August, 2016

article thumbnail

Thinking Through The Password Expiration Discussion

PerezBox

The most intriguing debate to come out of last weeks security conferences in Vegas stems from a presentation by FTC Chief Technologist Lorrie Cranor at PasswordsCon 2016, part of the BSides security conference in Las. Read More. The post Thinking Through The Password Expiration Discussion appeared first on PerezBox.

article thumbnail

WhatsApp Updates Privacy Policy to Share Information with Facebook

Hunton Privacy

On August 25, 2016, WhatsApp announced in a blog post that the popular mobile messaging platform updated its Terms of Service and Privacy Policy to permit certain information sharing with Facebook. After Facebook acquired WhatsApp in 2014, the Director of the FTC’s Bureau of Consumer Protection wrote a letter to both Facebook and WhatsApp that discussed the companies’ obligations to honor privacy statements made to consumers in connection with the acquisition.

Privacy 58
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Case Study: LEGIT_00004

ForAllSecure

LEGIT_00004 was a challenge from Defcon CTF that implemented a file system in memory. The intended bug was a tricky memory leak that the challenge author didn't expect Mayhem to get. However, Mayhem found an unintended null-byte overwrite bug that it leveraged to gain arbitrary code execution. We heard that other teams noticed this bug, but thought it would too hard to deal with.

IT 52
article thumbnail

DB2 for z/OS: Clearing Up Some Matters Pertaining to Database Access Threads

Robert's Db2

I have recently received a number of questions pertaining to DB2 for z/OS database access threads, or DBATs. DBATs are threads used in the execution of SQL statements that are sent to DB2 from network-attached applications (i.e., from DRDA requesters that access DB2 for z/OS by way of DB2's distributed data facility, also known as DDF). Thinking that these questions (and associated answers) might be of interest to a good many people in the DB2 for z/OS community, I'm packaging them in this blog

Access 48
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

What are malicious usb keys and how to create a realistic one?

Elie

In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.

More Trending

article thumbnail

New White Paper Published

Getting Information Done

Not if, But When You Get Hacked: Measuring and Proactively Managing Information Risk If this is true, then what are organizations to do? These increased cyber security threats corporations face today is a big concern for Board members and CEOs. The Chief Information Security Officer (CISO) along with help from the Chief Privacy Officer, General Counsel (GC), and CIO are tasked with keeping the company safe and addressing this risk.

Paper 40
article thumbnail

OCR Settles Largest HIPAA Violation Against a Single Covered Entity

Hunton Privacy

On August 4, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into a resolution agreement with Advocate Health Care Network (“Advocate”), the largest health care system in Illinois, over alleged HIPAA violations. The $5.5 million settlement with Advocate is the largest settlement to date against a single covered entity.

Risk 53
article thumbnail

Mayhem Wins DARPA CGC

ForAllSecure

Mayhem is a fully autonomous system for finding and fixing computer security vulnerabilities.On Thursday, August 4, 2016, Mayhem competed in the historical DARPA Cyber Grand Challenge against other computers in a fully automatic hacking contest.and won. The team walked away with $2 million dollars, which ForAllSecure will use to continue its mission to automatically check the world's software for exploitable bugs.

article thumbnail

The Ashley Madison Breach: Canada-Australia Report of Investigation and Takeaways for all Organizations

Privacy and Cybersecurity Law

On August 23, 2016, the Office of the Privacy Commissioner of Canada (OPC) released its joint report with the Office […].

Privacy 40
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Access all archives – unlocking the value of digital collections

Preservica

A look back at Archives*Records 2016 and an insightful week in digital preservation. Last week the Preservica team descended on Atlanta for Archives*Records 2016 , a conference that brings together members of the Society for American Archivists (SAA) and the Council of State Archivists (CoSA), totalling over 1,500 from the archival community across the US and beyond.

article thumbnail

Baltimore SharePoint User's Group Presentation

JKevinParker

Last night I had the privilege of speaking at the Baltimore SharePoint User's Group. I really enjoyed the interaction with these professionals. Get the slides from my presentation on "Don't Make Me Think: Getting SharePoint to be Useful, Usable, and Used": Don't Make Us Think: Getting SharePoint to be Useful, Usable, and Used from Kevin Parker, CIP.

40
article thumbnail

Improving efficiency and accountability in emergency funding programs

CGI

Améliorer l’efficacité et la responsabilisation des programmes de financement d’urgence. Anonymous. Tue, 08/16/2016 - 06:45. Les situations d’urgence, qu’elles soient d’origine naturelle ou provoquées par l’homme, nuisent considérablement aux collectivités de l’ensemble de la planète. Aux États-Unis, ces événements ont pris la forme d’ouragans destructeurs, d’inondations, de désastres environnementaux et même de crises économiques.

40
article thumbnail

China Enacts E-Hailing Regulation to Protect Driver and Passenger Data

Hunton Privacy

Last month, the People’s Republic of China’s Ministry of Transportation, Ministry of Industry and Information Technology and six other administrative departments jointly published the Interim Measures for the Administration of Operation and Services of E-hailing Taxis (the “Measures”). E-hailing is an increasingly popular business in China and has already become a compelling alternative to the traditional taxi.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Case Study: LEGIT_00004

ForAllSecure

LEGIT_00004 was a challenge from Defcon CTF that implemented a file system in memory. The intended bug was a tricky memory leak that the challenge author didn't expect Mayhem to get. However, Mayhem found an unintended null-byte overwrite bug that it leveraged to gain arbitrary code execution. We heard that other teams noticed this bug, but thought it would too hard to deal with.

