Security Affairs

OCTOBER 8, 2021

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing 277

Phishing Military Government Security 277

Krebs on Security

SEPTEMBER 17, 2020

That story cited a 2007 report (PDF) from iDefense , which detailed DaiLin’s role as the leader of a state-sponsored, four-man hacking team called NCPH (short for Network Crack Program Hacker). ” At the time of story, DaiLin was 28 years old. Chengdu404’s offices in China. Image: DOJ.

Government 363

Government Mining Big data Phishing 363

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” IoT risk must be taken seriously.

IoT 244

IoT Military Access Education 244

Security Affairs

JANUARY 15, 2021

The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. Attacks on software developers are especially dangerous for the risk they pose to end users, as already happened in the well-known cases of CCleaner and ASUS. ” concludes the report.

Healthcare 273

Healthcare Archiving Information Security Security 273

Krebs on Security

FEBRUARY 7, 2024

The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. “Hiding with purely technical parameters will not help in a serious matter,” Djamix advised Maza members in September 2007.

Military 319

Military IT Communications Risk 319

Hunton Privacy

JULY 9, 2020

Additionally, high risk processing activities also trigger the requirement for a controller to carry out a DPIA. Data subjects also must be notified if the breach is likely to result in a high risk to their security or rights. On July 1, 2020, the Dubai International Financial Centre (“DIFC”) Data Protection Law No.

Personal data 127

Personal data GDPR Data breaches Compliance 127

Collibra

MAY 16, 2022

Consider the examples from our peer industries: Operational Risk. For financial services, data governance found its roots in risk. As CROs prioritized Operational Risk post the 2007 financial crisis, those leaders also looked to centralized thought like the Basel Accords.

Government 105

Government Risk Financial Services Access 105

ChiefTech

JANUARY 12, 2008

service model risk blown away - Google and Postini I noticed in this case study about a law firms decision to pick Google Apps for email and collaboration over Microsoft Exchange or IBM Lotus Domino , that they mention Google has acquired a company called Postini (actually back last year ). Please seek advice for specific circumstances.

Risk 40

Risk Records Management Consumer Services Compliance 40

eSecurity Planet

AUGUST 13, 2021

Developed by the SANS Institute in 2007, SIFT works on 64-bit OS, automatically updates the software with the latest forensic tools and techniques, and is a memory optimizer. The first version of Volatility was launched at Black Hat and DefCon in 2007 and based its services around academic research into advanced memory analysis and forensics.

e-Discovery 139

e-Discovery Computer and Electronics Marketing Compliance 139

eSecurity Planet

SEPTEMBER 16, 2021

OWASP security researchers have updated the organization’s list of the ten most dangerous vulnerabilities – and the list has a new number one threat for the first time since 2007. The number one security risk is no longer injection. A New Top Vulnerability. 34 CWEs are mapped to broken access control.

Authentication 132

Authentication Access Security Security awareness 132

The Last Watchdog

APRIL 1, 2020

Here are key takeaways: Storage efficiencies With so much data coursing through business networks, companies would be wise to take into consideration the value vs. risk proposition of each piece of data, Lahiri says. The value of data connected to a live project is obvious. Egnyte is in a good position to champion the cause.

Government 149

Government Cybersecurity Archiving Access 149

The Texas Record

OCTOBER 6, 2021

Check out the RMA unit’s website from 2007 —a true blast from the past! Do you remember what Google’s search page looked like in 2007 ? Detailed specifications for this file format can be found on the LOC’s Digital Formats Library. Wayback Machine. The Wayback Machine remembers.

Archiving 98

Archiving Records Management Libraries Metadata 98

Schneier on Security

JUNE 8, 2021

This is just one of many risks to our normal civilian computer supply chains. And since military software is vulnerable to the same cyberattacks as commercial software, military supply chains have many of the same risks. This is not speculative. A 2018 GAO report expressed concern regarding the lack of secure and patchable U.S.

