Krebs on Security
SEPTEMBER 10, 2018
Later this month, all of the three major consumer credit bureaus will be required to offer free credit freezes to all Americans and their dependents. Maybe you’ve been holding off freezing your credit file because your home state currently charges a fee for placing or thawing a credit freeze, or because you believe it’s just not worth the hassle.
Thales Cloud Protection & Licensing
SEPTEMBER 11, 2018
Vincent Van Gogh is believed to have said “Great things are … done … by a series of small things brought together.” This aptly describes the Internet of Things (IoT), where many small things are coming together to shape what we all hope will deliver a great leap in the way we live and do business. In this blog, and in and accompanying interview with our colleague Daniel Hjort from Nexus Group, we discuss the challenges that industry faces to ensure safe deployment and management of IoT technolog
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
SEPTEMBER 13, 2018
Of the many cybersecurity executives I’ve interviewed, Keenan Skelly’s career path may be the most distinctive. Skelly started out as a U.S. Army Explosive Ordnance Disposal (EOD) Technician. “I was on the EOD team that was actually assigned to the White House during 9/11, so I got to see our national response framework from a very high level,” she says.
Data Breach Today
SEPTEMBER 14, 2018
Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era. Reports of data breaches continue to increase and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, CTO of Betterworks, will explore a practical framework to transform Generative AI prototypes into
Krebs on Security
SEPTEMBER 12, 2018
The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. Here’s a look at what’s coming, and the potential security and privacy trade-offs of trusting the carriers to handle online authentication on your behalf.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
SEPTEMBER 14, 2018
In March 2018, the city of Atlanta fell victim to a ransomware attack that shut down its computer network. City agencies were unable to collect payment. Police departments had to handwrite reports. Years of data disappeared. Related: Political propaganda escalates in U.S. The attack also brought cybersecurity to the local level. It’s easy to think of it as a problem the federal government must address or something that enterprises deal with, but cybersecurity has to be addressed closer to home,
Data Breach Today
SEPTEMBER 13, 2018
Taxi Driver Turned Hacker Is Serving 7-Year Prison Sentence in His Home Country A Romanian court has ruled that the notorious hacker "Guccifer," who discovered the existence of Hillary's Clinton's private email server, will be extradited to the U.S. to serve a 52-month prison sentence after he finishes serving a seven-year sentence in his home country.
AIIM
SEPTEMBER 12, 2018
This is the 12th post in a series on privacy by Andrew Pery. You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law.
John Battelle's Searchblog
SEPTEMBER 9, 2018
At dinner last night with my wife and our 14 year-old daughter, I noticed a circular table of four teenage girls eating alone. They were about the same age as my daughter, who wasn’t exactly thrilled to be stuck with her parents as company on her first weekend of the school year. As we ate, I paid attention to the group’s dynamics, imagining them to be a possible reflection of what my daughter would be doing once she started going out alone with friends in New York City.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
Schneier on Security
SEPTEMBER 14, 2018
Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length.
Data Breach Today
SEPTEMBER 14, 2018
The latest edition of the ISMG Security Report features an analysis of a new Government Accountability Office report on the causes of last year's massive Equifax breach. Also: An update on the role of tokenization in protecting payments.
AIIM
SEPTEMBER 11, 2018
We once had an IT person who worked for us who took a page out of the old Saturday Night Live routine, Nick Burns -- Your Company’s Computer Guy , who guarantees to “fix your computer and then make fun of you.”. When one of us would bring to light an error that was obviously our fault, this fellow would confidently pronounce, “That looks like a user ID-10-T error,” at which point we would slink off, afraid to acknowledge that we didn’t know what an ID10T error was.
Troy Hunt
SEPTEMBER 11, 2018
Here's how it normally plays out: It all begins when a company pops up online and makes some sort of ludicrous statement related to their security posture, often as part of a discussion on a public social media platform such as Twitter. Shortly thereafter, the masses descend on said organisation and express their outrage at the stated position. Where it gets interesting (and this is the whole point of the post), is when another group of folks pop up and accuse the outraged group of doing a bit o
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Thales Cloud Protection & Licensing
SEPTEMBER 12, 2018
The Internet of Things (IoT) is rapidly growing and expected to affect all industry verticals as well as our private lives. It is no secret that security plays a very important part in the successful deployment and management of this technology, and its applications are set to transform the way we live and do business. In this blog, we reached out to our technology partner Nexus to better understand the challenges that the industry faces to ensure safe deployment and management of IoT technologi
Data Breach Today
SEPTEMBER 13, 2018
New Apple Watch ECG Function Raises Risk Management Issues The new Apple Watch 4, which includes a sensor that can conduct an electrocardiogram, spotlights the emergence of consumer apps that appear to cross over into the territory of medical devices, raising potential cybersecurity concerns.
