IT Governance

JUNE 29, 2018

Hello and welcome to the IT Governance podcast for Friday, 29 June 2018. According to Wired.com , the security researcher Vinny Troia discovered the database earlier this month via Shodan – the search engine that indexes Internet-connected devices such as servers and routers. Here are this week’s stories.

GDPR 76

GDPR Passwords Data breaches Access 76

Data Matters

APRIL 10, 2018

On April 3, 2018, the Financial Crimes Enforcement Network (FinCEN) issued new frequently asked questions (FAQs) regarding its customer due diligence rule (CDD Rule). These FAQs are timely because the May 11, 2018 compliance date for the CDD rule is fast approaching. Beneficial Owner Not Present. Existing Customers.

Retail 68

Retail Risk IT Privacy 68

Security Affairs

NOVEMBER 16, 2018

Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper. In the beginning, the Microsoft Powerpoint presentation looked like a white blank page but performing a very interesting and hidden connection to hxxps://a.doko.moe/wraeop.sct. Stage 3: NET file.

Computer and Electronics 99

Computer and Electronics File names Security IT 99

Data Matters

FEBRUARY 10, 2022

On Monday, January 24, 2022, in a speech at the Northwestern University Pritzker School of Law annual Securities Regulation Institute conference, Gary Gensler, Chair of the U.S. He also signaled the SEC’s continued focus on enforcement and cooperation with other law enforcement agencies. Public Companies and Service Providers.

Cybersecurity 88

Cybersecurity Marketing Risk Compliance 88

Data Matters

SEPTEMBER 18, 2019

Under the revised Payment Services Directive (2015/2366) (PSD2), the European Banking Authority (EBA) and the European Commission were required to develop and adopt regulatory technical standards on strong customer authentication and common and secure open standards of communication. inherence: a biometric characteristic (e.g.,

Authentication 102

Authentication e-Delivery Risk Sales 102

DLA Piper Privacy Matters

JANUARY 21, 2019

On 12 December 2018, the French Government issued an ordinance [1] finalizing, at the legislative level [2] , the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation [3] (“GDPR”) and the Directive 2016/680 [4]. 2018-493 and the Ordinance, encompasses 128 new articles.

GDPR 49

GDPR Personal data Communications Government 49

Security Affairs

AUGUST 8, 2021

All material from 2018-2019. Figure 5 – Screenshot from Group-IB Threat Intelligence & Attribution system Nevertheless, according to Group-IB’s findings, despite the post author’s claim that the cards were compromised from 2018-2019, 97% of the records in the database are still valid. Valid at 3%.

Marketing 128

Marketing Sales IT Insurance 128

Troy Hunt

JANUARY 3, 2019

Here's my 2018 highlights, starting with travel: Travel "Oh yeah, I'm totally gonna travel less this year" - me every single year In reality, my travel ended up looking like this: That's the same number as last year, 4 more days and another 8,000km. Probably with my 2018 events page which lists everything I did of a public nature.

Passwords 82

Passwords Security IT Government 82

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Archives Blogs

NOVEMBER 16, 2018

The need to accelerate deployment of Artificial Intelligence (AI) by executive branch agencies also requires the development and retention of human expertise, according to Dr. Deborah Frincke, Director of Research at the National Security Agency (NSA).

Unstructured data 26

Unstructured data Artificial Intelligence Government Communications 26

Data Matters

AUGUST 19, 2020

4 The Regulation sets minimum standards for compliance related to the assessment of cybersecurity risks, the prevention and detection of security events, and post-breach management. The NYDFS alleges in April 2018, FAST contained 753 million documents, 65 million of which had been tagged by First American’s employees as containing NPI.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. zip file not found and a popup message is presented.

Passwords 95

Passwords e-Discovery IT Cleanup 95

The Texas Record

DECEMBER 16, 2020

In 2018, Archives and Information Services staff selected our favorite items. Check out the Archives a la carte: Staff picks online exhibit to learn more about items my colleagues thought were interesting such as the medal dies for the Apollo 11 astronauts and letters from Samuel Morse about his Electro-Magnetic Telegraph.

