Dark Reading

OCTOBER 16, 2019

In part one of this two-part series, we start with the basics - getting everyone to understand what's at stake - and then look at lessons from the trenches.

Cybersecurity 60

Cybersecurity 60

Data Breach Today

OCTOBER 17, 2019

With 18 Vendors on Board, Experts Assess New Group's Chances for Success Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications. But some observers say getting all players to agree on a common platform will be challenging.

Cybersecurity 124

Cybersecurity 124

erwin

OCTOBER 17, 2019

Architect Everything: New use cases for enterprise architecture are increasing enterprise architect’s stock in data-driven business. As enterprise architecture has evolved, so to have the use cases for enterprise architecture. Analyst firm Ovum recently released a new report titled Ovum Market Radar: Enterprise Architecture. In it, they make the case that enterprise architecture (EA) is becoming AE – or “architect everything” The transition highlights enterprise architect

Digital transformation 106

Digital transformation Compliance Government Risk 106

The Last Watchdog

OCTOBER 16, 2019

A pair of malicious activities have become a stunning example of digital transformation – unfortunately on the darknet. Related: Cyber risks spinning out of IoT Credential stuffing and account takeovers – which take full advantage of Big Data, high-velocity software, and automation – inundated the internet in massive surges in 2018 and the first half of 2019, according to multiple reports.

Big data 120

Big data Passwords Digital transformation Data breaches 120

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Krebs on Security

OCTOBER 15, 2019

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.

Sales 202

Sales Marketing Retail Government 202

Thales Cloud Protection & Licensing

OCTOBER 15, 2019

It is the year 2030, and you have had another busy day. As you finish what you thought would be your last espresso and grab your laptop to leave work, your colleague tells you that you need to stay late for an urgent meeting. Panic sets in, but you push past it and put a plan into motion. To pick your daughter up from school, you call a driverless car.

Security 113

Security Encryption Systems administration Access 113

John Battelle's Searchblog

OCTOBER 14, 2019

Something’s been bugging me about Tik Tok. I’ve almost downloaded it about a dozen times over the past few months. But I always stop short. I don’t have a ton of time ( here’s why ) so forgive me as I resort to some short form tricks here. To wit: China employs a breathtaking model of state-driven surveillance. The US employs a breathtaking model of capitalist surveillance.

Artificial Intelligence 105

Artificial Intelligence Privacy File names Government 105

Krebs on Security

OCTOBER 16, 2019

Cybercrime forums have been abuzz this week over news that BriansClub — one of the underground’s largest shops for stolen credit and debit cards — has been hacked, and its inventory of 26 million cards shared with security contacts in the banking industry. Now it appears this brazen heist may have been the result of one of BriansClub’s longtime competitors trying to knock out a rival.

Sales 114

Sales Marketing IT Security 114

Data Breach Today

OCTOBER 14, 2019

Sophos Board Will 'Unanimously Recommend' Deal to Shareholders Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.

Sales 183

Sales Cybersecurity Security 183

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

AIIM

OCTOBER 15, 2019

Connecting with peers in your industry can be one of the most valuable uses of your time in terms of return – both on a business and personal level. It’s a great way to keep up-to-date on industry news and trends, thought-leadership, and special events. But, it’s also a great way to share knowledge, help or be helped with a project, and make new friends.

Libraries 80

Libraries Records Management Access IT 80

Security Affairs

OCTOBER 15, 2019

Experts discovered a security policy bypass issue in the Sudo utility that is installed as a command on almost every Linux and Unix system. The Sudo utility that is installed as a command on almost every Linux and Unix system is affected by a security policy bypass issue tracked as CVE-2019-14287. The vulnerability could be exploited by an ill-intentioned user or a malicious program to execute arbitrary commands as root on a targeted Linux system, even if the “ sudoers configuration”

Passwords 99

Passwords Authentication Access Security 99

IT Governance

OCTOBER 17, 2019

When organisations are seeking ISO 27001 compliance, they rely on auditors to give them good advice. Most of the time they’ll do just that – it’s what they’re paid to do. But as with any profession, some auditors are better than others. How can you tell if your auditor isn’t to be trusted? Keep an eye out for these seven mistakes: 1. They impose their opinions without facts.

Compliance 89

Compliance Government GDPR IT 89

Data Breach Today

OCTOBER 16, 2019

GlobeImposter 2.0 and Sodinokibi Strikes Also Common, Researchers Find Ransomware is once again the most common illicit profit-making tool in online attackers' arsenal, police warn. Security firm Emsisoft says the most-seen strains in recent months include STOP, Dharma.cezar, Phobos, GlobeImposter 2.0 and Sodinokibi. Less widely seen Ryuk also continues to generate big profits.

Ransomware 178

Ransomware Security 178

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Schneier on Security

OCTOBER 14, 2019

This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It's interesting work, but I don't want overstate the risk. We know from Shor's Algorithm that both factoring and discrete logs are easy to solve on a large, working quantum computer. Both of those are currently beyond our technological abilities.

