July, 2017

article thumbnail

How to Deploy Your Own Algo VPN Server in the DigitalOcean Cloud

Lenny Zeltser

When analyzing malware or performing other security research, it’s often useful to tunnel connections through a VPN in a public cloud. This approach helps conceal the analyst’s origin, contributing to OPSEC when interacting with malicious infrastructure. Moreover, by using VPN exit nodes in different cities and even countries, the researcher can explore the target from multiple geographic vantage points, which sometimes yields additional findings.

Cloud 111
article thumbnail

Understanding how people use private browsing

Elie

This post looks at how and why people are using the private browsing mode. Private Browsing. , also known as. InPrivate. in Internet Explorer and. Incognito mode. in Google Chrome, is a special mode where the browser doesn’t record the browsing activity on the local device. The promise made to the user is that when the private windows are closed, no trace will be left on the computer.

Paper 103
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Get five helpful RIM guides in TAB’s latest resource booklet

TAB OnRecord

TAB recently published a booklet containing several helpful resources relating to records and information management. In one convenient PDF document, this booklet covers several pressing topics, including: how to implement RIM software, document imaging, and mergers and acquisitions. You can download the booklet here. Here is a run-down of what you will find in the… Read More.

article thumbnail

Article 29 Working Party Releases Opinion on Data Processing at Work

Hunton Privacy

The Article 29 Working Party (“Working Party”) recently issued its Opinion on data processing at work (the “Opinion”). The Opinion, which complements the Working Party’s previous Opinion 08/2001 on the processing of personal data in the employment context and Working document on the surveillance of electronic communications in the workplace, seeks to provide guidance on balancing employee privacy expectations in the workplace with employers’ legitimate interests in processing employee data.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

“No Harm, No Foul”: Court Denies Motion for Spoliation Sanctions Pursuant to Rule 37(e)

eDiscovery Law

Snider v. Danfoss, LLC, 15 CV 4748, 2017 WL 2973464 (N.D. Ill. July 12, 2017). In this case, the court addressed Plaintiff’s request for sanctions for Defendant’s failure to preserve emails and, concluding the information did “not appear to be relevant” and that Plaintiff was not prejudiced, denied Plaintiff’s motion for sanctions: Federal Rule of Civil Procedure 37(e) incorporates the long-standing legal principle embodied in the phrase used on basketball courts everyday across the countr

IT 58

More Trending

article thumbnail

HHS Issues Quick Response Cyber Attack Checklist

Privacy and Cybersecurity Law

Last month, after the WannaCry ransomware attack infected 230,000 computers in 150 countries, the US Department of Health and Human […].

article thumbnail

Attacking encrypted USB keys the hard(ware) way

Elie

Ever wondered if your new shiny AES hardware-encrypted USB device really encrypts your data - or is just a fluke? If you have, come to our talk to find out if those products live up to the hype and hear about the results of the audit we conducted on multiples USB keys and hard drives that claim to securely encrypt data. In this talk, we will present our methodology to assess "secure" USB devices both from the software and the hardware perspectives.

article thumbnail

5 Signs You Need to Go Paperless

Archive Document Data Storage

Perhaps you’ve considered going paperless for months, but procrastination has led to inaction. Or maybe you’re just ignoring important indicators that point to the inefficiency of your paper-based system. Here are five signs it may be time to go paperless: 1. Your File Cabinets Aren’t Opening. Nothing is more frustrating than not being able to open a filing cabinet drawer because it’s overstuffed with documents.