IT 40
article thumbnail

Office of the Privacy Commissioner of Canada discusses its investigation against Compu-Finder

Privacy and Cybersecurity Law

The Office of the Privacy Commissioner of Canada (OPC) recently hosted a knowledge session to stakeholders to discuss its recent […].

Privacy 40
article thumbnail

Lack of long-term strategy puts vital digital information at risk

Preservica

Did you know that while 97% of information professionals understand the need for a specialised approach to preserving their digital information, only 12% are storing their files in systems specifically designed to ensure long-term protection and access? This gap has significant global, economic and societal implications. Preservica partnered with the Information Governance Initiative (IGI) think tank to carry out new research into organisations’ long-term digital preservation strategy, and it re

article thumbnail

Free Virtual Information Symposium 8/18

JKevinParker

My friends at Information Coalition are putting on a FREE Information Symposium on August 18. Register here for FREE: [link].

40
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Final IRRBB regulations: Their implications and challenges

CGI

Final IRRBB regulations: Their implications and challenges. narmada.devarajan. Wed, 08/10/2016 - 06:32. The Basel Committee on Banking Supervision (BCBS) recently published final interest rate risk in the banking book (IRRBB) regulations. As defined by the BCBS, “IRRBB refers to the current or prospective risk to the bank’s capital and earnings arising from adverse movements in interest rates.

Risk 40
article thumbnail

China’s State Administration for Industry and Commerce Publishes Draft Regulations on the Protection of Consumer Rights

Hunton Privacy

The State Administration for Industry and Commerce of the People’s Republic of China published a draft of its Implementing Regulations for the P.R.C. Law on the Protection of the Rights and Interests of Consumers (the “Draft”) for public comment. The draft is open for comment until September 5, 2016. The Draft reiterates the requirements under the law that business operators must follow the principles of legitimacy, rightfulness and necessity when they collect and use the personal information of

article thumbnail

CASE STUDY: LEGIT_00004

ForAllSecure

LEGIT_00004 was a challenge from Defcon CTF that implemented a file system in memory. The intended bug was a tricky memory leak that the challenge author didn't expect Mayhem to get. However, Mayhem found an unintended null-byte overwrite bug that it leveraged to gain arbitrary code execution. We heard that other teams noticed this bug, but thought it would too hard to deal with.

IT 40
article thumbnail

Impact of the European General Data Protection Regulation (GDPR) on Adequacy and 5 Tips to Weather the Changes

Privacy and Cybersecurity Law

Recent media coverage has brought to light the internal deliberations of the Government of Canada regarding the possible impact of […].

GDPR 40
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

OMB Updates Federal Information Management Policies

Hunton Privacy

The Office of Management and Budget (“OMB”) recently issued updates to Circular A-130 covering the management of federal information resources. OMB revised Circular A-130 “to reflect changes in law and advances in technology, as well as to ensure consistency with Executive Orders, Presidential Directives, and other OMB policy.” The revised policies are intended to transform how privacy is addressed across the branches of the federal government.

Privacy 45
article thumbnail

Lisa Sotto Speaks on Cybersecurity: Evolution of the Practice (Part 2)

Hunton Privacy

As we previously reported , Lisa J. Sotto , partner and head of Hunton & Williams LLP’s Global Privacy and Cybersecurity practice group, spoke at Bloomberg Law’s Second Annual Big Law Business Summit on changes in the privacy and security legal landscape. In Part 2 of her discussion, Lisa speaks about the evolution of privacy laws over the years.

article thumbnail

Lisa Sotto Speaks on Cybersecurity: Changes in Legal Landscape (Part 1)

Hunton Privacy

Lisa J. Sotto , partner and head of Hunton & Williams LLP’s Global Privacy and Cybersecurity practice group, recently spoke at Bloomberg Law’s Second Annual Big Law Business Summit. In Part 1 of the panel discussion, Lisa describes the dramatic changes in the legal landscape of privacy over the last 10 to 15 years, discussing the emergence of privacy laws such as “the Gramm-Leach-Bliley Act for the financial sector, HIPAA for the health care sector and…of course, the local implementation of

article thumbnail

China Publishes Regulation on the Use of Resident Identity Cards

Hunton Privacy

Recently, the People’s Republic of China’s Ministry of Public Security, the National Development and Reform Commission and six other administrative departments jointly published the Announcement on Regulating the Administration of the Use of Resident Identity Cards (the “Announcement”). The Announcement came into effect on July 15, 2016, the date of its issuance.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

AIG Launches Cyber-BI and PD Policy

Hunton Privacy

As reported in the Hunton Insurance Recovery Blog , insurance-giant American International Group (“AIG”) announced that it will be the first insurer to offer standalone primary coverage for property damage, bodily injury, business interruption and product liability that results from cyber attacks and other cyber-related risks. According to AIG, “Cyber is a peril [that] can no longer be considered a risk covered by traditional network security insurance product[s].

article thumbnail

Case Study: LEGIT_00004

ForAllSecure

LEGIT_00004 was a challenge from Defcon CTF that implemented a file system in memory. The intended bug was a tricky memory leak that the challenge author didn't expect Mayhem to get. However, Mayhem found an unintended null-byte overwrite bug that it leveraged to gain arbitrary code execution. We heard that other teams noticed this bug, but thought it would too hard to deal with.

IT 40
article thumbnail

Next-generation connected cars require a solid security foundation

CGI

Next-generation connected cars require a solid security foundation. shobana.lv@cgi.com. Wed, 08/10/2016 - 02:05. Connected cars demand the same level of attention as any other feature of a company’s network. In the past, a car’s electronic control systems were always internal, so there was no need to think about the communications happening outside the car.