2018

article thumbnail

Credit Freezes are Free: Let the Ice Age Begin

Krebs on Security

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you’ve been holding out because you’re not particularly worried about ID theft, here’s another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable reven

Security 276
article thumbnail

Strong, streamlined and secure: How to get the most out of centralized key management

Thales Cloud Protection & Licensing

With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Whether it’s varying protection levels, differing operational techniques and policies, or juggling multiple keys, managing more than one encryption system can quickly turn into a complex web that demands time, expertise and money to manage effectively.

Security 195
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Security Breaches Don't Affect Stock Price

Schneier on Security

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

Security 126
article thumbnail

Half of all Phishing Sites Now Have the Padlock

Krebs on Security

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “[link].

Phishing 273
article thumbnail

Why You Need to Use Case Studies in Sales and Marketing (and How to Start Now)

Case studies are proof of successful client relations and a verifiable product or service. They persuade buyers by highlighting your customers' experiences with your company and its solution. In sales, case studies are crucial pieces of content that can be tailored to prospects' pain points and used throughout the buyer's journey. In marketing, case studies are versatile assets for generating business, providing reusable elements for ad and social media content, website material, and marketing c

article thumbnail

The Machine Identity Crisis

Data Breach Today

We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.

Security 227

More Trending

article thumbnail

Transparency in eDiscovery? Save it for your clients

OpenText Information Management

This article was first published in Legaltech News. “Cooperation should not result in one party exerting extensive control over another’s discovery process or the application of a heightened discovery standard.” – Anna Mercado Clark, partner at Phillips Lytle LLP Civil litigation doesn’t have to be uncivil, or so the idea goes. In the spirit of … The post Transparency in eDiscovery?

IT 131
article thumbnail

GDPR will be a harsh wake-up call for most U.S. companies

Information Management Resources

Recent studies suggest only one-in-four organizations are well-prepared for the data management mandate, a statistic that could have costly consequences.

GDPR 125
article thumbnail

5 Steps to Better Security in Hybrid Clouds

Dark Reading

Following these tips can improve your security visibility and standardize management across hybrid environments.

Security 138
article thumbnail

Pan Am Flight 103: Robert Mueller’s 30-Year Search for Justice

WIRED Threat Level

In December 1988 a bomb downed a Pan Am jet, leaving 270 dead. It was the first mass killing of Americans by terrorists. As the head of the Justice Department’s criminal division, Robert Mueller oversaw the case. And for him, it was personal.

IT 111
article thumbnail

Apache Cassandra® NoSQL for the Relational DBA

Unleash the power of NoSQL with "Apache Cassandra® NoSQL for the Relational DBA." Learn from Lewis DiFelice, an experienced Professional Services Consultant at Instaclustr, as he shares his journey transitioning from SQL to managing a 40-node Cassandra cluster. Gain insights into Cassandra's architecture, configuration strategies, and best practices.

article thumbnail

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs

Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. . A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform privileged operations using the web management interface.

article thumbnail

10 Personal Finance Lessons for Technology Professionals

Troy Hunt

Patience. Frugality. Sacrifice. When you boil it down, what do those three things have in common? Those are choices. Money is not peace of mind. Money’s not happiness. Money is, at its essence, that measure of a man’s choices. This is part of the opening monologue of the Ozark series and when I first heard it, I immediately stopped the show and dropped it into this blog post.

Insurance 111
article thumbnail

Securing Data in the Digital Transformation Era

Thales Cloud Protection & Licensing

Data breaches are the new normal. According to our 2018 Global Data Threat Report , 67% of enterprises have been breached, with that percentage rate growing every year. Regardless of the security measures and efforts put in place, organizations need to act as if a successful cyberattack is not a question of “if” but “when.”. As organizations continue to embrace digital transformation, greater amounts of sensitive data is created, stored and transferred in digital form putting more data at risk.

article thumbnail

E-Mail Leaves an Evidence Trail

Schneier on Security

If you're going to commit an illegal act, it's best not to discuss it in e-mail. It's also best to Google tech instructions rather than asking someone else to do it: One new detail from the indictment, however, points to just how unsophisticated Manafort seems to have been. Here's the relevant passage from the indictment. I've bolded the most important bits: Manafort and Gates made numerous false and fraudulent representations to secure the loans.

Paper 136
article thumbnail

Finding The Application Modernization Strategy That Is Right For Your Business

As a business leader, you know it's important to update your apps, but it can be tough to figure out the best approach. This whitepaper helps you in upgrading your current applications using modernization strategies without any business disruptions.

article thumbnail

Voice Phishing Scams Are Getting More Clever

Krebs on Security

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).

Phishing 279
article thumbnail

How Cyber Insurance Is Changing in the GDPR Era

Data Breach Today

Privacy Breach Claims Are Rising, Says Thomas Clayton of Zurich Insurance Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance.

