Sat.Jan 12, 2019 - Fri.Jan 18, 2019

article thumbnail

Government Shutdown Leaves Americans More Vulnerable to Identity Theft, Scams

Adam Levin

U.S. citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown. The two primary websites created by the government as resources for victims of identity theft, IdentityTheft.gov and FTC.gov/complaint , are currently offline as part of the partial shutdown of the Federal Trade Commission. This effectively leaves victims unable to file reports or get documentation of their stolen identities, which is typically a first step for mitigating

article thumbnail

Ransomware Claims to Fund Child Cancer Treatments

Data Breach Today

Separately, Texas City's Operations Disrupted by Crypto-Locking Ransomware Ransomware attacks continue, with the city of Del Rio, Texas, saying its operations have been disrupted by crypto-locking malware. Meanwhile, CryptoMix ransomware urges victims to pay ransoms, claiming it will fund treatments for seriously ill children, while GandCrab gets distributed via malvertising attacks.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Q&A: Here’s why robust ‘privileged access management’ has never been more vital

The Last Watchdog

Malicious intruders have long recognized that getting their hands on privileged credentials equates to possessing the keys to the kingdom. This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. Related: California enacts pioneering privacy law.

Access 122
article thumbnail

Start Your Information Journey With A Step Backwards

Weissman's World

You say you’re tired of not being able to find the information you’re looking for. You say you’re concerned the information you do find is reliable. You say you’re worried about security breaches. And you say you’re ready to do something about it. So I say it’s time you go ahead and take your first […]. The post Start Your Information Journey With A Step Backwards appeared first on Holly Group.

Security 149
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

For Digital Transformation, You Need Content AI

AIIM

Digital transformation means reworking business processes to take maximum advantage of data and digital content. Better, faster, and cheaper content management is one goal, but the real payoff is in automating routine tasks including customer interactions. More data and process improvement will, in turn, allow us to do more with our content, to reach new audiences and boost satisfaction and profitability, however you measure it.

More Trending

article thumbnail

Facebook's '10 Year Challenge' Is Just a Harmless Meme—Right?

WIRED Threat Level

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

article thumbnail

Rapid7 announced the release of Metasploit 5.0

Security Affairs

Rapid7 announced the release of Metasploit 5.0, the latest version of the popular penetration testing framework that promises to be very easy to use. Rapid7 announced the release of Metasploit 5.0 , the new version includes several new important features and, the company believes it will easier to use and more powerful. Most important changes introduced in the Metasploit 5.0 include new database and automation APIs, evasion modules and libraries, language support, improved performance.

Libraries 110
article thumbnail

Fact or Fiction: The 3 Biggest Misconceptions About Artificial Intelligence

AIIM

While Artificial Intelligence (AI) has the potential to be a very powerful tool in information management, the topic is so wrapped up in hyperbole and confusion that it can be challenging to cut through all the noise, causing many to fear the complexity of AI. As you may know, AIIM recently launched a new training course titled Practical AI for the Information Professional.

article thumbnail

Airline Booking System Exposed Passenger Details

Data Breach Today

Vulnerability Highlights Poor Security Controls for Passenger Name Records Airline booking system provider Amadeus - whose system is used by 500 airlines - is investigating a software vulnerability that exposed passenger name records, which is the bundle of personal and travel data that gets collected when booking a flight.

Security 256
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

French DPA Publishes Updated Data Protection Impact Assessment Guidance

Data Matters

Under Article 35(3) of the EU General Data Protection Regulation (GDPR), organisations are required to conduct a data protection impact assessment (DPIA) where they: (i) engage in a systematic and extensive evaluation of personal aspects of individuals, based on automated processing, and on which decisions are based that produce legal or other effects that concern the individual, or (ii) process special categories of personal data (e.g. health data) on a large scale or personal data relating to

GDPR 90
article thumbnail

Hacktivist Martin Gottesfeld 10 years in prison for hospital cyberattack

Security Affairs

The American hacktivist Martin Gottesfeld (34) has been sentenced to 10 years in prison for carrying out DDoS attacks against two healthcare organizations in the US in 2014. The alleged Anonymous member, Martin Gottesfeld, was accused of launching DDoS attacks against the two US healthcare organizations in 2014, the Boston Children’s Hospital and the Wayside Youth and Family Support Network.

IT 105
article thumbnail

[Podcast] Preparing for a Lean, Mean, 2019

AIIM

The beginning of the year new year is always such an inspiring time – it’s the time of year that many of us begin to reflect on the previous year, take note of potential areas for growth and opportunity, celebrate our accomplishments, and ultimately shape a plan for continued success in the new year. This exercise is often done both on a personal level in our daily lives as well as with our employers in our business lives.

ECM 80
article thumbnail

UK Sentences Man for Mirai DDoS Attacks Against Liberia

Data Breach Today

Daniel Kaye Was Paid to Disrupt Liberia's Largest Telecommunications Firm A U.K. court has sentenced Daniel Kaye, 30, after he admitted launching DDoS attacks against Liberia's largest telecommunications company in 2015 and 2016. A rival internet services provider paid Kaye $100,000 to launch the attacks.