Paper 88

Paper Risk IT 88

Dark Reading

OCTOBER 18, 2019

Glitching (or fault-injection) attacks aren't easy (yet). But get ready, because as the IoT grows, these attacks will be a big reason that hardware security should be part of your cybersecurity planning.

IoT 87

IoT Security Cybersecurity 87

Security Affairs

OCTOBER 13, 2019

Confiant researchers have discovered a new Mac malware dubbed Tarmac distributed via malvertising campaigns in the US, Italy, and Japan. Security experts at Confiant have discovered a new Mac malware dubbed Tarmac that is distributed via malvertising campaigns in the US, Italy, and Japan. “Malicious ads redirect victims to sites showing popups peddling software updates, mainly Adobe Flash Player updates, that once executed will install first install the OSX/ Shlayer MacOS malware , which t

Encryption 80

Encryption Security IT Information Security 80

Data Breach Today

OCTOBER 17, 2019

What Steps Should Entities Take to Battle Back? Data breaches involving phishing and related email compromises persist as a top challenge for healthcare providers. So, what are some of the top trends emerging from these incidents?

Data breaches 170

Data breaches Phishing 170

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Schneier on Security

OCTOBER 15, 2019

Lots of them weren't very good : BSD co-inventor Dennis Ritchie, for instance, used "dmac" (his middle name was MacAlistair); Stephen R. Bourne, creator of the Bourne shell command line interpreter, chose "bourne"; Eric Schmidt, an early developer of Unix software and now the executive chairman of Google parent company Alphabet, relied on "wendy!!!" (the name of his wife); and Stuart Feldman, author of Unix automation tool make and the first Fortran compiler, used "axolotl" (the name of a Mexica

Passwords 85

Passwords 85

IT Governance

OCTOBER 16, 2019

Risk assessments are at the core of any organisation’s ISO 27001 compliance project. They are essential for ensuring that your ISMS (information security management system) – which is the end-result of implementing the Standard – is relevant to your organisation’s needs. What is an information security risk assessment? An information security risk assessment is the process of identifying, resolving and preventing security problems.

Risk 78

Risk Information Security Paper Compliance 78

Data Matters

OCTOBER 16, 2019

On October 11, 2019, the leaders of the U.S. Commodity Futures Trading Commission (CFTC), the Financial Crimes Enforcement Network (FinCEN) and the U.S. Securities and Exchange Commission (SEC) (together, the Agencies) issued a joint statement highlighting the application of anti-money laundering and countering the financing of terrorism (AML/CFT) obligations under the Bank Secrecy Act (BSA) to persons engaged in activities involving digital assets (Joint Statement).

Compliance 68

Compliance Marketing Privacy Security 68

Data Breach Today

OCTOBER 16, 2019

Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S. and Europe in an attempt to steal intellectual property, according to the security firm Proofpoint.

Phishing 174

Phishing Government Security IT 174

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. Security experts at ESET revealed that Winnti Group continues to update its arsenal, they observed that the China-linked APT group using a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer.

Manufacturing 77

Manufacturing Paper Communications IT 77

Micro Focus

OCTOBER 14, 2019

There are few more unifying things in life than Lego. Whether your kids play with it, or you enjoyed it in your own childhood, everyone likes these plastic bricks (unless you stand on one). There’s brand synergy here, too. We are, of course, committed to bringing digital transformation to our customers’ hybrid IT infrastructures. Seriously. View Article.

Digital transformation 76

Digital transformation IT 76

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. The Regulation comprises a list of rules which seek to ensure the safety of children’s personal data and promote a healthy upbringing for children.

Personal data 68

Personal data Privacy Compliance Cybersecurity 68

Data Breach Today

OCTOBER 17, 2019

Payment Card and Passport Data Are Most Sought-After Commodities, Report Finds The prices for specific types of cybercriminal tools on darknet sites continue to rise, according to a recent analysis by security firm Flashpoint. Payment card and passport data remain the most sought-after commodities on these forums, research shows.

Security 162

Security 162

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Security Affairs

OCTOBER 15, 2019

Click2Mail.com, a US Postal Service affiliate partner, has suffered a data breach that exposed the personal information of its users. The US Postal Service affiliate partner Click2Mail has suffered a data breach that exposed the personal information of its users. The company allows its users to professionally print letters, flyers or postcards and deliver them in a business day at low prices.

Data breaches 76

Data breaches Communications Security IT 76

Dark Reading

OCTOBER 14, 2019

Beijing likely saved a lot of time and billions of dollars by copying components for its C919 plane from others, a new report from CrowdStrike says.

IT 83

IT 83

Collibra

OCTOBER 15, 2019

Last month saw the introduction of Automatic Data Classification, a new machine learning (ML) powered feature in Collibra Catalog. This new feature increases the productivity of data stewards by automatically classifying data that is onboarded into our catalog. At Collibra, we believe that machine learning algorithms offer significant potential to enhance our products and improve our customers’ productivity.

Computer and Electronics 74

Computer and Electronics Metadata GDPR Communications 74