Sat.Dec 21, 2019 - Fri.Dec 27, 2019

article thumbnail

The California Consumer Privacy Act is upon us. Who is ready?

Information Management Resources

Technology companies have significant work to do as they head into the new year and the demands of regulatory compliance for customer data become real.

Privacy 64
article thumbnail

Combining AI and Playbooks to Predict Cyberattacks

Threatpost

Mature machine learning can analyze attack strategies and look for underlying patterns that the AI system can use to predict an attacker's next move.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

2020 & Beyond: The Evolution of Cybersecurity

Dark Reading

As new technologies disrupt the industry, remember that security is a process, not a goal. Educate yourself on how you can best secure your corner of the Web.

article thumbnail

When Is Data "Public"? (And 2.5M Public Factual Records in HIBP)

Troy Hunt

When is data "public"? And what does "public" even mean? Does it mean it's merely visible to the public? Or does it mean the public can do anything they like with it? This discussion comes up time and time again as it did with the huge leak of PDL data only last month. For the most part, the impacted data in this incident came from LinkedIn, a service where by design we (including myself) publish personal information about ourselves for public consumption.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible.

More Trending

article thumbnail

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. Why should this be a high priority project? Increased regulation and enforcement action. In 2019, we saw regulators put a renewed focus on how long businesses retain personal information. The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real

Privacy 144
article thumbnail

The Certified Information Professional (CIP) vs the Information Governance Professional (IGP)

AIIM

In a recent post, I compared the CIP and the Certified Records Manager (CRM) certification. The Certified Information Governance Professional (IGP) from ARMA is another certification in the information management field and one that’s attracted a lot of interest from records managers. So, I thought I’d make a similar comparison between the CIP and the IGP.

article thumbnail

Do You Have the Right Stuff to Transition to Information Governance?

ARMA International

In the late 1950s, the United States invited its top test pilots to apply to become the nation’s first astronauts. As memorialized in the book The Right Stuff , test pilots then had to decide whether to transition into an uncertain-yet-vaguely-familiar new career or continue along their present path. Some made the move and became famous; others didn’t, and many of them faded into history.

article thumbnail

Gartner's Avivah Litan on the Rise of 'Fake Everything'

Data Breach Today

Fake news, fake accounts - even fake food. Gartner analyst Avivah Litan is concerned about the onslaught of "fake everything" and how it undermines the trust upon which enterprises are built. In this 2020 preview, Litan discusses emerging technologies to combat the fakes.

IT 200
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk

Security Affairs

Critical CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway could be exploited to access company networks, 80,000 companies at risk worldwide. A critical vulnerability in Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway), tracked as CVE-2019-19781 , could be exploited by attackers to access company networks.

Risk 97
article thumbnail

How Much Does it Cost to Become a Certified Information Professional?

AIIM

Do you want to earn your seat at the table for your organization’s important strategic discussions? Maybe you’re going for that next promotion and looking to round out your skillset. You might even just want to prove to yourself that you have what it takes to be among the industry’s elite. There are a multitude of reasons why you may be interested in the Certified Information Professional certification.

IT 99
article thumbnail

Doorstep Dispensaree becomes the first UK organisation to receive a GDPR fine

IT Governance

Doorstep Dispensaree has been fined £275,000 for failing to comply with the GDPR (General Data Protection Regulation) , making it the first organisation in the UK to be penalised for breaching its requirements. The London-based pharmacy, which supplies medicines to thousands of care homes, left about 500,000 documents containing personal data in unlocked containers in the back of its premises.

GDPR 78
article thumbnail

Researchers: Chinese APT Espionage Campaign Bypasses 2FA

Data Breach Today

Fox-IT Suspects APT20 Group Was Involved An advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries for two years, bypassing two-factor authentication, according to a report by Fox-IT.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Facebook Security Debacles: 2019 Year in Review

Threatpost

2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.

article thumbnail

Top cybersecurity Predictions for 2020

Security Affairs

The 2020 Cybersecurity Landscape – Below Pierluigi Paganini’s cybersecurity predictions for the next twelve months. Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year. Let’s try to imagine what threats and bad actors will influence the cyber arena in the next 12 months. 1) Targeted ransomware attacks on the rise.

article thumbnail

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

ARMA International

Highlights of the Forrester Research and ARMA International Records Management Online Survey, Q4 2019. 2019 marks ten years since ARMA International and Forrester Research first surveyed records and information management (RIM) decision-makers to understand the key trends and challenges facing the profession. Dozens of respondents from around the world shared their perspectives in the survey that ran in September-October 2019.

article thumbnail

Apple and Google Stop Distributing ToTok Messaging App

Data Breach Today

UAE Government Allegedly Built App to Spy on Citizens; Rival Offerings Banned Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens.