Paper 49
article thumbnail

CNIL Extends Scope of Authorization on Whistleblowing Schemes

Hunton Privacy

On July 25, 2017, the French Data Protection Authority (“CNIL”) published their decision on the adoption of several amendments to its Single Authorization AU-004 regarding the processing of personal data in the context of whistleblowing schemes (the “Single Authorization”). The amendments reflect changes introduced by French law on December 9, 2016, regarding transparency, the fight against corruption and the modernization of the economy, also known as the “Sapin II Law.”.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Red Teaming Your Information Governance Program

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. (The content in this blog reflects the opinions of the author, and not of Brandeis University.). About Red Teaming. Have you deliberately challenged your own program plans and procedures recently? With a book on the topic, Bryce Hoffman defines red teaming as: “ a… way to stress-test strategies, flush out unseen threats and missed opportunities, and execute more successfully….

article thumbnail

Court Compels Production of Documents Withheld as Nonresponsive, Orders Requesting Party to Bear Costs of Re-Review

eDiscovery Law

Nachurs Alpine Sols. Corp. v. Banks, No. 15-CV-4015-LTS, 2017 WL 2918979 (N.D. Iowa July 7, 2017). In this case, Defendants identified a number of potentially responsive documents by conducting a search with court-approved terms. Upon review of those documents, many were withheld from production as nonresponsive. When Plaintiff sought to compel production of additional documents it suspected were relevant, the court granted the request, but shifted the burden of reviewing the withheld documents

IT 45
article thumbnail

HHS Issues Quick Response Cyber Attack Checklist

Privacy and Cybersecurity Law

Last month, after the WannaCry ransomware attack infected 230,000 computers in 150 countries, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a “ Quick-Response Checklist ” for HIPPA covered entities and business associates to follow when responding to a ransomware attack or other “cyber-related security incident,” as that phrase is defined under the HIPAA Security Rule. 45 C.F.R. 164.304.

Privacy 49
article thumbnail

How we created the first SHA-1 collision and what it means for hash security

Elie

In February 2017, we announced the first SHA-1 collision. This collision combined with a clever use of the PDF format allows attackers to forge PDF pairs that have identical SHA-1 hashes and yet display different content. This attack is the result of over two years of intense research. It took 6500 CPU years and 110 GPU years of computations which is still 100,000 times faster than a brute-force attack.

IT 63
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Fun and Interactive Ways to Raise Awareness about the GDPR within your Organisation

Archive Document Data Storage

Education, education, education. Yes, educating staff about the GDPR and raising awareness is the all-important step that will unite your organisation and team members in the GDPR fight for survival! The key is to get everyone on board, from the company directors all the way through to your suppliers or any party with a valued interest in your organisation.

GDPR 45
article thumbnail

Belgian Privacy Commission Issues Recommendation on Internal Records Under the GDPR

Hunton Privacy

This post has been updated. . The Belgian Privacy Commission (the “Belgian DPA”) recently released a Recommendation (in French and Dutch ) regarding the requirement to maintain internal records of data processing activities (the “Recommendation”) pursuant to Article 30 of the EU General Data Protection Regulation (“GDPR”). The Recommendation aims to provide guidance to data controllers and data processors in establishing and maintaining internal records by May 25, 2018.

GDPR 58
article thumbnail

Insurers’ top trends and priorities: A look at CGI’s 2017 Voice of Our Clients findings (part 1)

CGI

Insurers’ top trends and priorities: A look at CGI’s 2017 Voice of Our Clients findings (part 1). harini.kottees…. Mon, 07/31/2017 - 05:30. Every year, CGI meets in-person with clients across the globe to get a pulse on their top trends and priorities to understand their challenges and opportunities, especially as the urgency to become digital organizations continues to accelerate across industries.

article thumbnail

A Record Center Is Not An Archives: Dispatches from a ARM sector change

The Schedule

Welcome back from SAA! Or, if like me, you were #saaleftbehind, welcome back from the weekend, I guess. I’ve been pretty quiet on The Schedule for a while; part of that has been my natural tendency to fall behind on blog posts, but the other part has been this: That’s right! In case you missed it on social media or in the MAC Newsletter, I have left my position of 10 years as University Records Archivist at UWM and moved across town to become the Records Officer and Document Services Manager for

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Defence as the best form of attack

MIKE 2.0

The global economy is powered by business innovation with small and large organisations alike inventing the future for us all. The rapid rate of change brings both opportunities and threats with recent cyber events acting as a wake-up call. Far from being afraid, we should be reminded that we need to design businesses to operate and even thrive in unexpected circumstances.