Insurance 266
article thumbnail

Tory conference app flaw reveals private data of senior MPs

The Guardian Data Protection

Images posted to social media show people accessing data of senior Tories such as Boris Johnson and Michael Gove A major flaw in the Conservative ’s official conference mobile phone application has made the private data of senior party members – including cabinet members – accessible to anyone that logged in as a conference attendee. The data of every person who registered to attend the Tory conference could be viewed, with Boris Johnson, Michael Gove and others among hundreds of diplomats, dign

article thumbnail

Technical Writing Tips for IT Professionals

Lenny Zeltser

This cheat sheet offers guidelines for IT professionals seeking to improve technical writing skills. To print it, use the one-page PDF version; you can also customize the Word version of the document. General Recommendations. Determine your write-up’s objectives and audience. Keep the write-up as short and simple as possible to achieve the objectives.

IT 111
article thumbnail

From Hadoop to Data Lakehouse

Getting off of Hadoop is a critical objective for organizations, with data executives well aware of the significant benefits of doing so. The problem is, there are few options available that minimize the risk to the business during the migration process and that’s one of the reasons why many organizations are still using Hadoop today. By migrating to the data lakehouse, you can get immediate benefits from day one using Dremio’s phased migration approach.

article thumbnail

A Digital Transformation Lesson: Open Source Business Models

Bill Schmarzo - Dell EMC

The year was 1994 and I had the fortunate opportunity to stumble upon a company – Cygnus Support – that was “selling free software.” I remember telling my mom that I was Vice President of Sales & Marketing of a company that was selling free software. After a very long pause, she replied, “Is your resume up to date?”. Cygnus Support sold support contracts and custom consulting projects for GNU development tools (gcc, g++, gdb) to companies looking to accelerate their time-to-market in the emb

article thumbnail

On Leaving the Bay Area

John Battelle's Searchblog

I first moved to the Bay area in 1983. I graduated from high school, spent my summer as an exchange student/day laborer in England (long story), then began studies at Berkeley, where I had a Navy scholarship (another long story). 1983. 35 years ago. 1983 was one year before the introduction of the Macintosh (my first job was covering Apple and the Mac).

IT 110
article thumbnail

The Untold Story of Robert Mueller's Time in the Vietnam War

WIRED Threat Level

Special Counsel Robert Mueller’s job is to make sense of how Russia hacked the 2016 election. But to make sense of Mueller, you have to revisit some of the bloodiest battles of Vietnam.

Security 112
article thumbnail

Google Services down due to BGP leak, traffic hijacked through Russia, China, and Nigeria

Security Affairs

Google services were partially inaccessible on Monday due to a BGP leak that caused traffic redirection through Russia, China, and Nigeria. A BGP leak caused unavailability of Google service on Monday, the traffic was redirected through Russia, China, and Nigeria. At the time it is not clear if the incident was the result of an error or a cyber attack on the BGP protocol.

Security 111
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download

Troy Hunt

Last August, I launched a little feature within Have I Been Pwned (HIBP) I called Pwned Passwords. This was a list of 320 million passwords from a range of different data breaches which organisations could use to better protect their own systems. How? NIST explains : When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised.

Passwords 111
article thumbnail

5 ways to detect a phishing email

IT Governance

Phishing has been used as a way for criminal hackers to gain sensitive information since the mid-1990s. It uses deceptive emails and websites to trick victims into clicking malicious links, downloading attachments or sending sensitive information. Phishing emails can impersonate well-known brands or even people you know, such as colleagues. The goal is to trick the recipient into believing that the message is important and convince them to click a malicious link/attachment or provide sensitive d

Phishing 110
article thumbnail

New Malware Hijacks Cryptocurrency Mining

Schneier on Security

This is a clever attack. After gaining control of the coin-mining software, the malware replaces the wallet address the computer owner uses to collect newly minted currency with an address controlled by the attacker. From then on, the attacker receives all coins generated, and owners are none the wiser unless they take time to manually inspect their software configuration.

Mining 117
article thumbnail

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

Krebs on Security

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out. This week, the U.S.

article thumbnail

The B2B Sales Leader's Guide for Any Economic Environment

When economic headwinds pick up, sales leaders are the first to sound the alarm — and chart a new course. Longer sales cycles, larger buying committees, increased price pressure, and smaller teams can quickly combine to reduce your margin for error and increase the urgency to find a solution. To thrive in a challenging environment, sales teams need a rock-solid grasp of the fundamentals and the biggest force-multipliers they can get their hands on.

article thumbnail

Department of Interior Updating Their Records Schedule

National Archives Records Express

Many of our readers may have seen recent items in the news media, social medi a or on listservs that make it seem like the Department of the Interior is making an unusual request to destroy Federal Records. We have been busily responding to inquiries about this schedu le from individuals and the press for a few days. Those of you who work in records management understand the records scheduling process, but to others, this process can seem mysterious.

Archiving 109
article thumbnail

Facebook fined for data breaches in Cambridge Analytica scandal

The Guardian Data Protection

Firm fined £500k for lack of transparency and failing to protect users’ information Facebook is to be fined £500,000, the maximum amount possible, for its part in the Cambridge Analytica scandal , the information commissioner has announced. The fine is for two breaches of the Data Protection Act. The Information Commissioner’s Office (ICO) concluded that Facebook failed to safeguard its users’ information and that it failed to be transparent about how that data was harvested by others.

article thumbnail

The role of blockchain in helping organizations meet GDPR compliance

Information Management Resources

Many have begun to consider whether the technology could be used to improve customer data management processes, as they relate to the upcoming EU mandate.

GDPR 110