Krebs on Security

SEPTEMBER 21, 2018

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you’ve been holding out because you’re not particularly worried about ID theft, here’s another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable reven

Security 276

Security Insurance Military Government 276

Thales Cloud Protection & Licensing

FEBRUARY 9, 2018

With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Whether it’s varying protection levels, differing operational techniques and policies, or juggling multiple keys, managing more than one encryption system can quickly turn into a complex web that demands time, expertise and money to manage effectively.

Security 195

Security Encryption Cybersecurity IT 195

Schneier on Security

JANUARY 19, 2018

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

Security 126

Security Data breaches Financial Services Marketing 126

Krebs on Security

NOVEMBER 26, 2018

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “[link].

Phishing 273

Phishing Security Encryption IT 273

Advertisement

Case studies are proof of successful client relations and a verifiable product or service. They persuade buyers by highlighting your customers' experiences with your company and its solution. In sales, case studies are crucial pieces of content that can be tailored to prospects' pain points and used throughout the buyer's journey. In marketing, case studies are versatile assets for generating business, providing reusable elements for ad and social media content, website material, and marketing c

Sales

Data Breach Today

JANUARY 16, 2018

We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.

Security 227

Security Communications IT 227

OpenText Information Management

FEBRUARY 16, 2018

This article was first published in Legaltech News. “Cooperation should not result in one party exerting extensive control over another’s discovery process or the application of a heightened discovery standard.” – Anna Mercado Clark, partner at Phillips Lytle LLP Civil litigation doesn’t have to be uncivil, or so the idea goes. In the spirit of … The post Transparency in eDiscovery?

IT 131

IT 131

Information Management Resources

JANUARY 17, 2018

Recent studies suggest only one-in-four organizations are well-prepared for the data management mandate, a statistic that could have costly consequences.

GDPR 125

GDPR Data Privacy Compliance Privacy 125

Dark Reading

JANUARY 23, 2018

Following these tips can improve your security visibility and standardize management across hybrid environments.

Security 138

Security Cloud 138

WIRED Threat Level

DECEMBER 27, 2018

In December 1988 a bomb downed a Pan Am jet, leaving 270 dead. It was the first mass killing of Americans by terrorists. As the head of the Justice Department’s criminal division, Robert Mueller oversaw the case. And for him, it was personal.

IT 111

IT Security 111

Advertisement

Unleash the power of NoSQL with "Apache Cassandra® NoSQL for the Relational DBA." Learn from Lewis DiFelice, an experienced Professional Services Consultant at Instaclustr, as he shares his journey transitioning from SQL to managing a 40-node Cassandra cluster. Gain insights into Cassandra's architecture, configuration strategies, and best practices.

Security Affairs

DECEMBER 23, 2018

Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. . A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform privileged operations using the web management interface.

Authentication 111

Authentication IT Security Access 111

Troy Hunt

DECEMBER 30, 2018

Patience. Frugality. Sacrifice. When you boil it down, what do those three things have in common? Those are choices. Money is not peace of mind. Money’s not happiness. Money is, at its essence, that measure of a man’s choices. This is part of the opening monologue of the Ozark series and when I first heard it, I immediately stopped the show and dropped it into this blog post.

Insurance 111

Insurance Education Risk Marketing 111

Thales Cloud Protection & Licensing

JANUARY 31, 2018

Data breaches are the new normal. According to our 2018 Global Data Threat Report , 67% of enterprises have been breached, with that percentage rate growing every year. Regardless of the security measures and efforts put in place, organizations need to act as if a successful cyberattack is not a question of “if” but “when.”. As organizations continue to embrace digital transformation, greater amounts of sensitive data is created, stored and transferred in digital form putting more data at risk.

Digital transformation 130

Digital transformation Security Data breaches Encryption 130

Schneier on Security

FEBRUARY 26, 2018

If you're going to commit an illegal act, it's best not to discuss it in e-mail. It's also best to Google tech instructions rather than asking someone else to do it: One new detail from the indictment, however, points to just how unsophisticated Manafort seems to have been. Here's the relevant passage from the indictment. I've bolded the most important bits: Manafort and Gates made numerous false and fraudulent representations to secure the loans.

Paper 136

Paper Security IT Privacy 136

As a business leader, you know it's important to update your apps, but it can be tough to figure out the best approach. This whitepaper helps you in upgrading your current applications using modernization strategies without any business disruptions.

IT

Krebs on Security

OCTOBER 1, 2018

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).

Phishing 279

Phishing Security Cybersecurity Access 279

Data Breach Today

NOVEMBER 7, 2018

Privacy Breach Claims Are Rising, Says Thomas Clayton of Zurich Insurance Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance.

Insurance 266

Insurance GDPR Privacy IT 266

The Guardian Data Protection

SEPTEMBER 29, 2018

Images posted to social media show people accessing data of senior Tories such as Boris Johnson and Michael Gove A major flaw in the Conservative ’s official conference mobile phone application has made the private data of senior party members – including cabinet members – accessible to anyone that logged in as a conference attendee. The data of every person who registered to attend the Tory conference could be viewed, with Boris Johnson, Michael Gove and others among hundreds of diplomats, dign

Data breaches 111

Data breaches Access Privacy IT 111

Lenny Zeltser

MAY 7, 2018

This cheat sheet offers guidelines for IT professionals seeking to improve technical writing skills. To print it, use the one-page PDF version; you can also customize the Word version of the document. General Recommendations. Determine your write-up’s objectives and audience. Keep the write-up as short and simple as possible to achieve the objectives.