Archiving 106

Archiving Libraries Paper Access 106

HL Chronicle of Data Protection

MAY 29, 2019

This personal data was still being held by late May 2018 and had been subject to unauthorised use by a third party. Italy’s Garante issued its first fine (4.4.2019) for the lack of implementation of privacy security measures following a data breach on the Rousseau internet platform. Regulatory Guidance.

GDPR 40

GDPR Personal data Privacy Information architecture 40

eSecurity Planet

SEPTEMBER 8, 2023

Application programming interface (API) security is a combination of tools and best practices to secure the all-important connections between applications. API security protects data and back-end systems while preserving fluid communication between software components through strict protocols and access controls.

Security 108

Security Authentication Access Encryption 108

Data Matters

SEPTEMBER 4, 2019

Securities and Exchange Commission on June 5, 2019, broker-dealers and associated persons are required to act in the best interest of a retail customer when recommending a securities transaction or investment strategy involving securities to a retail customer.

Insurance 68

Insurance Paper Risk Analytics 68

Security Affairs

NOVEMBER 11, 2018

CVE-2018-15961) affecting the Adobe ColdFusion has been exploited in the wild. Security experts from Volexity reported that attackers in the wild are exploiting a recently patched remote code execution vulnerability affecting the Adobe ColdFusion. Experts at Volexity discovered that a recently patched remote code execution flaw.

Education 84

Education Authentication Security Government 84

eDiscovery Daily

OCTOBER 21, 2019

Join us to hear examples of failures by a major medical center, a major financial institution, a large federal government agency, and a noted presidential advisor. 11:10 AM – 12:10 PM: Data Subject Access Requests in the Americas and Beyond. Find out: How they really feel about security? The 2019 International Panel.

e-Discovery 45

e-Discovery e-Delivery GDPR Education 45

eDiscovery Daily

OCTOBER 1, 2018

As we noted yesterday the 2018 Relativity Fest conference is going on this week, CloudNine will once again be here as a Silver Sponsor and I will be covering the show for eDiscovery Daily. 11:10 AM – 12:10 PM: PD188410 – Fostering Inclusiveness: Promoting Diversity and Inclusion on Your e-Discovery Team.

e-Discovery 31

e-Discovery Education Cloud Data Privacy 31

Security Affairs

MAY 22, 2020

The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). The code contains some “funny” comments related to the twitter community of security researchers which constantly monitor the actor operations.

Manufacturing 131

Manufacturing e-Delivery IT Security 131

Security Affairs

NOVEMBER 27, 2020

A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. The compilation contains 49,577 IP addresses vulnerable to Fortinet SSL VPN CVE-2018-13379 , according to Bank Security, who first noticed the leak on Twitter.

Passwords 139

Passwords Access Security Information Security 139

John Battelle's Searchblog

JUNE 6, 2023

And this was no fly-by-night startup – the company’s founders, team, and investors are all deeply experienced in AI, Internet security, scaled engineering, product design, marketing, and much more. This past month alone, VCs poured more than $11 billion into AI startups , up 86 percent from a year ago.

Personal data 111

Personal data Military e-Delivery IT 111

Troy Hunt

MARCH 21, 2018

pic.twitter.com/hPvvbFODyZ — Random Robbie (@Random_Robbie) March 7, 2018. Side note: getting the wording of these emails right is absolutely critical, as is evidenced by the accompanying tweet which casts suspicion over OpenTable's security posture.). link] pic.twitter.com/rIBh5Y7dbj — Troy Hunt (@troyhunt) March 10, 2018.

Data breaches 73

Data breaches Passwords Government IT 73

Data Matters

SEPTEMBER 29, 2021

4 The Federal Rules of Civil Procedure have begun — since their inception — with a guiding command for courts to seek “to secure the just, speedy, and inexpensive determination of every action and proceeding.”5 19 No longer are the proportionality considerations described as separate “limitations” on an inquiry governed solely by relevance.20

Privacy 97

Privacy e-Discovery Computer and Electronics e-Delivery 97

Data Matters

MAY 9, 2019

The vote to adopt the prior versions of the proposed amendments to the CFR Model Laws was delayed in December 2018 after the U.S. Advocates of blockchain note that it has the potential to improve the efficiency, security and trustworthiness of a wide variety of transactions. Department of the Treasury and the Office of the U.S.