234
234
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Revolut’s clumsy automated bank compliance results in frozen accounts and lack of customer service

Collaboration 2.0

The hand off of perceived account irregularities from Revolut’s AI driven compliance systems and algorithms to their support and partners is when the account freeze ups appear to start, and customers are suffering

article thumbnail

Z-WASP attack: hackers used Zero-Width spaces to bypass Office 365 protections

Security Affairs

Z-WASP attack: Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver malicious messages to recipients. Microsoft recently fixed a vulnerability in Office 365 that was exploited by attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes.

article thumbnail

Dutch DPA Investigates the Data Processing Agreements of 30 Organizations

Hunton Privacy

On January 16, 2019, the Dutch Data Protection Authority, the Autoriteit Persoonsgegevens (the “Dutch DPA”), announced that it had requested 30 private organizations provide information about the agreements they have with other entities that process personal data on their behalf. The Dutch DPA indicated that the targeted organizations are mainly in energy, media and trade sectors.

GDPR 86
article thumbnail

Data Breach Collection Contains 773 Million Unique Emails

Data Breach Today

2.7 Billion Email/Password Combo List Available for Credential Stuffing, Troy Hunt Warns Australian security expert Troy Hunt says an 87 GB compilation of username and password combinations - drawn from more than 2,000 databases - includes 773 million unique email addresses for apparent use in credential-stuffing attacks. Takeaway: Use a unique password for every site, or else.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Encryption trends and predictions over 50 years

Thales Cloud Protection & Licensing

Modern encryption can trace its root back to before WWII when Alan Turing built a modern computer in order to break the Enigma. Much has changed since then but the core goals remain the same: limit who has access to certain information and prove the authenticity of who sent a message. 25 years of evolution and coming into the mainstream. The last 25 years has primarily been evolutionary with advances in symmetric and asymmetric cryptography focused on increasing key sizes and developing newer an

article thumbnail

Fallout Exploit Kit now includes exploit for CVE-2018-15982 Flash zero-day

Security Affairs

Experts at Malwarebytes have reported that the code for the recently discovered Flash zero-day flaw was added to the Fallout Exploit kit. Experts at Malwarebytes observed a new version of the Fallout Exploit kit that include the code to exploit a recently discovered Flash zero-day vulnerability. The Fallout Exploit kit was discovered at the end of August by the threat analyst nao_sec , at the time it was used to distribute the GandCrab ransomware and other malicious codes, including droppers and

article thumbnail

Prices for Zero-Day Exploits Are Rising

Schneier on Security

Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would pay up to $2 million for zero-click jailbreaks of Apple's iOS, $1.5 million for one-click iOS jailbreaks, and $1 million for exploits that take over secure messaging apps WhatsApp and iMessage.

article thumbnail

Your Garage Opener Is More Secure Than Industrial Remotes

Data Breach Today

Trend Micro Says It Moved Cranes Using RF Software Flaws Radio controllers used in the construction, mining and shipping industries are dangerously vulnerable to hackers, Trend Micro says in a new report. To address the issue, manufacturers need to move away from proprietary communication protocols and embrace secure standards, such as Bluetooth Low Energy.

Mining 217
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

GDPR Suit Filed Against Amazon, Apple

Dark Reading

An Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation.

GDPR 80
article thumbnail

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

Proofpoint analyzed two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. The ServHelper is a backdoor, experts analyzed two variants of it, while FlawedGrace is a remote access trojan (RAT). “In November 2018, TA505 , a prolific actor tha

IT 92
article thumbnail

Top five questions for Chief Data Officers in 2019

IBM Big Data Hub

It’s that time of the year to step back, evaluate what worked, what did not, and what to do differently to make things better personally and professionally. The same applies to businesses.

81
article thumbnail

Emotet Malware Returns to Work After Holiday Break

Data Breach Today

Fallout Exploit Kit Has Also Reappeared, Distributing GandCrab Ransomware Cybercrime outfits appeared to take a vacation around the December holidays. But attacks involving Emotet, Hancitor and Trickbot have resurged following their December slowdown, as has the Fallout exploit kit, lately serving GandCrab ransomware.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Collection #1 Mega Breach Leaks 773 Million Email Accounts

Adam Levin

A gigantic trove of email addresses and passwords containing over 2 billion records has been discovered online. The breached data, dubbed “Collection #1” by cybersecurity expert Troy Hunt , is more than 87 gigabytes and contains roughly 773 million email address and 21 million unique passwords. Hunt found an archive of the data on MEGA, a file-sharing site and has been featured on at least one hacking forum.

article thumbnail

Unsecured MongoDB archive exposed 202 Million private resumes

Security Affairs

Security expert discovered an unprotected MongoDB archive that has exposed personal and professional details of more than 202 million people. Security expert Bob Diachenko discovered an unprotected MongoDB archive that has exposed personal and professional details of more than 202 million people. The huge trove of data belongs to job seekers in China, its records include personal information of individuals like names, height, weight, email IDs, marriage status, political leanings, skills and wor

article thumbnail

El Chapo's Encryption Defeated by Turning His IT Consultant

Schneier on Security

Impressive police work : In a daring move that placed his life in danger, the I.T. consultant eventually gave the F.B.I. his system's secret encryption keys in 2011 after he had moved the network's servers from Canada to the Netherlands during what he told the cartel's leaders was a routine upgrade. A Dutch article says that it's a BlackBerry system.