IT Governance

SEPTEMBER 19, 2018

If you’re among the seemingly small number of organisations that hasn’t yet suffered a data breach, you should be preparing for the inevitable. You can’t count on your cyber security defences to continue repelling attacks, because even the most secure systems contain vulnerabilities. Criminals are constantly looking for new opportunities, and it’s only a matter of time before they exploit even the smallest crack in your organisation.

Data breaches 100

Data breaches Personal data Security Government 100

Thales Cloud Protection & Licensing

SEPTEMBER 20, 2018

Now in its 13 th year, our Global Encryption Trends Study that is performed by the Ponemon Institute reveals interesting findings that span a dozen different geographies. This year, we found that multi-cloud use as well as compliance requirements have encouraged organizations around the globe to embrace a more extensive encryption strategy. Our study also found that these two key drivers along with protection of information against specific, identified threats are ushering in a new era of encryp

Encryption 70

Encryption Cloud Compliance Security 70

The Last Watchdog

SEPTEMBER 18, 2018

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.”. One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. Related video: Why it’s high time to protect unstructured data. Ironically, many victimized companies are paying hefty ransoms to decrypt unstructured data that may not be all that sensitive or mission critical.

Unstructured data 158

Unstructured data Ransomware Mining Encryption 158

Krebs on Security

SEPTEMBER 21, 2018

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you’ve been holding out because you’re not particularly worried about ID theft, here’s another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable reven

Insurance 277

Insurance Marketing Military Security 277

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

SEPTEMBER 20, 2018

'Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.

Privacy 262

Privacy Data breaches GDPR Security 262

The Last Watchdog

SEPTEMBER 21, 2018

For many start-ups, DevOps has proven to be a magical formula for increasing business velocity. Speed and agility is the name of the game — especially for Software as a Service (SaaS) companies. Related: How DevOps enabled the hacking of Uber. DevOps is a process designed to foster intensive collaboration between software developers and the IT operations team, two disciplines that traditionally have functioned as isolated silos with the technology department.

Cloud 152

Cloud Security Mining Financial Services 152

Krebs on Security

SEPTEMBER 17, 2018

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Government 235

Government Access Encryption Passwords 235

Data Breach Today

SEPTEMBER 17, 2018

Luckily, Firm Was Only Infected With Cryptocurrency-Mining Malware Attack code known as EternalBlue, designed to exploit a Windows SMB flaw, continues to work for attackers despite Microsoft having issued patches more than a year ago. One major U.S. business was reportedly a recent victim, as part of a cryptocurrency-mining malware campaign.

Mining 232

Mining 232

TAB OnRecord

SEPTEMBER 19, 2018

Could you be using you space more effectively? Are you spending too much on storage? Is your storage enhancing your workflow? Is it designed to enhance retrieval time and speed information access? With filing systems taking up 20 percent of office space on average, the volume of paper records increasing every year, and the cost of real estate square footage rising almost everywhere, these are questions records and facilities managers need to be asking themselves.

Records Management 92

Records Management Paper Access IT 92

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

SEPTEMBER 18, 2018

According to Avira, hundreds of thousands of unpatched Windows systems are serially infected with EternalBlue exploit code. The EternalBlue , is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack. The malicious code was leaked online by the Shadow Brokers hacking group that stole it from the arsenal of the NSA-linked Equation Group.

Ransomware 100

Ransomware Security IT 100

Krebs on Security

SEPTEMBER 19, 2018

Citing “extraordinary cooperation” with the government, a court in Alaska on Tuesday sentenced three men to probation, community service and fines for their admitted roles in authoring and using “ Mirai ,” a potent malware strain used in countless attacks designed to knock Web sites offline — including an enormously powerful attack in 2016 that sidelined this Web site for nearly four days.

IoT 184

IoT Government Cybersecurity Security 184

Data Breach Today

SEPTEMBER 20, 2018

E-Commerce Site Investigates Malware Attack and Payment Card Data Theft Online retailer Newegg is investigating a malware attack that may have stolen customers' payment card details for more than a month. Security firms have traced the heist to Magecart, a loose affiliation of cybercrime gangs also tied to payment card data breaches at British Airways and Ticketmaster.

Retail 232

Retail Data breaches Security 232

IT Governance

SEPTEMBER 21, 2018

An InsuranceBee survey released this week revealed the extent to which SMEs (small and medium-sized enterprises) are unprepared for cyber attacks. The average cost for a SME to recover from a cyber attack is about £90,000, but 83% of the survey’s respondents said they didn’t have any money reserved to recover from a data breach, and a quarter were unaware that it would cost money to put things right.

Data breaches 99

Data breaches Risk Security IT 99

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

John Battelle's Searchblog

SEPTEMBER 19, 2018

So far, it’s mostly s**t. Seven or so years ago, a famous VC penned a manifesto of sorts. Writing at a time the world was still skeptical of the dominance to which his industry has now ascended (to think, such a time existed, and so few years ago!), Marc Andreessen had a message for the doubters, the naysayers, and the Wall St. analysts who were (credibly!

