The Last Watchdog

FEBRUARY 17, 2022

Data helps digital businesses make meaningful decisions and fast-track their growth in a global market so that companies that are skilled at harvesting data regularly and consistently tend to grow faster than those that only involve data scantily in making decisions. Related: Kaseya hack highlight supply-chain risks. This has made data extraction one of the most crucial aspects of what makes a company strive in today’s economy.

Access 228

Access Marketing Compliance Security 228

WIRED Threat Level

FEBRUARY 16, 2022

Mozilla’s privacy-heavy browser is flatlining. What it does next is crucial for the future of the web.

Privacy 99

Privacy IT Security 99

Dark Reading

FEBRUARY 16, 2022

Sensitive data stolen on US weapons development and deployment, product development, foreign partnerships, contracts, and more.

89

89

Krebs on Security

FEBRUARY 16, 2022

A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran.

Ransomware 242

Ransomware Sales Access Data breaches 242

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, CTO of Betterworks, will explore a practical framework to transform Generative AI prototypes into

Artificial Intelligence

Jamf

FEBRUARY 15, 2022

Learn how the partnership between Jamf Pro and Google BeyondCorp enables you to construct a compliance and security framework around end-user devices, blending Jamf’s device management with Google’s endpoint management security for a comprehensive, cloud-based, Zero Trust solution.

Cloud 143

Cloud Access Compliance Security 143

Hunton Privacy

FEBRUARY 16, 2022

On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta, the parent company of Facebook and Instagram, over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act (“CUBI”) and the Texas Deceptive Trade Practices Act (“DTPA”).

Privacy 132

Privacy IT Information Security Security 132

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists.

Ransomware 201

Ransomware Data breaches Encryption Passwords 201

Data Protection Report

FEBRUARY 14, 2022

Recent decisions out of the EU will impact the use of Google Analytics and similar non-European analytics services when targeting EU individuals, with the potential to put many organizations at risk of receiving GDPR fines. At issue was the transfer of personal data from the EU to the US through the use of Google Analytics. These decisions, like the Schrems decisions, make it clear that organizations must have a technical understanding of their data flows, with an emphasis on: (1) where the data

Analytics 128

Analytics GDPR Personal data IT 128

Troy Hunt

FEBRUARY 16, 2022

Continuing the march forward to provide governments with better access to their departments' data exposed in breaches , I'm very pleased to welcome the 28th national government onto Have I Been Pwned - New Zealand! They'll join the other govs around the world that have complete free access to breach information impacting their gov domains and TLDs.

Government 124

Government Access Security IT 124

Advertisement

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

Analytics

eSecurity Planet

FEBRUARY 15, 2022

Ransomware attacks on critical infrastructure and a surge in exploited vulnerabilities are getting the attention of U.S. cybersecurity agencies, which highlighted the threats in a pair of warnings issued in recent days. The FBI and U.S. Secret Service issued a detailed advisory on the BlackByte Ransomware as a Service (RaaS) group, which has attacked critical infrastructure industries in recent months, among them government, financial and food and agriculture targets.

Ransomware 117

Ransomware Encryption Agriculture Cybersecurity 117

Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8). Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel.

Security 116

Security Information Security IT 116

Schneier on Security

FEBRUARY 17, 2022

A reporter interviews a Uyghur human-rights advocate, and uses the Otter.ai transcription app. The next day, I received an odd note from Otter.ai, the automated transcription app that I had used to record the interview. It read: “Hey Phelim, to help us improve your Otter’s experience, what was the purpose of this particular recording with titled ‘Mustafa Aksu’ created at ‘2021-11-08 11:02:41’?”.

Government 116

Government IT 116

Data Protection Report

FEBRUARY 14, 2022

The French Data Protection Authority (the “ CNIL ”) continues its campaign against companies that do not respect the rules relating to cookies and other trackers, which the CNIL has previously reminded the market about in multiple communications and decisions. The CNIL has already issued four sets of formal notices to over 90 organizations of various sizes for non-compliance with the rules.

GDPR 114

GDPR Compliance Communications Personal data 114

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

IT Governance

FEBRUARY 17, 2022

If you’re serious about information security, you should consider gaining a Microsoft qualification. ISO 27001 is often considered the go-to qualification for information security professionals. But the changing way organisations operate means it’s becoming increasingly valuable to pair a strong understanding of the Standard with a Microsoft certification.

Cloud 109

Cloud Systems administration Information Security Security 109

Security Affairs

FEBRUARY 18, 2022

Iran-linked TunnelVision APT group is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. Researchers from SentinelOne have observed the potentially destructive Iran-linked APT group TunnelVision is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. TunnelVision’s TTPs overlap with the ones associated with Iran-linked nation-state actors Phosphorus , Charming Kitten and Nemesis Kitten.

