The Last Watchdog

SEPTEMBER 19, 2019

151

151

Dark Reading

SEPTEMBER 18, 2019

Social engineering is as old as mankind. But its techniques have evolved with time. Here are the latest tricks criminals are using to dupe end users.

IT 88

IT 88

Data Matters

SEPTEMBER 19, 2019

For years, companies seeking to block web scrapers from collecting the information on their website would invoke the Computer Fraud and Abuse Act (CFAA), a U.S. law that criminalizes accessing a computer “without authorization.” But the U.S. Court of Appeals for the Ninth Circuit has now ruled that merely instructing scrapers that they are not welcome on a public website, either through a restrictive terms of use or a cease-and-desist letter, is probably not enough to render their access “unauth

Access 68

Access Analytics Authentication Passwords 68

Thales Cloud Protection & Licensing

SEPTEMBER 19, 2019

Data is the most valuable online currency a consumer possesses. Yet most people don’t trust the companies they’re sharing data with, according to a new market trends study published by Gartner. In fact, 75% of consumers worry their online accounts may be hacked and the vast majority also believe companies are using or sharing their data without even telling them, according to the study.

Security 96

Security Personal data Encryption Data breaches 96

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Troy Hunt

SEPTEMBER 17, 2019

Allow me to be controversial for a moment: arbitrary password restrictions on banks such as short max lengths and disallowed characters don't matter. Also, allow me to argue with myself for a moment: banks shouldn't have these restrictions in place anyway. I want to put forward cases for both arguments here because seeing both sides is important. I want to help shed some light on why this practice happens and argue pragmatically both for and against.

Passwords 95

Passwords Authentication Security IT 95

Krebs on Security

SEPTEMBER 18, 2019

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these old fashioned “advance fee” or “419” scams predate email and have circulated via postal mail in various forms and countries over the years.

Phishing 192

Phishing Access IT 192

AIIM

SEPTEMBER 16, 2019

It's become trite to note the speed at which technology changes, and that the speed of those changes continues to increase. But just because it's trite doesn't mean it's not true. This means that, for records managers to continue to remain relevant, we need to ensure that we are on top of new developments in records and information management that will significantly impact our organizations.

Records Management 135

Records Management Blockchain Artificial Intelligence Information governance 135

Data Matters

SEPTEMBER 18, 2019

Under the revised Payment Services Directive (2015/2366) (PSD2), the European Banking Authority (EBA) and the European Commission were required to develop and adopt regulatory technical standards on strong customer authentication and common and secure open standards of communication. These regulatory technical standards were passed into EU law as Commission Delegated Regulation (EU) 2018/389 (the RTS), which entered into effect on September 14, 2019.

Authentication 102

Authentication e-Delivery Risk Sales 102

Data Breach Today

SEPTEMBER 16, 2019

Intelligence Community May Be Incubating Snowden 2.0, Former NSA Employee Warns Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.

Big data 237

Big data 237

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

erwin

SEPTEMBER 19, 2019

Data governance isn’t a one-off project with a defined endpoint. It’s an on-going initiative that requires active engagement from executives and business leaders. Data governance, today, comes back to the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security.

Government 108

Government Risk Compliance Communications 108

AIIM

SEPTEMBER 18, 2019

On this episode of the AIIM on Air Podcast , your host Kevin Craine dives into the world of Intelligent Information Management in the Utilities Industry continuing the series of “I Am AIIM” member interviews. Kevin chats with two AIIM members from the Utilities Industry – Joanna Hammerschmidt , an Information Management Coordinator at a public water utility in Kansas City and John Daly , an Information Governance Manager for the Metropolitan St Louis Sewer District.

Libraries 89

Libraries Information governance Government Access 89

Thales Cloud Protection & Licensing

SEPTEMBER 17, 2019

As government agencies get back to work after summer barbeques, family vacations and once-in-a-lifetime getaways, the focus is on the priorities for the rest of 2019. Cybersecurity remains one of the top concerns and priorities for our government. The focus on the rest of 2019 and looking ahead to 2020 was very clear when I attended two recent industry events.

IoT 101

IoT Government Cloud Encryption 101

Data Breach Today

SEPTEMBER 17, 2019

New Surge in Activity Spotted After Four-Month Absence Emotet, one of the most powerful malware-spreading botnets, is active again after a four-month absence, according to several security researchers who noticed a surge in activity primarily against U.S., U.K. and German targets starting on Monday.

Security 231

Security 231

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

SEPTEMBER 17, 2019

Tens of millions of records belonging to passengers of two airline companies owned by Lion Air have been exposed and exchanged on forums. Data belonging to passengers of two airline companies owned by Lion Air have been exposed and exchanged on forums. The information was left exposed online on an unsecured Amazon bucket, the records were stored in two databases in a directory containing backup files mostly for Malindo Air and Thai Lion Air.

