Sat.Feb 01, 2020 - Fri.Feb 07, 2020

article thumbnail

The Iowa Caucus Tech Meltdown Is a Warning

WIRED Threat Level

The Iowa results will come in eventually, thanks to a paper trail. But it underscores just how much can go wrong when you lean on unnecessary, untested tech.

Paper 98
article thumbnail

Ransomware Attacks: Why It Should Be Illegal to Pay the Ransom

Dark Reading

For cities, states and towns, paying up is short-sighted and only makes the problem worse.

IT 91
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google Chrome To Bar HTTP File Downloads

Threatpost

Downloads of files like images may be banned if they use HTTP connections - even if they are available from an HTTPS website.

article thumbnail

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

Less than 48 hours after the killing of Iran’s General Qasem Soleimani, the U.S. Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” Related: Cyber warfare enters Golden Age In fact, strategic cyber operations essentially pitting Russia and Iran against the U.S. and Saudi Arabia have been steadily escalating for at least the past decade, with notable spikes

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Booter Boss Busted By Bacon Pizza Buy

Krebs on Security

A Pennsylvania man who operated one of the Internet’s longest-running online attack-for-hire or “booter” services was sentenced to five years probation today. While the young man’s punishment was heavily tempered by his current poor health, the defendant’s dietary choices may have contributed to both his capture and the lenient sentencing: Investigators say the onetime booter boss’s identity became clear after he ordered a bacon and chicken pizza delivered to

More Trending

article thumbnail

The Changing Face of Data Security in Australia and New Zealand

Thales Cloud Protection & Licensing

The traditional focus on security has been on breach prevention and threat detection but these can only go so far. For organisations going through digital transformation there needs to be a layered approach to security – complimenting these traditional strategies with data protection.In the evolving digital world of cloud, social and apps, data is now the perimeter.

article thumbnail

2020 Oscar Nominees Used to Spread Malware

Adam Levin

Online scammers are using the 2020 Oscars to spread malware. A recent study released by Kaspersky Labs uncovered several hacking and phishing campaigns promising their targets free and early access to Best Picture nominees for this year’s Academy Awards. The study found over twenty phishing websites hosting at least 925 malicious files using the movies as bait, requiring would-be victims to either provide personal information (including credit card numbers), or to install adware applications to

Phishing 123
article thumbnail

When Your Used Car is a Little Too ‘Mobile’

Krebs on Security

Many modern vehicles let owners use the Internet or a mobile device to control the car’s locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here’s the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended.

article thumbnail

FTC Shutters Hundreds of 'Fake' Websites

Data Breach Today

Sites Fraudulently Offered Government Services for a Fee, Commission Says After winning court approval this week, the Federal Trade Commission shuttered over 200 websites that it says fraudulently claimed to offer government services, such as drivers' license renewals or verification of public benefits, for a fee.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling security products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption.

article thumbnail

The coronavirus outbreak is being used to spread malware

IT Governance

Cyber criminals are exploiting the public’s fear of the Wuhan in a new phishing scam , researchers have learned. Experts at IBM discovered a spate of phishing emails being sent to Japanese citizens, asking them to open an attached Word document supposedly containing details of infections in the country’s main island. The email reads: Department of Health Services.

Phishing 117
article thumbnail

[Podcast] How to Conduct a Proof of Concept

AIIM

Reaching your Digital Transformation goals often requires the addition of new software solutions. But, shopping around for software can be a challenge. How are organizations expected to fully assess the precision of one software system/solution and compare it to another? Are we expected to become experts on each option? In our personal lives, when we shop for something like a new pair of shoes, we try on different brands and sizes to see what fits best for our needs.

article thumbnail

FBI Reportedly Says DDoS Attack Targeted Voter Registration

Data Breach Today

State Voter Registration Website Repeatedly Targeted The FBI reportedly warned this week that attackers repeatedly attempted to disrupt a state's voter registration and information website with a distributed denial-of-service attack.

270
270
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

Check Point experts discovered a high-severity flaw in Philips Hue Smart Light Bulbs that can be exploited to gain entry into a targeted WiFi network. Security experts from Check Point discovered a high-severity flaw ( CVE-2020-6007 ) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. Lightbulbs could be remotely controlled through a mobile app or via a digital home assistant, owners could control the light in the environment and even

IoT 118
article thumbnail

Ensuring business continuity during emergencies

OpenText Information Management

Business continuity can be a challenge when virus breakouts, natural disasters or political upheaval lead to travel bans. While protecting the health of employees and mitigating the risk of spreading the virus are vital, businesses must continue to function and minimize disruption in productivity. For example, the novel coronavirus (2019-nCoV) has recently been declared a … The post Ensuring business continuity during emergencies appeared first on OpenText Blogs.