article thumbnail

Tracking desktop ransomware payments end to end

Elie

A niche term just two years ago, ransomware has rapidly risen to fame in the last year, infecting hundreds of thousands of users, locking their documents, and demanding hefty ransoms to get them back. In doing so, it has become one of the largest cybercrime revenue sources, with heavy reliance on Bitcoins and Tor to confound the money trail. In this talk, we demonstrate a method to track the ransomware ecosystem at scale, from distribution sites to the cash-out points.

article thumbnail

Why we need long-term thinking for long-term records

Preservica

Regardless of the sector you work in, there’s a tendency for users and managers to focus exclusively on the short-term. This sometimes means that we lose opportunities to act in our long-term interest. Here’s why we need to think long-term and take action to protect critical digital records: Maintaining perspective. As records management professionals, we’re still fighting the thorny issue of getting people to pay attention in the normal course of business operations to records that need care an

article thumbnail

CNIL Fines Rental Car Company for Data Security Failure Attributable to Third-Party Service Provider

Hunton Privacy

On July 27, 2017, the French Data Protection Authority (“CNIL”) imposed a fine of €40,000 on a French affiliate of the rental car company, The Hertz Corporation, for failure to ensure the security of website users’ personal data. On October 15, 2016, the CNIL was informed of the existence of a security incident which resulted in the compromise of personal data on a French website related to Hertz France’s discount program.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

US Coast Guard Releases Draft Cybersecurity Guidelines

Data Protection Report

On July 11, 2017, the US Coast Guard (USCG) and the Department of Homeland Security (DHS) proposed new cybersecurity draft guidelines for Maritime Transportation Security Act (MTSA) regulated facilities. The guidelines follow the White House’s May 2017 Executive Order to strengthen the cybersecurity of critical infrastructure. The draft guidelines are open for public comment until September 11, 2017.

article thumbnail

Digitisation: Driving better user experiences of the justice system

CGI

Digitisation: Driving better user experiences of the justice system. ravi.kumarv@cgi.com. Tue, 07/18/2017 - 03:00. The Police Foundation, the UK’s only independent think tank to concentrate exclusively on policing and crime reduction, is working with CGI to investigate the transformative potential of digital in the justice system, and above all to consider how digital can change the experience of witnesses, victims and the public for the better.

article thumbnail

RFID Market – Global Forecast to 2023

RFID Global Solution, Inc.

MarketsandMarkets June 2017 Driven by lower prices of radio-frequency identification (RFID) tags, and increasing penetration of RFID technology in various industries, the RFID market is likely to witness high growth in coming years. The RFID market was valued at USD 16.95 Billion in 2016 and is expected to grow at a CAGR of 7.7% between … RFID Market – Global Forecast to 2023 Read More ».

article thumbnail

Understanding how people use private browsing

Elie

In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Request for information: RM bibliography

The Schedule

As Beth Cron posted last December , the Records Management Section steering committee has been working to update the Records and Information Bibliography that was first published in 2008. We chose to make this new version accessible through Zotero so it can be more dynamic and collaborative. This is where you come in: we’d like to invite volunteers who can assist us with revisions.

article thumbnail

CJEU Declares Envisaged EU-Canada Data Transfer Agreement Incompatible with EU Law

Hunton Privacy

On July 26, 2017, the Court of Justice of the European Union (“CJEU”) declared that the envisaged EU-Canada agreement on the transfer of Passenger Name Records (“PNR Agreement”) interferes with the fundamental right to respect for private life and the right to the protection of personal data and is therefore incompatible with EU law in its current form.

article thumbnail

Hong Kong Company Director Convicted Under Personal Data (Privacy) Ordinance

Data Protection Report

A director of a Hong Kong company has been convicted of an offence under the Personal Data (Privacy) Ordinance (“PDPO”). This is the first conviction of its type under the PDPO since the law came into effect in 1996, confirming the potential for directors’ liability under the law. In this case , a director of an employment agency failed to comply with a summons issued by the Office of the Privacy Commissioner (“PCPD”) to provide information requested by the PCPD in the context of an investigatio