Security 93

Security IT Data breaches 93

IT Governance

SEPTEMBER 17, 2019

We have good news for those looking for help complying with the GDPR (General Data Protection Regulation) : new guidance has been released on how to create effective data privacy controls. ISO 27701 explains what organisations must do to when implementing a PIMS (privacy information management system). The advice essentially bolts privacy processing controls onto ISO 27001 , the international standard for information security, and provides a framework to establish the best practices required by

Data Privacy 92

Data Privacy GDPR Compliance Privacy 92

Schneier on Security

SEPTEMBER 16, 2019

Not that serious, but interesting : In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU's last-level cache, rather than following the standard (and significantly longer) path through the server's main memory. By avoiding system memory, Intel's DDIO­short for Data-Direct I/O­increased input/output bandwidth and reduced latency and power consumption.

Cloud 90

Cloud Access Security IT 90

Data Breach Today

SEPTEMBER 20, 2019

Vulnerability in Click2Gov Software Has Been Patched, Vendor Says Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 payment card records have turned up in underground markets, says Gemini Advisory.

Marketing 222

Marketing 222

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Security Affairs

SEPTEMBER 16, 2019

A flaw in LastPass password manager leaks credentials from previous site. An expert discovered a flaw in the LastPass password manager that exposes login credentials entered on a site previously visited by a user. Tavis Ormandy, the popular white-hat hacker at Google Project Zero, has discovered a vulnerability in the LastPass password manager that exposes login credentials entered on a site previously visited by a user.

Passwords 93

Passwords Security IT Information Security 93

Dark Reading

SEPTEMBER 19, 2019

The breach, which reportedly exposed data on millions of passengers, is one of many that have resulted from organizations leaving data publicly accessible in cloud storage buckets.

Cloud 86

Cloud Access 86

PerezBox

SEPTEMBER 16, 2019

In September of 2019 Mozilla will begin releasing DNS over HTTPS (DOH) in Firefox via their Trusted Recursive Resolver (TRR) program. A primer on DNS Security. The change is based. Read More. The post Mozilla Introduces Mechanism to Hijack all DNS Traffic in the Name of Privacy appeared first on PerezBox.

Privacy 87

Privacy Security Information Security 87

Data Breach Today

SEPTEMBER 16, 2019

Commission Finds That Phillip Capital Made Series of Missteps The U.S. Commodity Futures Trading Commission has hit Philips Capital Inc., a Chicago-based brokerage firm, with a $500,000 penalty for security missteps before and after a 2018 data breach, which resulted in the theft of $1 million from client accounts.

Data breaches 206

Data breaches Security 206

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

SEPTEMBER 15, 2019

Facebook addressed a vulnerability in Instagram that could have allowed attackers to access private user information. The security researcher @ZHacker13 discovered a flaw in Instagram that allowed an attacker to access account information, including user phone number and real name. ZHacker13 discovered the vulnerability in August and reported the issue to Facebook that asked for additional time to address the issue.

Access 92

Access Security IT Information Security 92

WIRED Threat Level

SEPTEMBER 16, 2019

In a new memoir and interview, the world’s most famous whistle-blower elucidates as never before why he stood up to mass surveillance—and his love for an internet that no longer exists.

Security 87

Security 87

Jamf

SEPTEMBER 18, 2019

macOS Catalina introduces a new user-mode framework called Endpoint Security. See what it is and how it impacts you.

Security 108

Security IT 108

Data Breach Today

SEPTEMBER 17, 2019

Researchers: Unsecured Elasticsearch Database Included Bank Details, Personal Information An unsecured database owned by an Ecuadorian consulting company left over 20 million records on the South American country's citizens exposed to the internet, according to a report from two independent security researchers. An official investigation is underway.

Security 205

Security 205

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Security Affairs

SEPTEMBER 18, 2019

Researchers at Greenbone Networks vulnerability analysis and management company discovered 400 Million medical radiological images exposed online via unsecured PACS servers. The experts at Greenbone Networks vulnerability analysis and management company discovered 600 unprotected servers exposed online that contained medical radiological images. The research was conducted between mid-July 2019 and early September 2019.

Archiving 90

Archiving Communications Access Phishing 90

Dark Reading

SEPTEMBER 20, 2019

We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry

IoT 88

IoT 88

Jamf

SEPTEMBER 18, 2019

macOS Catalina introduces a new user-mode framework called Endpoint Security. See what it is and how it impacts you.

Security 108

Security IT 108