Risk 111
article thumbnail

3 Reasons Why CIP Is NOT the Right Certification for You

AIIM

You might think that here at AIIM we’d say everyone is a good candidate for the CIP designation. But, as the architect for the most recent updates to the Certified Information Professional (CIP) certification , a teacher of the CIP prep course, and a CIP pin-wearing member since its release in 2011, I don’t think it’s always a perfect fit. Here at AIIM, the last thing we want is for you to spend your time, money, and effort towards a certification that you won't be happy with in the end.

article thumbnail

Fraudsters Pose as Journalist in Phishing Campaign: Report

Data Breach Today

Inquiry Posing Interview Questions Designed to Steal Credentials In a recently discovered phishing campaign, hackers attempted to steal victims' passwords and credentials by posing as a former Wall Street Journal reporter and sending documents with potential interview questions, according to security firm Certfa.

Phishing 266
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Critical Android Bluetooth flaw CVE-2020-0022 could be exploited without user interaction

Security Affairs

Google addressed a critical vulnerability in its Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. Google has addressed a critical flaw in Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. The vulnerability tracked as CVE-2020-0022 is a remote code execution flaw that could allow attackers to execute code on the device with the elevated privileges of the Bluetooth daemon when the wireless module is acti

article thumbnail

The Challenge of Bias in AI – Creating Ethical Guidelines

Thales Cloud Protection & Licensing

Artificial intelligence (AI) is becoming increasingly integral to information security. From the multitude of ways AI is used in business to creating smart cities and safeguarding transportation , AI impacts nearly every aspect of our lives. In fact, in its Reinventing Cybersecurity with Artificial Intelligence report , Capgemini found that 61% of respondents said they can no longer detect data breach attempts without the help of AI.

article thumbnail

Weekly Update 177

Troy Hunt

I've got audio! Ok, so I cheated a bit in terms of recording back in the home office, but the plugs I need to make the Zoom H6 work the way it should (and yeah, I know I said "Rode" H6 in the vid, sorry!) are on the way and hopefully they'll be all good for next week when I'm in Sydney. I'm talking about that trip in this week's update along with the Chrome 80 changes to SameSite cookies not that its hit, the Adult FriendFinder breach and then recapping on a heap of the week's news in tweets.

Access 103
article thumbnail

Barr: US Should Invest in Nokia, Ericsson

Data Breach Today

Attorney General Calls for Supporting Huawei's Competitors to Help Boost 5G Security U.S. Attorney General William Barr says the United States and its allies should take a "controlling stake" in Huawei's chief competitors, Findland's Nokia and Sweden's Ericsson, to help make them more viable and improve the security of emerging 5G networks.

Security 240
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. Just last week, Japan’s Ministry of Defense announced in addition to Mitsubishi Electric and the NEC defense business division other two unnamed contractors suffered a data breach.

Security 105
article thumbnail

Bringing teachers and pupils together at Bett: a global education technology show

Jamf

This year's global education technology show Bett has a lot of gadgets and flash. But do they actually impact education?

Education 121
article thumbnail

Web browsing histories are being given to Australian police under data retention powers

The Guardian Data Protection

Ombudsman says ‘greyness’ in metadata definition must be examined as the practice is excluded in legislation Law enforcement agencies are being provided with the web browsing histories of people under investigation using mandatory data retention powers, despite the federal government specifically excluding that practice in the legislation, the commonwealth ombudsman has warned.

article thumbnail

Financial Firms Targeted With New Type of Backdoor: Report

Data Breach Today

FireEye Researchers First Spotted 'Minebridge' in Early January FireEye researchers are tracking a hacker campaign using a new type of backdoor they call "Minebridge" that has primarily been targeting U.S. financial firms this year.

208
208
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Keep the train rolling: partner momentum in the data science market

IBM Big Data Hub

How has the newer data science technology such as Watson Studio, Watson Machine Learning and Watson OpenScale been picked up by the business partner community? I mentioned in our previous blog that I was pleasantly surprised at how many IBM Business Partners have established a Data Science practice. The new data science technology has been very well received by our partner community.

article thumbnail

Security in 2020: Revisited

Schneier on Security

Ten years ago, I wrote an essay : "Security in 2020." Well, it's finally 2020. I think I did pretty well. Here's what I said back then: There's really no such thing as security in the abstract. Security can only be defined in relation to something else. You're secure from something or against something. In the next 10 years, the traditional definition of IT security -- that it protects you from hackers, criminals, and other bad guys -- will undergo a radical shift.

Security 137
article thumbnail

Councils let firms track visits to webpages on benefits and disability

The Guardian Data Protection

Investigation finds 400-plus councils let at least one third party track use of their sites Councils are sharing information about users of their websites – including when they seek help with a benefit claim, or with a disability or alcoholism – with dozens of private companies. More than 400 local authorities allowed at least one third-party company to track individuals who visit their sites, an investigation has revealed.