Data Breach Today
FEBRUARY 27, 2020
Former NSA Director and Others Stress Collaboration Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Here are some interview highlights.
Dark Reading
FEBRUARY 26, 2020
Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
IT Governance
FEBRUARY 27, 2020
Technological defences and staff training are two of the most frequently touted measures for preventing data breaches, but their effectiveness is dependent on the way organisations implement them. That means creating a detailed cyber security policy. What is a cyber security policy? A cyber security policy outlines an organisation’s cyber security defence strategy.
Krebs on Security
FEBRUARY 28, 2020
The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation’s four largest wireless carriers for selling access to their customers’ location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics say the penalties don’t go far enough to deter wireless carriers from continuing to sell customer location data.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 25, 2020
Cybersecurity Agency Ranks Election Security and Ransomware as Biggest Threats The 2016 U.S. presidential election served as a wake-up call for lawmakers and the public about the threat that cyber attackers can pose to the country's democracy, CISA Director Christopher Krebs told the 2020 RSA Conference. Election security and ransomware remain his agency's two biggest concerns.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
FEBRUARY 24, 2020
Along with Richard Stiennon , I belong to a small circle of journalists and tech industry analysts who’ve been paying close attention to cybersecurity since Bill Gates curtailed commercial work on Windows to rivet Microsoft’s attention on defending its software code. Related: The role of PKI is securing digital transformation That was in 2002. Back then, email spam was a nuisance evolving into a potent attack vector, and the top malware innovators were script kiddies seeking bragging rights.
Krebs on Security
FEBRUARY 26, 2020
On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. This week’s story on the Zyxel patch was prompted by the discovery that exploit code for attacking the flaw was being sold in the cybercrime underground for $20,000.
Data Breach Today
FEBRUARY 27, 2020
Data includes Names, Addresses, Email Addresses, Phone Numbers An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based security specialist who became frustrated after receiving unwanted marketing messages over SMS.
AIIM
FEBRUARY 27, 2020
In several recent posts, I’ve talked about professional development options for information management professionals and provided guidance on how to determine whether a particular course or certification is a good fit. For the most part, I’ve stayed away from blogging about AIIM's training for two reasons. First, we wanted these blog posts to be informative and insightful, rather than be perceived as self-aggrandizement.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
ARMA International
FEBRUARY 26, 2020
Records managers around the world are likely familiar with freedom of information (FOI) laws in their respective countries, especially when considered at the national or federal levels. But recent research concerning local, municipal-level compliance with these laws holds important lessons, especially for records managers who work in the public sphere.
Data Protection Report
FEBRUARY 25, 2020
Outbreak of the coronavirus and personal data privacy. The fast-spreading coronavirus (Covid-19) has infected thousands of people in China and in over 20 other countries. This coronavirus outbreak, originating in Wuhan, a large city located in the central region of China, has been declared a Public Health Emergency of International Concern (PHEIC) by the World Health Organization.
Data Breach Today
FEBRUARY 28, 2020
Chertoff Wants to Boost Huawei's Competitors; Huawei's Purdy Calls for More Transparency In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security.
IT Governance
FEBRUARY 26, 2020
Decathlon, the world’s largest sporting goods retailer, has suffered a massive data breach, affecting 123 million customer and employee records. Cyber security researchers at vpnMentor found a leaky database on a publicly accessible Elasticsearch server. It contained information from the retailer’s Spanish businesses and potentially its UK stores. Employees’ names, addresses, usernames, passwords, social security numbers, phone numbers and dates of birth were all affected.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
AIIM
FEBRUARY 25, 2020
The AIIM Conference is fast-approaching and whether you’ve already secured your ticket, still trying to convince your boss to send you , or just can’t attend this year - we have something for everyone on this latest episode of The AIIM on Air Podcast. First, we hear from Tod Chernikoff, Information System Development Analyst at Navy Federal Credit Union, about his upcoming session at AIIM20 on How to Align Systems Development with Your Organization's RIM Practices.
WIRED Threat Level
FEBRUARY 26, 2020
Security analyst John Strand had a contract to test a correctional facility’s defenses. He sent the best person for the job: his mother.
Data Breach Today
FEBRUARY 26, 2020
McAfee and Microsoft Analysts Review 'Ransomware as a Service' Trends Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.
Security Affairs
FEBRUARY 22, 2020
The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “ the Joker. ”.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Elie
FEBRUARY 25, 2020
This talk provides a comprehensive analysis of the malicious documents that target users and corporate inboxes, an in-depth analysis of the latest evasion tactics used by attackers and what Google is doing about it.
Schneier on Security
FEBRUARY 28, 2020
Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday, Google's security and anti-abuse research lead Elie Bursztein will present findings on how the new deep-learning scanner for documents is faring against the 300 billion attachments it has to process each week.
Data Breach Today
FEBRUARY 25, 2020
CISOs Need to Share Their Success Stories While the cybersecurity industry has increasingly focused on the roles artificial intelligence and machine learning can play in thwarting attacks, the humans behind the algorithms remain both points of strength and weakness, says RSA President Rohit Ghai, who keynoted the RSA 2020 conference on Tuesday.
Security Affairs
FEBRUARY 24, 2020
The FBI recommends using longer passwords composed of multiple words into a long string of at least 15 characters instead of short passwords including special characters. Recent guidance from the National Institute of Standards and Technology (NIST) highlights that the password length is much more important than password complexity. The recommendations are part of the Protected Voices initiative launched by the FBI to help 2020 political campaigns and American voters protect against online forei
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Elie
FEBRUARY 24, 2020
Everyday Gmail defenses analyze billions of attachments to prevent malicious documents from reaching the inboxes of its users whether they are end-users or corporate ones. This talk provides a comprehensive analysis of the malicious documents that target users and corporate inboxes, an in-depth analysis of the latest evasion tactics used by attackers and what Google is doing about it.
Dark Reading
FEBRUARY 24, 2020
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
Data Breach Today
FEBRUARY 26, 2020
McAfee's John Fokker Charts the Increasingly Advanced Cybercrime Service Economy Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.
Security Affairs
FEBRUARY 22, 2020
Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies. Google removed from the official Play Store nearly 600 Android apps that were violating two ad-related policies, it also banned the same apps from Google AdMob and Google Ad Manager. “As part of our ongoing efforts — along with help from newly developed technologies — today we’re announcing nearly 600 apps have been removed from the Google Play Store and banned f
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Troy Hunt
FEBRUARY 25, 2020
Back in 2016, I wrote a blog post about the Martin Lewis Money show featuring HIBP and how it drove an unprecedented spike of traffic to the service, ultimately knocking it offline for a brief period of time. They'd given me a heads up as apparently, that's what the program has a habit of doing: I Just wanted to get in contact to let you know we're featuring 'have I been pwned?
Hunton Privacy
FEBRUARY 25, 2020
On February 10, 2020, the Belgian Data Protection Authority (the “Belgian DPA”) published its Recommendation 1/2020 on data processing activities for direct marketing purposes (the “Recommendation”). With this Recommendation, the Belgian DPA aims to clarify the complex rules relating to the processing of personal data for direct marketing purposes, including by providing practical examples and guidelines to the different stakeholders involved in direct marketing activities.
Data Breach Today
FEBRUARY 24, 2020
Legal Action Stems From Misconfigured Database at UW Medicine A lawsuit seeking class action status filed against UW Medicine in the wake of a data leak incident has been amended to reflect that at least one HIV patient allegedly had their data exposed. Why are data breaches tied to IT misconfiguration a growing problem?
Expert insights. Personalized for you.
274 
Let's personalize your content