Insurance 68

Insurance Blockchain Big data Risk 68

Preservica

MAY 1, 2018

Oxford, UK and Boston, MA: April 30 2018: Active digital preservation specialist, Preservica, has announced a suite of new GDPR compliance enhancements to further simplify how organizations meet their controller obligations for personal data that needs to be retained over the long-term. CIGO Summit 2018 in Chicago IL: 9-11 May 2018.

GDPR 40

GDPR Digital preservation Metadata Personal data 40

Data Protector

OCTOBER 11, 2017

Banks must still be allowed to process data to prevent fraud; regulators must still be allowed to process data to investigate malpractice and corruption; sports governing bodies must be allowed to process data to keep the cheats out; and journalists must still be able to investigate scandal and malpractice. change it substantially.

GDPR 120

GDPR Personal data Government IT 120

Troy Hunt

SEPTEMBER 17, 2020

I want a "secure by default" internet with all the things encrypted all the time such that people can move freely between networks without ever needing to care about who manages them or what they're doing with them. I mean what's the remaining gap? But that shouldn't be that surprising given that only 2.3% We still have a way to go!

Privacy 143

Privacy Phishing Encryption Security 143

ARMA International

APRIL 11, 2022

Among these management issues are insufficient documentation of official acts, incorrect use of recordkeeping technologies, poor filing systems and maintenance standards, poor management of non-record items, insufficient identification of vital records, and insufficient records security policies. Creating an Inventory Plan.

Records Management 109

Records Management Archiving Government IT 109

ARMA International

SEPTEMBER 27, 2021

Humans have used technology to transform their societies from prehistoric times up to the present. Finally, Part 3 looks to the future, presents next steps, and discusses key takeaways. Take the example of the pandemic: only some governments engaged pandemic experts to develop actions plans. Introduction.

Digital transformation 54

Digital transformation Risk IT Computer and Electronics 54

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Troy Hunt

DECEMBER 30, 2018

pic.twitter.com/4NK5GAm1z2 — Troy Hunt (@troyhunt) December 24, 2018. I'm not a fashion guy (pick almost any talk I've done and you'll see it's jeans and t-shirts all the way), but I totally understand how presenting well can bring a lot of joy to people. krankit_io) December 27, 2018. This is a measure of my choices.

Education 111

Education Marketing IT Insurance 111

Troy Hunt

FEBRUARY 10, 2020

And just a side-note before I jump into those fundamentals: I had a quick flick through the government's eSafety guidance for children under 5 whilst on the plane and it has a bunch of really good stuff. And importantly, teaching them how to use secure passwords with @1Password ?? What say you, internet?

Privacy 141

Privacy Access IT Education 141

Security Affairs

NOVEMBER 25, 2020

Group-IB , a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. The stand-off between various pro-government hacker groups saw new players come onto the scene, while some previously known groups resumed their operations. Tb per second and 809 million packets per second.

Ransomware 129

Ransomware Phishing Sales Manufacturing 129

eSecurity Planet

APRIL 26, 2022

Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. How Do VC Firms Work? AllegisCyber Investments.

Cybersecurity 127

Cybersecurity Cloud Marketing Security 127

Adam Levin

DECEMBER 7, 2020

The threat landscape of cybersecurity changes daily, with hackers and cybersecurity professionals in a perpetual cat-and-mouse chase; hackers discover new ways to infiltrate and exploit their targets, and the cybersecurity industry looks for vulnerabilities, tries to anticipate new threats and responds when cyber security issues arise.

IoT 52

IoT Artificial Intelligence Passwords Phishing 52

Troy Hunt

FEBRUARY 11, 2018

pic.twitter.com/xQhspR7A2f — Scott Helme (@Scott_Helme) February 11, 2018. Even my own state government down here had been hit. Their site also has the crypto miner running: pic.twitter.com/fl0U9ssZRr — Scott Helme (@Scott_Helme) February 11, 2018. It was the US Courts too.

Libraries 97

Libraries Risk Government IT 97