Sat.Jul 22, 2017 - Fri.Jul 28, 2017

article thumbnail

Attacking encrypted USB keys the hard(ware) way

Elie

Ever wondered if your new shiny AES hardware-encrypted USB device really encrypts your data - or is just a fluke? If you have, come to our talk to find out if those products live up to the hype and hear about the results of the audit we conducted on multiples USB keys and hard drives that claim to securely encrypt data. In this talk, we will present our methodology to assess "secure" USB devices both from the software and the hardware perspectives.

article thumbnail

Get five helpful RIM guides in TAB’s latest resource booklet

TAB OnRecord

TAB recently published a booklet containing several helpful resources relating to records and information management. In one convenient PDF document, this booklet covers several pressing topics, including: how to implement RIM software, document imaging, and mergers and acquisitions. You can download the booklet here. Here is a run-down of what you will find in the… Read More.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CJEU Declares Envisaged EU-Canada Data Transfer Agreement Incompatible with EU Law

Hunton Privacy

On July 26, 2017, the Court of Justice of the European Union (“CJEU”) declared that the envisaged EU-Canada agreement on the transfer of Passenger Name Records (“PNR Agreement”) interferes with the fundamental right to respect for private life and the right to the protection of personal data and is therefore incompatible with EU law in its current form.

article thumbnail

Court Compels Production of Documents Withheld as Nonresponsive, Orders Requesting Party to Bear Costs of Re-Review

eDiscovery Law

Nachurs Alpine Sols. Corp. v. Banks, No. 15-CV-4015-LTS, 2017 WL 2918979 (N.D. Iowa July 7, 2017). In this case, Defendants identified a number of potentially responsive documents by conducting a search with court-approved terms. Upon review of those documents, many were withheld from production as nonresponsive. When Plaintiff sought to compel production of additional documents it suspected were relevant, the court granted the request, but shifted the burden of reviewing the withheld documents

IT 45
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

How we created the first SHA-1 collision and what it means for hash security

Elie

In February 2017, we announced the first SHA-1 collision. This collision combined with a clever use of the PDF format allows attackers to forge PDF pairs that have identical SHA-1 hashes and yet display different content. This attack is the result of over two years of intense research. It took 6500 CPU years and 110 GPU years of computations which is still 100,000 times faster than a brute-force attack.

IT 63

More Trending

article thumbnail

Singapore Submits Notice of Intent to Join the APEC CBPR and PRP Systems

Hunton Privacy

On July 27, 2017, Singapore submitted its notice of intent to join the APEC Cross-Border Privacy Rules (“CBPR”) system and the APEC Privacy Recognition for Processors System (“PRP”). Singapore would be the sixth member of the CBPR system, joining Canada, Japan, Mexico, the United States and the newest member, South Korea. The announcement was made by Dr.

Privacy 45
article thumbnail

US Coast Guard Releases Draft Cybersecurity Guidelines

Data Protection Report

On July 11, 2017, the US Coast Guard (USCG) and the Department of Homeland Security (DHS) proposed new cybersecurity draft guidelines for Maritime Transportation Security Act (MTSA) regulated facilities. The guidelines follow the White House’s May 2017 Executive Order to strengthen the cybersecurity of critical infrastructure. The draft guidelines are open for public comment until September 11, 2017.

article thumbnail

Tracking desktop ransomware payments end to end

Elie

A niche term just two years ago, ransomware has rapidly risen to fame in the last year, infecting hundreds of thousands of users, locking their documents, and demanding hefty ransoms to get them back. In doing so, it has become one of the largest cybercrime revenue sources, with heavy reliance on Bitcoins and Tor to confound the money trail. In this talk, we demonstrate a method to track the ransomware ecosystem at scale, from distribution sites to the cash-out points.

article thumbnail

Data Protection Training for GDPR – Getting it Right First Time – Part 2

Managing Your Information

Effective data protection training will continue to be essential to ensure compliance with data protection legislation. Training of staff is going to be a vital investment to ensure compliance with the GDPR for many organisations, although it can also be a significant cost. It is therefore essential to make sure your organisation has a training solution that is right for them.

