Sat.Sep 21, 2019 - Fri.Sep 27, 2019

article thumbnail

Why Clouds Keep Leaking Data

Dark Reading

Cloud 89
article thumbnail

It’s Google’s World. Your Business Is Just Living in It

Adam Levin

Fifty attorneys general announced earlier this month that Google is the target of an antitrust probe. Any business owner who has happened to find themselves stuck in the company’s orbit–that would be any company with a digital presence–won’t hesitate to tell you such a move is long overdue. Case in point: I just did a Google search for Basecamp, an online project management tool.

IT 46
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

AI Surveillance Tech Promises Safety, But at What Cost?

Data Breach Today

Security, Privacy, Data Protection and Liability Questions Remain Unanswered Artificial intelligence technologies that provide surveillance capabilities can have upsides as well as downsides. Unfortunately, as developers and governments rush to experiment, security, privacy, data protection and liability questions remain unanswered.

article thumbnail

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Reltio

Kate Tickner, Reltio. Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. Nicola’s powerful methodology breaks down the data governance initiative into logical steps to implement a framework that suits each unique client.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Identity-based Cryptography

Thales Cloud Protection & Licensing

Public key infrastructure (PKI) requires key distribution and has been long criticised for its usability issues [13,14,15]. In an experiment [15] conducted for analysing the usability of Mailvelop, a modern PGP tool rated 4.4 out of 5 stars on Chrome web store, 9 out of 10 pairs of participants failed to complete the assigned task of exchanging encrypted emails, i.e. 90% failure rate.

More Trending

article thumbnail

DoorDash Says 4.9 Million Records Breached

Data Breach Today

'Unusual Activity' By Third-Party Service Provider to Blame Food delivery startup DoorDash says 4.9 million customer, contractor and merchant records were breached after "unusual activity" by a third-party service provider. Even aside from the usual identification data, experts say certain, specific data - such as food allergies - could pose risks in the wrong hands.

Risk 262
article thumbnail

Benefits of Data Vault Automation

erwin

The benefits of Data Vault automation from the more abstract – like improving data integrity – to the tangible – such as clearly identifiable savings in cost and time. So Seriously … You Should Automate Your Data Vault. By Danny Sandwell. Data Vault is a methodology for architecting and managing data warehouses in complex data environments where new data types and structures are constantly introduced.

article thumbnail

7 Ways VPNs Can Turn from Ally to Threat

Dark Reading

VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.

article thumbnail

MY TAKE: ‘Perimeter-less’ computing requires cyber defenses to extend deeper, further forward

The Last Watchdog

Threat actors are opportunistic, well-funded, highly-motivated and endlessly clever. Therefore cybersecurity innovations must take hold both deeper inside and at the leading edges of modern business networks. Related: Lessons learned from Capitol One breach Most of the promising new technologies I’ve had the chance to preview this year validate this notion.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Emotet Botnet Now Using Snowden's Memoir as a Lure

Data Breach Today

Attackers Sending Emails Promising Copy of 'Permanent Record' A week after the Emotet botnet crept back to life, the attackers behind it are already trying a new way to ensnare victims - using Edward Snowden's newly released memoir as a phishing lure, according to the security firm Malwarebytes.

Phishing 246
article thumbnail

Retailers Face Many Challenges, Data Security Doesn’t Have to be One of the Them

Thales Cloud Protection & Licensing

Business is booming and data is flowing. Retailers and shoppers are leveraging and enjoying many benefits data sharing brings: loyalty programs, personalized experiences, easier product location and ordering, online shopping, mobile access and the list goes on. With a few clicks, even hard-to-find products make their way to a customer’s doorstep within hours.

Retail 88
article thumbnail

The State of Malware Analysis: Advice from the Trenches

Lenny Zeltser

What malware analysis approaches work well? Which don’t? How are the tools and methodologies evolving? The following discussion–captured as an MP3 audio file –offers friendly advice from 5 malware analysts. These are some of the practitioners who teach the reverse-engineering malware course (FOR610) at SANS Institute: Jim Clausing : Security Architect at AT&T and Internet Storm Center Handler (Panelist) Evan Dygert : Senior Security Engineer for Blue Cross Blue Shield Assoc

article thumbnail

NEW TECH: The march begins to make mobile app security more robust than legacy PC security

The Last Watchdog

Is mobile technology on a course to become more secure than traditional computing? Seven or eight years ago, that was a far-fetched notion. Today, the answer to that question is, “Yes, it must, and soon.” Related: Securing the Internet of Things I’ve been writing about organizations struggling to solve the productivity vs. security dilemma that’s part and parcel of the BYOD craze for some time now.

