Imperial Violet
MAY 13, 2017
AEADs combine encryption and authentication in a way that provides the properties that people generally expect when they “encrypt” something. This is great because, historically, handing people a block cipher and a hash function has resulted in a lot of bad and broken constructions. Standardising AEADs avoids this. Common AEADs have a sharp edge though: you must never encrypt two different messages with the same key and nonce.
Getting Information Done
MAY 15, 2017
This past weekend the world was overwhelmed by the cyberattack that spread around the globe hitting businesses, hospitals, and government agencies in over 150 countries. The rapid spread of Ransomware based on WannaCry which exploits vulnerabilities in Microsoft’s Windows operating system has been characterized by Europol Director, Rob Wainwright, as “…something we haven’t seen before”.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Hunton Privacy
MAY 16, 2017
On May 12, 2017, a massive ransomware attack began affecting tens of thousands of computer systems in over 100 countries. The ransomware, known as “WannaCry,” leverages a Windows vulnerability and encrypts files on infected systems and demands payment for their release. If payment is not received within a specified time frame, the ransomware automatically deletes the files.
John Battelle's Searchblog
MAY 17, 2017
The post The Internet Big Five Is Now The World’s Big Five appeared first on John Battelle's Search Blog. Back in December of 2011, I wrote a piece I called “ The Internet Big Five ,” in which I noted what seemed a significant trend: Apple, Microsoft, Google, Amazon, and Facebook were becoming the most important companies not only in the technology world, but in the world at large.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Privacy and Cybersecurity Law
MAY 17, 2017
The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. […].
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Hunton Privacy
MAY 16, 2017
On May 5, 2017, the U.S. District Court for the Southern District of New York entered a default judgment in favor of the SEC against three Chinese defendants accused of hacking into the nonpublic networks of two New York-headquartered law firms and stealing confidential information regarding several publicly traded companies engaged in mergers and acquisitions.
The Schedule
MAY 19, 2017
Her is our second post in the Resourceful Records Managers series! If you are interested in sharing your journey as a Records Manager please contact me at jgd1(at)williams(dot)edu. Name: . Fred Grevin. Institution and Job Title: . New York City Economic Development Corporation (NYCEDC). Vice-President, Records Management. 1. What led you to choose your current career in Records Management?
Privacy and Cybersecurity Law
MAY 17, 2017
The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. The purpose of the workshop is to discuss issues related to its widely used Cybersecurity Framework. Sessions at the workshop are being livestreamed , and are exploring the extraterritorial application of the NIST framework, sector-specific requirements, and uses for small businesses.
Managing Your Information
MAY 18, 2017
I’m not sure any information management blog would be complete without comment on the recent news. There have been two stories that caught my eye. The first, I am sure, almost goes without saying and relates to the malware attack and importance of cyber security. The second was less prominent although still relating to the on-line environment and looks at the right to be forgotten introduced by the General Data Protection Regulations (GDPR).
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Hunton Privacy
MAY 17, 2017
On May 10, 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced a $2.4 million civil monetary penalty against Memorial Hermann Health System (“MHHS”) for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule. . The penalty followed an OCR compliance review of MHHS based on multiple media reports suggesting that MHHS had disclosed a patient’s protected health information (“PHI”) without authorizati
The Schedule
MAY 18, 2017
Several weeks ago the University Archivist and I conducted our bi-annual University Archives and Records Management training session, part of our Office of Human Resources Faculty and Staff Development Program. This got me thinking about the various strategies, methods, and approaches records managers employ when conducting training and outreach. I reached out to my peers via SAA’s records management and ARMA’s EDU listservs to get a sense of just that, and hopefully learn some new tips and tric
Privacy and Cybersecurity Law
MAY 19, 2017
On May 15, 2017, the US Government Accountability Office (GAO) released a new report entitled “Internet of Things: Status and implications of an […].
Scary Beasts Security
MAY 19, 2017
Overview *bleed attacks are hot right now. Most notably, there's been Heartbleed and Cloudbleed. In both cases, out-of-bounds reads in server side code resulted in private server memory content being returned to clients. This leaked sensitive secrets from the server process' memory space, such as keys, tokens, cookies, etc. There was also a recent client-side bleed in Microsoft's image libraries , exposed through Internet Explorer.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Managing Your Information
MAY 18, 2017
I’m not sure any information management blog would be complete without comment on the recent news. There have been two stories that caught my eye. The first, I am sure, almost goes without saying and relates to the malware attack and importance of cyber security. The second was less prominent although still relating to the on-line environment and looks at the right to be forgotten introduced by the General Data Protection Regulations (GDPR).
Privacy and Cybersecurity Law
MAY 18, 2017
On May 17, 2017, the US Securities and Exchange Commission (SEC), through its National Exam Program, issued a “Risk Alert” […].
Scary Beasts Security
MAY 19, 2017
Overview In my previous post on Yahoobleed #1 (YB1) , we saw how an uninitialized memory vulnerability could lead to disclosure of private images belonging to other users. The resulting leaked memory bytes were subject to JPEG compression, which is not a problem for image theft, but is somewhat lacking if we wanted to steal memory content other than images.
Scary Beasts Security
MAY 17, 2017
Introduction Back in 2014, while at Project Zero, I exploited a buffer overflow of a single NUL byte in glibc. Tavis Ormandy had found the interesting glibc vulnerability but there was skepticism in the Linux community that this was exploitable. The only thing to do was to write an exploit. (Was this really 3 years ago? How time flies!) As part of warming up to write the exploit, I created a few sample test C files which explored different interesting glibc malloc() side effects after an off-by-
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Scary Beasts Security
MAY 15, 2017
Introduction Before we get into it, let's start by stating that the progression of memory corruption mitigations over the years has been intensely valuable. The progression of mitigations continues to make exploiting bugs harder and more time consuming. The pool of people who have both the skill and commitment to exploit any given bug (either reliably or at all) is shrinking.
Privacy and Cybersecurity Law
MAY 18, 2017
On May 17, 2017, the US Securities and Exchange Commission (SEC), through its National Exam Program, issued a “ Risk Alert ” to broker-dealers, investment advisers and investment firms to advise them about the recent “WannaCry” ransomware attack and to encourage increased cybersecurity preparedness. The purpose of the alert, according to the SEC, was to “highlight for firms the risks and issues that the staff has identified during examinations of broker-dealers, inv
Privacy and Cybersecurity Law
MAY 19, 2017
On May 15, 2017, the US Government Accountability Office (GAO) released a new report entitled “ Internet of Things: Status and implications of an increasingly connected world.” In the report, the GAO provides an introduction to the Internet of Things (IoT), describes what is known about current and emerging IoT technologies, and examines the implications of their use.
Expert insights. Personalized for you.
60 
Let's personalize your content