Marketing 173
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Tighter Security for Virtru through Central Management

Jamf

Read how Virtru ventured into the governmental space and was able to leverage Jamf Now’s central management to gain FedRAMP compliance.

article thumbnail

New Mozi P2P Botnet targets Netgear, D-Link, Huawei routers

Security Affairs

A new Mozi P2P botnet is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. Security experts from 360 Netlab spotted a new Mozi P2P botnet that is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months, the botnet was mainly involved in DDoS attacks, experts also noticed that the sample borrows part of code from the Gafgyt malware.

article thumbnail

Top 10 IoT Disasters of 2019

Threatpost

From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children's connected toys, here are the top IoT disasters in 2019.

IoT 72
article thumbnail

US Cybercom Considers Bold Election Security Moves: Report

Data Breach Today

Measures Could Include 'Limited Cyber Operation' Against Russians The U.S. Cyber Command is weighing several cyber strategies to counter Russian influence and interference during the 2020 presidential election, The Washington Post reports. The measures reportedly could include a 'limited cyber operation' against Russian targets.

Security 162
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Uninstall ToTok, an Alleged Emirati Spy App, From Your Phone Now

WIRED Threat Level

A messaging app called ToTok had scores of positive reviews, particularly from users in the UAE. US intelligent officials say it may be spying for that government instead. .

article thumbnail

RuNet – Russia successfully concluded tests on its Internet infrastructure

Security Affairs

Russia successfully disconnected from the internet. Russia’s government announced that it has successfully concluded a series of tests for its RuNet intranet aimed at country disconnection from the Internet. The Russian Government has announced on Monday that it has successfully concluded the test on its RuNet intranet and the complete disconnection of the country from the Internet. “The results of the exercises showed that, in general, both authorities and telecom operators are read

IT 82
article thumbnail

SIM Swapping Attacks: What They Are & How to Stop Them

Dark Reading

Fraudsters with social engineering skills are hijacking cell phone SIM cards to access victims' bitcoin and social media accounts

Access 81
article thumbnail

MyKings Cryptomining Botnet Leverages EternalBlue Flaw

Data Breach Today

Researchers Also Find Malicious Code Hiding in Taylor Swift Image The MyKings botnet, which has been spreading cryptominers and other malware, continues to grow in sophistication, using steganography to hide malicious updates, Sophos Labs reports. New research also shows attackers are exploiting the EternalBlue vulnerability in Windows.

162
162
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

EU Council’s Draft Position on the Application of the GDPR

Hunton Privacy

On December 19, 2019, the members of the Permanent Representations of EU Member States to the Council of the European Union (“the Council”) published a draft position on the application of the General Data Protection Regulation (“GDPR”). After the draft position has been formally adopted by the Council, it will be provided to the European Commission.

GDPR 72
article thumbnail

A flaw in Twitter App for Android could have been exploited to take over the account

Security Affairs

A flaw in the Twitter app for Android could have been exploited by attackers to obtain sensitive information or take over an account. Twitter has recently addressed a security vulnerability that affected the Android version of the app, it could have been exploited by hackers to access sensitive information of the users (direct messages, protected tweets and location data) or take over their accounts.

Privacy 71
article thumbnail

Data Breach Compromises Payment Card Info At Wawa Stores

Adam Levin

Convenience store and gas station chain Wawa informed customers of a data breach that compromised payment card information at most of its 842 locations. In an announcement released December 19, Wawa CEO Chris Gheysens. stated that the company’s information security team had discovered malware on their payment processing servers about a week earlier.