GDPR 31
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Nevada Enacts Website Privacy Notice Law

Hunton Privacy

Recently, Nevada enacted an online privacy policy law which will require operators of websites and online services to post a notice on their website regarding their privacy practices. The Nevada law contains content requirements for online privacy notices, specifying that the notice must (1) identify the categories of personally identifiable information (“PII”) collected through the website and the categories of third parties with whom PII may be shared; (2) provide information about users’ abil

Privacy 42
article thumbnail

Paul Robeson Jr. Talks About His Father

Archives Blogs

In January 1971, radio reporter Eleanor Fischer interviewed Paul Robeson Jr. for a radio documentary she was producing about his father, Paul Robeson. The CBC documentary covered Robeson’s life extensively and included interviews with friends and colleagues that knew Robeson best, along with his only son. The interviews presented here are Fischer’s raw, unedited sessions.

article thumbnail

FTC Launches Series of Blog Posts on “Reasonable Steps” to Protect Consumer Data

Hunton Privacy

On July 21, 2017, the FTC announced its publication of “Stick with Security,” a series of blog posts on reasonable steps that companies should take to protect and secure consumer data. The posts will build on the FTC’s Start with Security Guide for Businesses , and will be based on the FTC’s 60+ law enforcement actions, closed investigations and questions from businesses.

Risk 40
article thumbnail

Nominate Hunton’s Privacy Blog for the ABA Journal’s Web 100 Amici Award

Hunton Privacy

The ABA Journal has announced that it is accepting nominations for its Web 100 Amici award, which recognizes legal blogs. We hope you will continue to show your support for Hunton & Williams’ Privacy & Information Security Law blog by nominating the blog for this award. Nominations are due on July 30, and you can access the form here. If you enjoy reading the blog, we would be grateful if you would take a few minutes to submit your nomination.

Privacy 40
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

OCR Releases Improved Data Breach Reporting Tool

Hunton Privacy

On July 25, 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced the release of an updated web tool that highlights recent data breaches of health information. Entities covered by the Health Insurance Portability and Accountability Act (“HIPAA”) are required to notify OCR when they experience a data breach.

article thumbnail

New Jersey Shopper Privacy Bill Signed into Law

Hunton Privacy

On July 21, 2017, New Jersey Governor Chris Christie signed a bill that places new restrictions on the collection and use of personal information by retail establishments for certain purposes. The statute, which is called the Personal Information and Privacy Protection Act , permits retail establishments in New Jersey to scan a person’s driver’s license or other state-issued identification card only for the following eight purposes: to verify the authenticity of the identification card or to ver

Privacy 40
article thumbnail

Data Protection Training for GDPR – Getting it Right First Time – Part 2

Managing Your Information

Effective data protection training will continue to be essential to ensure compliance with data protection legislation. Training of staff is going to be a vital investment to ensure compliance with the GDPR for many organisations, although it can also be a significant cost. It is therefore essential to make sure your organisation has a training solution that is right for them.

GDPR 28
article thumbnail

Student Societies of Amherst Academy & Their Questions

Archives Blogs

This week’s blog post comes from our Bicentennial Metadata Librarian, Amanda Pizzollo: As avid readers of this blog will know, Amherst College was conceived out of the previously existing Amherst Academy. As Frederick Tuckerman points out in his book on the academy, the founders of Amherst Academy are also the founders of Amherst College. Yet the school’s connection to the foundation of Amherst College is not the only reason that Amherst Academy is worthy of attention.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

WQXR Co-Founder and Radio Pioneer John Vincent Lawless Hogan

Archives Blogs

Listening to WQXR co-founder John V. L. Hogan (1890-1960) in the above radio address, made only a few months after W2XR became WQXR,* one is struck by just how important feedback (pun intended) was to him. Radio was still an evolving media and the listener’s point of view was critical to its forward movement. In the address, Hogan emphasizes that WQXR was different and not content or “self-satisfied” with status-quo –either technically or programmatically.

article thumbnail

The Freedom Summer: Mississippi in 1964

Archives Blogs

The summer of 1964 marked a critical moment in the American civil rights movement. Eleanor Fischer traveled to the southern state of Mississippi to produce a documentary on the Freedom Summer. She had the opportunity to interview the civil rights workers from Northern cities such as Chicago and New York and the black civil rights and voting activist leaders from Mississippi, while also speaking with white, local political leaders and segregationists.