Ransomware 114

Ransomware Security IT Information Security 114

Schneier on Security

FEBRUARY 15, 2022

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information from the CIA. No real details yet.

Data collection 113

Data collection 113

Hunton Privacy

FEBRUARY 18, 2022

On February 15, 2022, the French Data Protection Authority (the “CNIL”) published its enforcement priority topics for 2022. Each year, the CNIL conducts numerous investigations in response to complaints, data breach notifications and ongoing events, or based on previously established enforcement priorities. For 2022, the CNIL indicated that it will focus on three major strategic priorities: Direct Marketing.

Cloud 108

Cloud Data breaches GDPR Marketing 108

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Threatpost

FEBRUARY 17, 2022

On Tuesday, institutions central to Ukraine’s military and economy were hit with denial-of-service (DoS) attacks. Impact was limited, but the ramifications are not.

Military 110

Military Government Security 110

Micro Focus

FEBRUARY 16, 2022

Derek Britton, Director of Communications and Brand Strategy, discusses how to balance making the critical decisions about digital transformation in today’s economy. Few organizations of any size have ignored the importance of digital transformation. Many were forced to quickly implement fundamental digital transformation activities in order to survive the first waves of COVID-19.

Digital transformation 102

Digital transformation Communications 102

Data Matters

FEBRUARY 15, 2022

WEBINAR. REGISTER HERE. 12:00 p.m. PT / 3:00 p.m. ET. Sidley Senior Managing Associate Sheri Porath Rockwell (Chair, California Lawyers Association Privacy Law Section) and Stacey Gray, Director of Legislative Research & Analysis at the Future of Privacy Forum, will be leading a multi-session webinar series, CPRA Law + Tech , that focuses on the technologies and data practices at the heart of emerging state privacy legislation, including the California Privacy Rights Act (CPRA).

Data Privacy 88

Data Privacy Privacy Compliance 88

Daymark

FEBRUARY 15, 2022

On February 9, 2020, Infinidat rolled out some major enhancements to its InfiniGuard enterprise data protection platform. The announcement themes revolved around enhanced data protection, faster recovery and overall cyber resilience.

IT 101

IT Security 101

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

FEBRUARY 16, 2022

A group of five security vulnerabilities could lead to a range of bad outcomes for virtual-machine enthusiasts, including command execution and DoS.

Security 111

Security Cloud 111

Schneier on Security

FEBRUARY 16, 2022

Google’s Project Zero is reporting that software vendors are patching their code faster. tl;dr. In 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Project Zero. This is a significant acceleration from an average of about 80 days 3 years ago. In addition to the average now being well below the 90-day deadline, we have also seen a dropoff in vendors missing the deadline (or the additional 14-day grace period).

Security 100

Security IT 100

Data Matters

FEBRUARY 14, 2022

Data is the fuel for software development, and developers use historical data from existing products to train algorithms and build AI and machine learning models. Companies are well aware of privacy and regulatory restrictions on data use, but often do not consider the potential impact of data use restrictions on intellectual property ownership and use rights.

Privacy 88

Privacy 88

Security Affairs

FEBRUARY 18, 2022

Google introduces Privacy Sandbox on Android aimed at leading to more private advertising solutions for mobile users. Google announced Privacy Sandbox on Android to limit user data sharing and prevent the use of cross-app identifiers. The company states that the Privacy Sandbox technologies are still in development. “Privacy Sandbox on Android will strengthen privacy, while providing tools app developers need to support and grow their businesses.

Privacy 99

Privacy Data collection Security IT 99

Advertisement

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

Analytics

Jamf

FEBRUARY 17, 2022

Detect and remediate a broad range of security threats including vulnerabilities, malware and questionable applications while continually assessing mobile endpoint and network risks. By combining security policies and sophisticated network protection with the detection of risky configurations, you can enforce comprehensive protection of your devices, users and apps, keeping them all safe in real-time.

Risk 98

Risk Security 98

DLA Piper Privacy Matters

FEBRUARY 14, 2022

The French Supervisory Authority (the “ CNIL ”) sent a Formal Notice to a web operator using Google Analytics ordering to comply. Though the decision has been taken against one web site it should apply to the use of Google Analytics in general. It should be noted that the European Data Protection Supervisor (“ EDPS ”) took the same position against the EU parliament and issued a reprimand for the placement of Google Analytics and Stripe on a Covid 19 testing site, without having appropriate meas

Analytics 98

Analytics Personal data Communications Privacy 98

Outpost24

FEBRUARY 18, 2022

Conveniently insecure: the tradeoff between security and convenience. 21.Feb.2022. Florian Barre. Fri, 02/18/2022 - 07:12. Martin Jartelius, CSO, Outpost24. Ghost Labs. Teaser. When it comes to making business decisions about new technologies and software adoption into your organization – it’s vital to work with your security team to balance the need for speed without sacrificing security.

Security 98

Security Risk IT 98