents.

163
163
article thumbnail

Software Vulnerabilities in the Boeing 787

Schneier on Security

Boeing left its software unprotected, and researchers have analyzed it for vulnerabilities: At the Black Hat security conference today in Las Vegas, Santamarta, a researcher for security firm IOActive, plans to present his findings, including the details of multiple serious security flaws in the code for a component of the 787 known as a Crew Information Service/Maintenance System.

Access 94
article thumbnail

ICO Launches Investigation into Facial Recognition in King’s Cross, London

Hunton Privacy

On August 15, 2019, the UK Information Commissioner’s Office (“ICO”) announced that it had launched an investigation into the use of live facial recognition technology at the King’s Cross development in London. This follows a letter sent by the mayor of London, Sadiq Khan, to the owner of the development inquiring as to whether the use of the software was legal.

Privacy 91