Sat.Feb 23, 2019 - Fri.Mar 01, 2019

article thumbnail

Innovation Lab: The Role of Blockchain in Information Governance

Everteam

Something is exciting about diving into innovative technology and figuring out how it can improve the way you do business. The blockchain is one of those technologies and in the information management world there are some interesting ways it is helping increase data security, accountability, and transparency. Blockchain – just the basics. With many resources out there that define and describe blockchain, I’m not going to spend a lot of time defining it.

article thumbnail

MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone

The Last Watchdog

Google, Facebook and Amazon have gotten filthy rich doing one thing extremely well: fixating on every move each one of us makes when we use our Internet-connected computing devices. Related: Protecting web gateways. The tech titans have swelled into multi-billion dollar behemoths by myopically focusing on delivering targeted online advertising, in support of online retailing.

Retail 138
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Attacking Soldiers on Social Media

Schneier on Security

A research group at NATO's Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise -- we don't know what country they were from -- to demonstrate the power of the attack technique. Over four weeks, the researchers developed fake pages and closed groups on Facebook that looked like they were associated with the military exercise, as well as profiles impersonating service members both real and imagined.

article thumbnail

Dow Jones Data Exposed on Public Server

Data Breach Today

'Authorized Third Party' Responsible for Leak, Company Says An "authorized third party" exposed a Dow Jones database with more than 2.4 million records of risky businesses and individuals on a public server without password protection. The incident points to the importance of proper vendor risk management, security experts say.

Passwords 248
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Payroll Provider Gives Extortionists a Payday

Krebs on Security

Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company’s customers for nearly three days. Faced with the threat of an extended outage, Apex chose to pay the ransom demand and begin the process of restoring service to customers. Roswell, Ga. based Apex HCM is a cloud-based payroll software company that serves some 350 payroll service bureaus that in turn provide payroll services to s

More Trending

article thumbnail

Understanding the Key Benefits of Extending ECM into Lead Business Applications

AIIM

Intelligent Automation requires both a top-down and a down-up strategy and the proper content capabilities to drive this strategy. Every organization is on a quest to automate and digitalize their business. C-level executives go to conferences and come back proclaiming a need for a bold “Transformation” initiative, not always realizing that the raw material — and skills — necessary for intelligent automation likely lies in some of their past experiences with ECM and BPM.

ECM 114
article thumbnail

Cryptocurrency Miners Exploit Latest Drupal Flaw

Data Breach Today

Patch Now to Block Remote Code Execution Exploits of Content Management System Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system vulnerability to install cryptocurrency miners and other malicious software on sites, security experts warn.

Security 238
article thumbnail

Booter Boss Interviewed in 2014 Pleads Guilty

Krebs on Security

A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years. The plea deal comes almost exactly five years after KrebsOnSecurity interviewed both the admitted felon and his father and urged the latter to take a more active interest in his son’s online activities.

article thumbnail

List of data breaches and cyber attacks in February 2019 – 692,853,046 records leaked

IT Governance

The shortest month of the year is over in a flash, but not before a significant number of data breaches and cyber attacks could take place. I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. At the time of publication, that’s roughly 30,000 records per minute so far this year…. As always, if I’ve missed anything please do let me know in the comments below.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

AIIM19 session preview - Absolute Intelligence: Taking the Artificial Out of AI

AIIM

AIIM19 is only a short time away and information management professionals from around the world will converge in San Diego for three days of sessions, sharing and fun. But what can you expect this year? In this continuing series of AIIM19 session previews we get a taste of what’s to come. I spoke recently with Angela Watt about her session, co-hosted with Emily Speight, titled “Absolute Intelligence: Taking the Artificial out of AI,” and I asked her to briefly summarize the topics.

article thumbnail

Data Breach Notification: California Targets 'Loopholes'

Data Breach Today

Marriott's Starwood Mega-Breach Drives Data Protection Update Driven by Marriott's Starwood mega-breach, California lawmakers are pushing legislation that would expand the state's pioneering data breach notification requirements to include breaches of biometric data and all types of government identification numbers, including passports.

article thumbnail

PDF zero-day samples harvest user data when opened in Chrome

Security Affairs

Experts at Exploit detection service EdgeSpot detected several PDF documents that exploit a zero-day flaw in Chrome to harvest user data. Exploit detection service EdgeSpot spotted several PDF documents that exploit a zero-day vulnerability in Chrome to harvest data on users who open the files through the popular web browser. The experts initially detected the specially-crafted PDF files in December 2018.

article thumbnail

Celebrating diversity and women in technology in India

OpenText Information Management

This year, OpenText™ sent our first official delegation of talented female employees from our Hyderabad and Bangalore offices to the Grace Hopper Celebration India (GHCI). As Asia’s largest gathering of women technologists, GHCI provided our delegation with incredible learning and networking opportunities. I had the pleasure of joining our inaugural Indian delegation to GHCI in … The post Celebrating diversity and women in technology in India appeared first on OpenText Blogs.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Our Industry Is Failing. Will We Fix It?

John Battelle's Searchblog

If the latest tech revelations have proven anything, it’s that the endless cycle of jaw-dropping headlines and concomitant corporate apologetics has changed exactly nothing. Over and over, the pattern repeats. A journalist, researcher, or concerned citizen finds some appalling externality associated with one of our largest technology platforms.

