Sat.May 04, 2019 - Fri.May 10, 2019

article thumbnail

How Encryption Became the Board’s New Best Friend

Thales Cloud Protection & Licensing

Originally published in TEISS on May 1, 2019. For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. How things have changed. In just the past few years (and hundreds of high-profile breaches and £Trillions of economic damage later), cyber threats became impossible for the boardroom to ignore.

article thumbnail

Malware Knocks Out Accounting Software Giant Wolters Kluwer

Data Breach Today

Outage Leaves Firm's Cloud-Based Tax and Accounting Software Customers Scrambling Accounting software giant Wolters Kluwer is continuing to attempt to recover from a malware attack that has disrupted access to its cloud-based tax and accountancy software, which the company says is used by most major U.S. accounting firms and global banks. Some users say they've been left unable to do their jobs.

Cloud 251
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The CIA Sets Up Shop on Tor, the Anonymous Internet

WIRED Threat Level

Even the Central Intelligence Agency has a so-called onion service now.

article thumbnail

What’s Behind the Wolters Kluwer Tax Outage?

Krebs on Security

Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH , the cloud-based tax division of the global information services firm Wolters Kluwer in the Netherlands. The message was that the same file directories containing new versions of CCH’s software were open and writable by any anonymous user, and that there were suspicious files in those directories indicating some user(s) abused that access.

Cloud 206
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

The Last Watchdog

Android users – and I’m one – are well-advised to be constantly vigilant about the types of cyberthreats directed, at any given time, at the world’s most popular mobile device operating system. Related: Vanquishing BYOD risks Attacks won’t relent anytime soon, and awareness will help you avoid becoming a victim. It’s well worth it to stay abreast of news about defensive actions Google is forced to take to protect Android users.

Libraries 137

More Trending

article thumbnail

Are we so focused on input that we’ve overlooked the need to output information?

AIIM

Prior to becoming involved with the content and information management industry, I spent several years in the high-volume printing industry. I was a mid-level executive for a large health insurance provider and was responsible for printing and mailing, pre-press and offset printing, and electronic book publishing across four states. And let me tell you, my teams concentrated on output.

Insurance 134
article thumbnail

Nine Charged in Alleged SIM Swapping Ring

Krebs on Security

Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target’s phone number and diverting all texts and phone calls to the attacker’s mobile device.

article thumbnail

GUEST ESSAY: How stealth, persistence allowed Wipro attacker to plunder supply chain

The Last Watchdog

The recent network breach of Wipro , a prominent outsourcing company based in India, serves as a stunning reminder that digital transformation cuts two ways. Our rising dependence on business systems that leverage cloud services and the gig economy to accomplish high-velocity innovation has led to a rise in productivity. However, the flip side is that we’ve also created fresh attack vectors at a rapid rate – exposures that are not being adequately addressed.

article thumbnail

FBI Shutters DeepDotWeb Portal; Suspected Admins Arrested

Data Breach Today

Suspects Accused of Receiving Bitcoins Worth Millions for Referral Fees The DeepDotWeb portal, which provided a guide to darknet marketplaces, has been shut down and its alleged administrators arrested. Police say the suspected lead administrator, an Israeli based in Brazil who has been arrested at a Paris airport, amassed bitcoins for referral fees worth millions of dollars.

IT 275
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Why Should You Care about Real-Time Capture?

AIIM

5 Elements of Real-time Capture. Why should your organization care about the differences between real-time capture and batch capture? Each has a purpose and benefit to an organization, based on the need, information type, and value it represents in relation to operational outcomes. Many businesses today, are facing increased demands to capture information from unique applications immediately, and address multi-channel capture at the first touch-point of content.

ECM 105
article thumbnail

Securing Sensitive Data in Pivotal Cloud Foundry

Thales Cloud Protection & Licensing

The Cloud Security Challenge. It’s no secret that cloud technology usage is pervasive among enterprises. According to the 2019 Thales Data Threat Report -Global Edition, some 90 percent of 1,200 responding data security professionals worldwide report their organizations are using the cloud. While the agility and cost-saving benefits of cloud technologies are compelling, the need to protect sensitive application data remains.

Cloud 111
article thumbnail

Q&A: The drivers behind the stark rise — and security implications — of ‘memory attacks’

The Last Watchdog

A distinctive class of hacking is rising to the fore and is being leveraged by threat actors to carry out deep, highly resilient intrusions of well-defended company networks. Related: Memory hacking becomes a go-to tactic These attacks are referred to in the security community as “fileless attacks” or “memory attacks.” The latter conveys a more precise picture: memory hacking refers to a broad set of practices, which can include fileless attacks, that constitute this go-deep form of network brea

Security 122
article thumbnail

Chinese Men Charged With Hacking Health Insurer Anthem

Data Breach Today

Data of 78.8 Million Individuals Was Encrypted, Sent to China, US Alleges Two Chinese men have been indicted on charges related to the breach of health insurer Anthem, which saw the personal information of 78.8 million individuals stolen, as well as attacks against three other large U.S. companies.