Military 145

Military Cybersecurity Communications Manufacturing 145

ChiefTech

MAY 20, 2007

Sunday, 20 May 2007 Case Study: Success at Ernst & Young's Center for Business Knowledge I wrote this case study, Online Collaboration Tools, Knowledge Managers, and a Cooperative Culture , in 2003 while working at Ernst & Young in Sydney, Australia, as the Ernst & Young Online Program Manager for Asia. . ©2005-2009.

Paper 46

Paper Archiving Risk IT 46

ChiefTech

DECEMBER 5, 2007

Technorati tags: CMS Watch , Microsoft SharePoint 2007 , MOSS 2007 , Gartner , Intranets at 5:42 PM View blog reactions 3comments: Alex Manchester said. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances. More on this another time.

CMS 40

CMS Paper Archiving Compliance 40

eSecurity Planet

JULY 28, 2021

Founded in 2007, Guardtime is a network security company that specializes in deploying distributed, virtualized machines built to execute tasks with cryptographic proofs of correctness. Mitigating risk of false key propagation and identity theft. Risk of compromise. Cryptocurrency Risks for Coins. Block Armour.

Blockchain 136

Blockchain Cybersecurity Energy and Utilities IoT 136

ChiefTech

JANUARY 29, 2007

Tuesday, 30 January 2007 Conscientious Objector Following on from the initial challenge , here are responses from Euan Semple , Gerry Dowles (sic) Jerry Bowles and Kathleen Gilroy. . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

Paper 40

Paper Archiving Risk IT 40

ChiefTech

JANUARY 29, 2007

Tuesday, 30 January 2007 Enterprise 2.0 into a context that they can understand and relate to it in terms of change management, transformation complexity, risks and opportunities and so forth. . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

Paper 40

Paper Archiving Marketing Risk 40

AIIM

SEPTEMBER 25, 2018

“Robots are to blame for up to 670,000 lost manufacturing jobs between 1990 and 2007, [the paper] concluded, and that number will rise because industrial robots are expected to quadruple.” According to another paper, one published by Oxford in 2013, 47% of total US employment could be at risk.

Artificial Intelligence 116

Artificial Intelligence Paper Manufacturing Marketing 116

eDiscovery Daily

JANUARY 21, 2019

We talk a lot on this blog about the importance of metadata to provide additional useful information in discovery productions and help minimize the risk of fraud. Per Ars Technica , Cambria was designed no earlier than 2004, while Calibri was designed between 2002 and 2004; both only became widely available in 2007. ” Whoops.

Metadata 57

Metadata Education Communications Risk 57

ChiefTech

FEBRUARY 10, 2008

Does your organisation under the value, benefits and risks of collaborating on-line with you partners and clients? Have you implemented the appropriate IT systems to help minimise the risks your organisation is exposed to from on-line collaboration with your partners and customers? Please seek advice for specific circumstances.

Paper 40

Paper Archiving Risk Marketing 40

ChiefTech

FEBRUARY 28, 2007

Thursday, 1 March 2007 Biffo between IT, users and the extended enterprise Two sides of the current tension between enterprise IT and user-driven IT are represented in this post by Jeff Nolan and response from Mike Gotta. . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

IT 40

IT Government Paper Archiving 40

ChiefTech

JANUARY 24, 2007

But this will in turn create all sorts of risks. . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances. However, as weve seen with other social software applications it is the actual social nature of Web 2.0

Analytics 40

Analytics Paper Archiving Risk 40

ChiefTech

MARCH 20, 2007

Wednesday, 21 March 2007 Currently in Singapore Im currently in Singapore with no time to blog really, respond to comments or even keep up with my RSS feeds. One highlight of the day was to briefly meet Dave Snowden in person, who is here in Singapore for the International Risk Assessment & Horizon Scanning Symposium.

Computer and Electronics 40

Computer and Electronics Paper Archiving Cloud 40

ChiefTech

DECEMBER 16, 2007

Sunday, 16 December 2007 The Search for Application Perfection Back in 2004 I co-authored an article that asked, does the perfect intranet exist ? . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances.