Marketing 92

Marketing IT 92

Security Affairs

SEPTEMBER 16, 2018

The Bristol Airport was hit by a cyber attack that caused problems with operations, flight display screens were taken offline for two days. The Bristol Airport was hit by a ransomware-based attack that caused problems to the flight display screens for two entire days. The news reported by the BBC and was confirmed by an airport spokesman that explained that the information screens were taken offline early on Friday in response to a “ransomware” based attack. “Bristol Airport ha

Ransomware 91

Ransomware Risk Security IT 91

Data Breach Today

SEPTEMBER 17, 2018

Two Syrians Accused of Buying Stolen Corporate Card Data to Mask Activities Coordinated police raids in Germany and Sweden have resulted in the arrest of two Syrian nationals suspected of running a cyber fraud operation that purchased stolen card data to book hundreds of airline and train tickets to help smuggle people from the Middle East into Europe.

223

223

IT Governance

SEPTEMBER 19, 2018

Organisations usually spend most of their security budget on technologies intended to keep cyber criminals out of their systems, but this overlooks their biggest vulnerability: human error. More often than not, data breaches are caused by – or directly linked to – an organisation’s employees. Studies repeatedly show that an organisation is more likely to be breached from an employee misplacing, stealing or being tricked into handing over sensitive information than from a criminal breaking into i

Security 92

Security Security awareness Information Security Data Privacy 92

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Schneier on Security

SEPTEMBER 21, 2018

NIST has released a new study concluding that the AES encryption standard has resulted in a $250 billion world-wide economic benefit over the past twenty years. I have no idea how to even begin to assess the quality of the study and its conclusions -- it's all in the 150-page report, though -- but I do like the pretty block diagram of AES on the report's cover.

Encryption 91

Encryption IT 91

Dark Reading

SEPTEMBER 21, 2018

How Park Jin Hyok - charged by the US government for alleged computer crimes for the Sony, Bank of Bangladesh, WannaCry cyberattacks - inadvertently blew his cover via email accounts.

Government 90

Government 90

Data Breach Today

SEPTEMBER 21, 2018

Payment Card Theft, Ransomware Facilitated by Cybercrime-as-a-Service Offerings One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.

Marketing 222

Marketing Access Ransomware 222

IT Governance

SEPTEMBER 17, 2018

New research from KPMG has found that 39% of UK CEOs “believe that becoming a victim of a cyber attack is now a case of ‘when’ and not ‘if’ for their organisation.” This is in contrast to CEOs from abroad, 49% of whom could envision a cyber attack against their organisation. Other key findings included the increasing awareness of cyber security. 39% of UK CEOs believe that their organisations are ‘well’ or ‘very well’ prepared for future cyber attacks.

Risk 91

Risk Security awareness Security IT 91

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Schneier on Security

SEPTEMBER 20, 2018

Of course the ESS ExpressVote voting computer will have lots of security vulnerabilities. It's a computer, and computers have lots of vulnerabilities. This particular vulnerability is particularly interesting because it's the result of a security mistake in the design process. Someone didn't think the security through, and the result is a voter-verifiable paper audit trail that doesn't provide the security it promises.

Computer and Electronics 90

Computer and Electronics Paper Security Privacy 90

Dark Reading

SEPTEMBER 20, 2018

Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.

Cybersecurity 103

Cybersecurity Security 103

Data Breach Today

SEPTEMBER 17, 2018

Kelihos Bot Herder Offered Bargain Spam Campaign Pricing More evidence that running cybercrime schemes remains inexpensive and accessible to anyone with criminal intent: To send spam emails, admitted botnet herder Peter Levashov quoted customers $500 for 1 million emails. And that was just his 2016 pricing.

Access 220

Access 220

Security Affairs

SEPTEMBER 20, 2018

Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers. Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). Everybody knows Monero cryptocurrency and probably everybody knows that it has built upon privacy, by meaning It’s not that simple to figure out Monero wallet balance.

Computer and Electronics 89

Computer and Electronics Mining IoT Security 89

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Schneier on Security

SEPTEMBER 17, 2018

A 2006 document from the Snowden archives outlines successful NSA operations against "a number of "high potential" virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems.". It's hard to believe that many of the Snowden documents are now more than a decade old.

Military 90

Military Archiving IT 90

WIRED Threat Level

SEPTEMBER 19, 2018

The California Farm Bureau has given away the right of farmers to fix their equipment without going through a dealer.

Security 110

Security 110

Data Breach Today

SEPTEMBER 21, 2018

Ransomware Crypto-Locked via Domain Controller, Complicating Restoration Scotland's Arran Brewery fell victim to a Dharma Bip ransomware attack that infected its Windows domain controller and crypto-locked files and local backups, leading to the loss of three months' worth of sales data. The brewery refused to pay the attackers' two bitcoin ransom demand.

Ransomware 193

Ransomware Sales IT 193