Insurance 260
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

[Podcast] Inside the Action at The AIIM Conference

AIIM

Have you ever watched a football game or other sporting event where they gave the players or coaches microphones? Or, how about an 'after show’ of your favorite reality tv program? I don’t know about you, but these are some of my favorites to watch because it gives the viewer a more intimate look than you would get by just watching the game or show normally.

article thumbnail

SNP faces fines for data protection breach after election mailing error

The Guardian Data Protection

Party refers itself to ICO after voters receive campaign letters not addressed to them The Scottish National party faces being fined for a breach of data protection laws after sending out tens of thousands of European election mailings to the wrong addresses. The Information Commissioner’s Office confirmed on Friday morning that the SNP have referred itself for investigation after voters across Scotland received letters addressed to strangers or neighbours.

110
110
article thumbnail

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

No matter how reliant we ultimately become on cloud storage and streaming media, it’s hard to image consumers ever fully abandoning removable storage devices. There’s just something about putting your own two hands on a physical device, whether it’s magnetic tape, or a floppy disk, or a CD. Today, it’s more likely to be an external drive, a thumb drive or a flash memory card.

article thumbnail

Feds Warn of 'Electricfish' Malware Linked to North Korea

Data Breach Today

CERT Says Hidden Cobra APT Group Developed Malware The FBI and the Department of Homeland Security have issued a joint warning about new malware called "Electricfish." Investigators suspect it was developed by the advanced persistent threat group Hidden Cobra, which has been linked to North Korea.

Security 248
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Protecting Yourself from Identity Theft

Schneier on Security

I don't have a lot of good news for you. The truth is there's nothing we can do to protect our data from being stolen by cybercriminals and others. Ten years ago, I could have given you all sorts of advice about using encryption, not sending information over email, securing your web connections, and a host of other things­ -- but most of that doesn't matter anymore.

Passwords 109
article thumbnail

LulZSec and Anonymous Ita hackers published sensitive data from 30,000 Roman lawyers

Security Affairs

A group of hackers has stolen and published online sensitive data of 30,000 Roman lawyers, including the Mayor of Rome. The announcement was made on Twitter by Lulzsec and Anonymous Ita. The story is very simple, LulZSec, the collective of hackers recently hit the Italian Ministry of the Environment, has collected a huge amount of data belonging to 30,000 Roman lawyers.

Access 108
article thumbnail

The Law Being Used to Prosecute Julian Assange Is Broken

WIRED Threat Level

Opinion: Julian Assange is being prosecuted under the Computer Fraud and Abuse Act, a minimally defined statute that can have maximally destructive consequences.

Security 110
article thumbnail

Despite Doxing, OilRig APT Group Remains a Threat

Data Breach Today

Researchers Describe What They've Learned From Data Dump Despite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to governments and businesses, researchers at Palo Alto Network's Unit 42 report.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

What is Jamf School?

Jamf

Jamf School, formerly ZuluDesk, helps teachers get the most from their Apple devices. Jamf’s mobile device management (MDM) school solution means that teachers and IT professionals receive an MDM school powerhouse for running today’s modern classroom.

MDM 98
article thumbnail

Japan will develop its first-ever malware as a defense measure against cyber attacks

Security Affairs

The news was reported by the Kyodo News and has caught my attention, Japan will develop its first-ever computer virus as defense against cyber attacks. The Kyodo News revealed that Japan will develop its first-ever computer virus as a defense measure against cyber attacks and that the development will be completed by next March. The Defense Ministry plans to use the malware as a vaccine that could neutralize the other malicious codes.

IT 107
article thumbnail

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The fact of the case relating to the Rousseau platform. Several websites affiliated to the Italian political party Movimento 5 Stelle are run, through a data processor, through the platform named Rousseau.

GDPR 102
article thumbnail

Cybersecurity Drives Intelligence Agencies in From the Cold

Data Breach Today

Post-Snowden Transparency, Incident Response Push by Western Allies Continue With cyberattacks, online espionage and data breaches happening at a seemingly nonstop pace, Western intelligence agencies are bringing many of their capabilities out of the shadows to help businesses and individuals better safeguard themselves and respond. We need all the help we can get.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

How personal social media use can become a corporate problem

IT Governance

Most of us use social media to keep in touch with friends, read interesting content or share photos, but we also know it comes with risk. How private our data really is and whether or not “they” are listening is constantly in the news, but do you know the risks of personal social media use to your business? In Techworld’s recent article summarising some of the most infamous data breaches in the UK, Facebook, Google+ and Reddit are all featured.

Education 101
article thumbnail

Five technology trends driving the automotive industry into the future

DXC Technology

As cars become increasingly smarter and automated, a lot of innovative technology will be needed to make them even smarter and more useful to drivers. Manufacturing cars of the future – be they autonomous, connected, electric, or a mix of all three – will be fueled by cutting-edge technology. Companies that can deploy this technology […].

article thumbnail

A hacker has taken over at least 29 IoT botnets

Security Affairs

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few week s with brute-force attacks. The hacker ‘Subby’ took over 29 IoT botnets in the past few weeks brute-forcing the back end panels of their command and control servers.

IoT 99