Hunton Privacy
SEPTEMBER 11, 2018
On September 4, 2018, the Department of Commerce’s National Institute of Standards and Technology (“NIST”) announced a collaborative project to develop a voluntary privacy framework to help organizations manage privacy risk. The announcement states that the effort is motivated by innovative new technologies, such as the Internet of Things and artificial intelligence, as well as the increasing complexity of network environments and detail of user data, which make protecting individuals’ privacy m
IT Governance
SEPTEMBER 12, 2018
Last week it was announced that the personal and financial details of 380,000 British Airways customers had been stolen by cyber criminals. The latest news reports claim that the cause of the data breach has been identified by a RiskIQ researcher, who has analysed the code from BA’s website and app. They say that there is evidence of a “skimming” script designed to scrape data from online payment forms.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
SEPTEMBER 13, 2018
New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. A team of experts from cybersecurity firm F-Secure has discovered security flaws affecting firmware in modern computers that could be exploited by hackers to carry out cold boot attacks and recover sensitive data from the memory of the affected machines.
Data Breach Today
SEPTEMBER 14, 2018
Researcher Finds Intel's Previous Management Engine Patches Weren't Foolproof Intel has had a challenging time of late on the vulnerability front. It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. The problem was a repeat of one that Intel patched just least year.
Schneier on Security
SEPTEMBER 11, 2018
This is really interesting research: " BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid ": Abstract : We demonstrate that an Internet of Things (IoT) botnet of high wattage devices-such as air conditioners and heaters-gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid. In particular, we reveal a new class of potential attacks on power grids called the Manipulation of demand via IoT (MadIoT) attacks that can leverage such a bot
IT Governance
SEPTEMBER 10, 2018
Anyone who is working on a compliance project, whether for the EU GDPR (General Data Protection Regulation) or ISO 27001 certification, will understand how time-consuming, complex and lengthy the process can be. Simplify and accelerate your compliance project and alleviate some of the stress – book a free demo to see how Vigilant Software’s tools can help you and your project at any stage. vsRisk.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
National Archives Records Express
SEPTEMBER 14, 2018
Our post on Tuesday reminded Federal agencies of the resources available to them to handle a records emergency. This remains especially relevant as Hurricane Florence makes landfall in North Carolina. We want to take this opportunity to highlight one of the resources mentioned in the post. We are pleased to announce a new edition of NARA’s Essential Records Guide (August 2018), formerly known as the Vital Records Guide.
Data Breach Today
SEPTEMBER 11, 2018
76-Day Breach Slowly Exfiltrated Data From 51 Databases, GAO Report Reveals A newly released report from the U.S. Government Accountability Office on the massive 2017 Equifax data breach provides a postmortem look at what went wrong, centering on the credit bureau's identification, detection, segmentation and data governance, as well as a failure to rate-limit database requests.
Security Affairs
SEPTEMBER 12, 2018
Security experts from Trend Micro have spotted a new strain of ransomware involved in attacks in July and August, the malicious code was posing as the Locky ransomware. Researchers at Trend Micro have detected a new ransomware family, dubbed PyLocky, that was used in attacks between July and August, the malware was posing as the Locky ransomware using its ransom note.
IT Governance
SEPTEMBER 11, 2018
Data from Lloyds Bank has revealed a 58% increase in BEC (business email compromise) attacks in the year to date. It is important to note that the “true scale of the problem is likely to be much larger” as this is only reported fraud. Key findings. The average loss to a commercial customer is £27,000. One in five victims has had to make redundancies because of the financial impact.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
Data Matters
SEPTEMBER 11, 2018
In the months following director William Hinman’s noteworthy speech on whether and when a digital asset is subject to securities laws, U.S. regulators have continued their stern warnings regarding the importance of compliance with the securities laws. This post highlights three important regulatory updates: On August 14, 2018, the Securities and Exchange Commission (SEC or Commission) issued an administrative order, In the Matter of Tomahawk Exploration LLC and David Thompson Laurance , takin
Data Breach Today
SEPTEMBER 10, 2018
GDPR Privacy Law Lets Breach Victims Seek 'Non-Material Damage' Compensation British Airways has been threatened with a class-action lawsuit in U.K. court after warning that a hacker stole payment card data associated with 380,000 transactions. A law firm says that under GDPR, the airline should compensate victims for "inconvenience, distress and misuse of their private information.
Security Affairs
SEPTEMBER 13, 2018
Experts discovered several flaws in Fuji Electric V-Server, a tool that connects PCs within the organizations to Industrial Control Systems (ICS). Experts discovered several vulnerabilities in Fuji Electric V-Server, a tool that connects PCs within the organizations to Industrial Control Systems (ICS) on the corporate network. The ICS-CERT published two advisories to warn of the existence of the flaws that could have a severe impact on a broad range of companies in the critical manufacturing sec
Expert insights. Personalized for you.
226 
Let's personalize your content