IT 94
article thumbnail

Dongle Danger: Operating Systems Don't Defend Memory

Data Breach Today

Researchers Say Connecting to USB 3 Devices Could Lead to Data Theft Windows, MacOS and Linux operating systems don't sufficiently protect memory, making it possible for a fake network card to sniff banking credentials, encryption keys and private files, according to new research. Fixes are in the pipeline, but caution should be used before connecting to peripherals in public areas.

article thumbnail

Crooks offer millions to skilled black hats to help them in extortion campaigns

Security Affairs

Cybercriminals are offering over a million dollars per year to skilled professionals like vxers and penetration testers to help them in extortion campaigns. According to a new report published by the security firm Digital Shadows cybercriminal organizations are willing to pay millions to skilled hackers and malware developers. The analysis of posts on Dark Web forums reveals that at least one threat actor is willing to pay more than $64,000 per month ($768,000 per year) to skilled hackers to rec

Sales 94
article thumbnail

Blockchain White Paper

National Archives Records Express

We are pleased to announce the release of our Blockchain White Paper. The white paper began as an internal effort to assist NARA staff in learning more about the technology and how agencies are using it. While it includes a very high-level overview of the technical aspects of blockchain, it is useful to records managers because it explores the various implications for Federal electronic records management programs.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

What are the best books on information security?

IT Governance

This blog has been updated to reflect industry updates. Originally published 29 November 2017. As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR prescribes large administrative fines for organisations that fail to appropriately secure the personal data they process.

article thumbnail

15 GDPR Probes in Ireland Target Facebook, Twitter, Others

Data Breach Today

Facebook Alone the Focus of 10 Separate Regulatory Investigations by Privacy Watchdog Ireland's privacy watchdog has its eye on Facebook. Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook.

GDPR 221
article thumbnail

B0r0nt0K ransomware demands $75,000 ransom to the victims

Security Affairs

The recently discovered B0r0nt0K ransomware infects both Linux and Windows servers and demands $75,000 ransom to the victims. A new piece of ransomware called B0r0nt0K appeared in the threat landscape, it is targeting web sites and demanding a 20 bitcoin ransom to the victims (roughly $75,000). This B0r0nt0K ransomware infects both Linux and Windows servers.

article thumbnail

Adapt or die: The only constant in technology is change

DXC Technology

Here’s a list of 10 companies. See if you can guess what they have in common. AOL Yahoo! Geocities MSN Netscape Excite Lycos Microsoft American Greetings Infoseek So how are these companies linked? They were the 10 most-visited web properties in 1998, according to Media Metrix. Now here’s another list of companies, this from Comscore […].

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Malicious insiders are the heroes of their own warped story

IT Governance

To prevent employees sabotaging your organisation, you must understand the way they think. There’s a mantra in Hollywood that ‘every villain is the hero of their own story’. It serves as a reminder that well-written bad guys believe that their actions are justified, no matter the cost. However, it doesn’t only apply to films. It’s something that can be applied to everyday scenarios to understand why bad people do bad things.

article thumbnail

Before Elections, US Cut Russian Trolls' Internet Access

Data Breach Today

Mindful of Escalation, American Spies Cautiously Spar with Russia The U.S. military curtailed the internet access of an infamous Russian trolling operation around the mid-term elections in November 2018 to stem the spread of noxious disinformation, and also directly contacted some of the troll-factory employees by name, the Washington Post reports.

Access 207
article thumbnail

CVE-2019-9019 affects British Airways Entertainment System on Boeing 777-36N(ER)

Security Affairs

The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, is affected by a privilege escalation issue tracked as CVE-2019-9019. Experts discovered a critical vulnerability in the British Airways Entertainment System. The flaw is a privilege escalation issue that resides in the component USB Handler, an attacker could exploit it using an unknown input to escalate privileges.

article thumbnail

FTC Hits TikTok With Record $5.7 Million Fine Over Children’s Privacy

WIRED Threat Level

The social media app will pay $5.7 million to settle the allegations, and be required to delete videos uploaded by anyone under 13.

Privacy 99
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Attackers Continue to Focus on Users, Well-Worn Techniques

Dark Reading

From WannaCry and phishing to credential stuffing and cryptomining, attackers relied on many oldie-but-goodie attacks in 2018, according to a pair of new security threat reports.

article thumbnail

Tech Industry Pushes for Australian Encryption Law Changes

Data Breach Today

Senate Committee Reviewing Law With an Eye to Amend Technology organizations say Australia's anti-encryption law passed in December is already undermining trust in their local operations. The comments come as a Senate committee is reviewing the law - passed in a hurry in December - to consider whether to amend it.

article thumbnail

Experts devised 3 attacks Show Signed PDF Documents Cannot Be Trusted

Security Affairs

Experts found several flaws in popular PDF viewers and online validation services that allow to deceive the digital signature validation process. Several PDF viewers and online validation services contain vulnerabilities that can be exploited to make unauthorized changes to signed PDF documents without invalidating their digital signature. A group of academics from the German Ruhr-University Bochum in Germany analyzed 22 desktop applications and 7 online validation services.

Paper 88