IT 111

IT Security 111

Advertisement

Getting off of Hadoop is a critical objective for organizations, with data executives well aware of the significant benefits of doing so. The problem is, there are few options available that minimize the risk to the business during the migration process and that’s one of the reasons why many organizations are still using Hadoop today. By migrating to the data lakehouse, you can get immediate benefits from day one using Dremio’s phased migration approach.

Risk

Bill Schmarzo - Dell EMC

MARCH 29, 2018

The year was 1994 and I had the fortunate opportunity to stumble upon a company – Cygnus Support – that was “selling free software.” I remember telling my mom that I was Vice President of Sales & Marketing of a company that was selling free software. After a very long pause, she replied, “Is your resume up to date?”. Cygnus Support sold support contracts and custom consulting projects for GNU development tools (gcc, g++, gdb) to companies looking to accelerate their time-to-market in the emb

Digital transformation 111

Digital transformation Big data Analytics IoT 111

John Battelle's Searchblog

JULY 30, 2018

I first moved to the Bay area in 1983. I graduated from high school, spent my summer as an exchange student/day laborer in England (long story), then began studies at Berkeley, where I had a Navy scholarship (another long story). 1983. 35 years ago. 1983 was one year before the introduction of the Macintosh (my first job was covering Apple and the Mac).

IT 110

IT 110

WIRED Threat Level

MAY 15, 2018

Special Counsel Robert Mueller’s job is to make sense of how Russia hacked the 2016 election. But to make sense of Mueller, you have to revisit some of the bloodiest battles of Vietnam.

Security 112

Security 112

Security Affairs

NOVEMBER 13, 2018

Google services were partially inaccessible on Monday due to a BGP leak that caused traffic redirection through Russia, China, and Nigeria. A BGP leak caused unavailability of Google service on Monday, the traffic was redirected through Russia, China, and Nigeria. At the time it is not clear if the incident was the result of an error or a cyber attack on the BGP protocol.

Security 111

Security Cloud Paper Analytics 111

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Risk

Troy Hunt

FEBRUARY 21, 2018

Last August, I launched a little feature within Have I Been Pwned (HIBP) I called Pwned Passwords. This was a list of 320 million passwords from a range of different data breaches which organisations could use to better protect their own systems. How? NIST explains : When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised.

Passwords 111

Passwords Data breaches Security Privacy 111

IT Governance

MARCH 16, 2018

Phishing has been used as a way for criminal hackers to gain sensitive information since the mid-1990s. It uses deceptive emails and websites to trick victims into clicking malicious links, downloading attachments or sending sensitive information. Phishing emails can impersonate well-known brands or even people you know, such as colleagues. The goal is to trick the recipient into believing that the message is important and convince them to click a malicious link/attachment or provide sensitive d

Phishing 110

Phishing Passwords Security Security awareness 110

Schneier on Security

JANUARY 23, 2018

This is a clever attack. After gaining control of the coin-mining software, the malware replaces the wallet address the computer owner uses to collect newly minted currency with an address controlled by the attacker. From then on, the attacker receives all coins generated, and owners are none the wiser unless they take time to manually inspect their software configuration.

Mining 117

Mining IT 117

Krebs on Security

NOVEMBER 7, 2018

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out. This week, the U.S.

Authentication 278

Authentication Security Communications IT 278

Advertiser: ZoomInfo

When economic headwinds pick up, sales leaders are the first to sound the alarm — and chart a new course. Longer sales cycles, larger buying committees, increased price pressure, and smaller teams can quickly combine to reduce your margin for error and increase the urgency to find a solution. To thrive in a challenging environment, sales teams need a rock-solid grasp of the fundamentals and the biggest force-multipliers they can get their hands on.

B2B

National Archives Records Express

OCTOBER 26, 2018

Many of our readers may have seen recent items in the news media, social medi a or on listservs that make it seem like the Department of the Interior is making an unusual request to destroy Federal Records. We have been busily responding to inquiries about this schedu le from individuals and the press for a few days. Those of you who work in records management understand the records scheduling process, but to others, this process can seem mysterious.

Archiving 109

Archiving Military Records Management Government 109

The Guardian Data Protection

JULY 10, 2018

Firm fined £500k for lack of transparency and failing to protect users’ information Facebook is to be fined £500,000, the maximum amount possible, for its part in the Cambridge Analytica scandal , the information commissioner has announced. The fine is for two breaches of the Data Protection Act. The Information Commissioner’s Office (ICO) concluded that Facebook failed to safeguard its users’ information and that it failed to be transparent about how that data was harvested by others.

Data breaches 111

Data breaches Analytics IT Privacy 111

Information Management Resources

JANUARY 22, 2018

Many have begun to consider whether the technology could be used to improve customer data management processes, as they relate to the upcoming EU mandate.

GDPR 110

GDPR Blockchain Compliance Data Privacy 110