Paper 40

Paper Archiving Risk IT 40

ChiefTech

OCTOBER 14, 2007

Monday, 15 October 2007 Is the term "wiki" no longer useful? I particularly concur with his comment about " overloading of wiki risks making the term no longer useful as descriptor of an editable web page, but rather confused as a general descriptor for an enterprise 2.0 . ©2005-2009. intranet overall. "

Paper 40

Paper Archiving IT Risk 40

ChiefTech

NOVEMBER 28, 2007

Wednesday, 28 November 2007 Living Information Systems Ive talked about spreadsheets in the past - they interest me as one of the earliest forms of user-generation applications so this article from Forrester , titled Ouch! . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

Paper 40

Paper Archiving Risk IT 40

ChiefTech

AUGUST 2, 2007

Friday, 3 August 2007 Don't use Enterprise Web 2.0 Also, on the issue of learning new software I think one of the challenges for champions driving the adoption of enterprise social software is to keep it simple - there is always the risk that once we introduce social software inside the firewall it will mutate from liteware to bloatware.

Paper 40

Paper Archiving Sales Marketing 40

ChiefTech

JUNE 8, 2007

Saturday, 9 June 2007 Enterprise 2.0? in Australia that the business community here really is quite risk adverse and conservative. . ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances. in Australia. inside the firewall.

IT 40

IT Paper Archiving Risk 40

Collibra

FEBRUARY 7, 2020

In 2007, the United States experienced the largest financial crash since The Great Depression. BCBS-239 called out banks for not doing enough to assuage risk and adhere to regulatory compliance. . BCBS-239 mandates a new reporting cycle in which overall risk reports are prepared quarterly. Let’s get technical .

Compliance 69

Compliance Risk Data structuring Marketing 69

ChiefTech

DECEMBER 7, 2007

Saturday, 8 December 2007 Do users want Facebook as their "intranet"? At a business and technology level, there is no doubt that operating a stratanet introduces a number of potential problems and risks, but nothing that is unsurpassable if Facebook (+ Microsoft ) and the business community decided to fix them.

IT 40

IT Risk Paper Archiving 40

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. AllegisCyber Investments. BVP Investments.

Cybersecurity 129

Cybersecurity Cloud Marketing Security 129

Security Affairs

MARCH 2, 2019

The structure of this stream is fully specified in Microsoft Office Excel 97-2007 – Binary File Format Specification. Shellcode injection is a major risk associated with XLM macros, leading to hard to detect in-memory attacks and various types of exploits and zero-day viruses being launched on the target system.

File names 274

File names Phishing Libraries IT 274

Hunton Privacy

APRIL 17, 2018

Notably, the Implementing Recommendations of the 9/11 Commission Act of 2007, codified at 6 U.S.C. Nevertheless, growing risks are leading to calls for mandatory oil and gas pipeline cybersecurity regulations. The CFATS Risk Based Performance Standard 8 outlines cybersecurity measures subject to DHS review during a CFATS inspection.

Cybersecurity 62

Cybersecurity Risk Compliance Security 62

John Battelle's Searchblog

FEBRUARY 26, 2012

Access and Accuracy : Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data is inaccurate. ? And now my “Data Bill of Rights” from 2007: - Data Portability. Data Editing.

Data Privacy 72

Data Privacy Privacy Personal data Data collection 72

eSecurity Planet

AUGUST 26, 2022

Today, both outsiders with the right social engineering skills and disgruntled personnel pose risks to sensitive data when network architectures fail to implement microsegmentation and advanced network traffic analysis (NTA). Threat and risk prioritization to inform administrator action and investigation. ExtraHop Networks.

Analytics 115

Analytics Cloud Artificial Intelligence Cybersecurity 115

IBM Big Data Hub

JUNE 1, 2023

The rule proposal would require US publicly traded companies to disclose annually how their businesses are assessing, measuring and managing climate-related risks. This would include disclosure of greenhouse gas emissions as a measure of exposure to climate-related risk.

Risk 56

Risk Analytics Marketing Government 56