Security 120
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Kaspersky: Dual-Use Dtrack Malware Linked to ATM Thefts

Data Breach Today

Remote Access Trojan Is Capable of Cyberespionage and Financial Fraud A newly discovered remote access Trojan called Dtrack has been targeting banks in India for well over a year, Kaspersky researchers say. The malware, which can steal data from ATMs and doubles as a cyberespionage tool, appears to be linked to North Korea's Lazarus Group.

Access 213
article thumbnail

Iran denies successful cyber attacks hit infrastructures of its oil sector

Security Affairs

In the last hours, some western media reported destructive cyber attacks against infrastructures in the Iranian oil sector, but Iran denied it. Last week drone attacks have hit two major oil facilities run by the state-owned company Aramco in Saudi Arabia, one of them is the Abqaiq site. Western Governments and Saudi Arabia blamed Iran for the attacks.

IT 91
article thumbnail

Russians Hack FBI Comms System

Schneier on Security

Yahoo News reported that the Russians have successfully targeted an FBI communications system: American officials discovered that the Russians had dramatically improved their ability to decrypt certain types of secure communications and had successfully tracked devices used by elite FBI surveillance teams. Officials also feared that the Russians may have devised other ways to monitor U.S. intelligence communications, including hacking into computers not connected to the internet.

article thumbnail

Iranian Government Hackers Target US Veterans

Dark Reading

'Tortoiseshell' discovered hosting a phony military-hiring website that drops a Trojan backdoor on visitors.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Google Calendar Privacy Concerns Raised

Data Breach Today

Companies Need to Be Aware of Risks A misconfiguration in a Google Calendar function that allows Google to index calendars raises serious privacy concerns because it could lead to inadvertent, broad public exposure of calendars that contain sensitive information, including corporate details, a researcher reports.

Privacy 223
article thumbnail

Checkm8: unpatchable iOS exploit could lead to permanent jailbreak for iOS devices running A5 to A11 chips

Security Affairs

A security expert has released a new jailbreak, dubbed Checkm8, that impacts all iOS devices running on A5 to A11 chipsets , it works on iPhone models from 4S to 8 and X. The security expert Axi0mX has released a new jailbreak, dubbed Checkm8 , that works on all iOS devices running on A5 to A11 chipsets. The jailbreak works with all Apple products released between 2011 and 2017, including iPhone models from 4S to 8 and X.

article thumbnail

How to find remaining 32-bit applications on macOS

Jamf

With macOS Catalina, Apple no longer supports 32-bit applications. See how you can locate all 32-bit macOS applications and take action.

97
article thumbnail

On Chinese "Spy Trains"

Schneier on Security

The trade war with China has reached a new industry: subway cars. Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. Part of the reasoning behind this legislation is economic, and stems from worries about Chinese industries undercutting the competition and dominating key global industries.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Ransomware Attack on Rural Hospital Disrupts Services

Data Breach Today

Campbell County Health in Wyoming Sending Patients to Other Hospitals Many Miles Away A ransomware attack late last week on a county hospital in rural Wyoming was still causing patient care disruptions on Monday. Some patients were sent more than 125 miles away to other area hospitals for treatment.

article thumbnail

A new Fancy Bear backdoor used to target political targets

Security Affairs

Security experts at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group aimed at political targets. Security researchers at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group (i.e. APT28 , Sednit , Sofacy , Zebrocy , and Strontium ) aimed at political targets. In the recent attacks, the hackers used a new set of malicious payloads, including a backdoor written in a new language.

article thumbnail

How to find remaining 32-bit applications on macOS

Jamf

With macOS Catalina, Apple no longer supports 32-bit applications. See how you can locate all 32-bit macOS applications and take action.

97
article thumbnail

New Emergency Communications Plan Released by CISA

Dark Reading

The Cybersecurity and Infrastructure Security Agency's latest version of the National Emergency Communications Plan comes after a two-year process to improve the cybersecurity and flexibility of the nation's emergency communications.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Senator Demands Answers About Exposed Medical Imaging Data

Data Breach Today

TridentUSA Allegedly Exposed Data on More than 1 Million Patients Sen. Mark Warner, D-Va., is demanding answers from TridentUSA Health Services about its data security practices following the recent discovery that it exposed more than 1 million patient files on the internet due to an unsecured server.

Security 209
article thumbnail

North Korea-linked malware ATMDtrack infected ATMs in India

Security Affairs

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. Threat actors deployed the malware on ATM systems to steal payment card details of the back customers.

article thumbnail

France Outlines Its Approach to Cyberwar

Schneier on Security

In a document published earlier this month (in French), France described the legal framework in which it will conduct cyberwar operations. Lukasz Olejnik explains what it means , and it's worth reading.

IT 80