The Last Watchdog

APRIL 24, 2019

Accounting for third-party risks is now mandated by regulations — with teeth. Related: Free ‘VRMM’ tool measures third-party exposure Just take a look at Europe’s GDPR , NYDFS’s cybersecurity requirement s or even California’s newly minted Consumer Privacy Act. What does this mean for company decision makers, going forward, especially as digital transformation and expansion of the gig economy deepens their reliance on subcontractors?

Risk 164

Risk IoT Digital transformation Retail 164

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your device and the internet through encrypted tunnels.

Encryption 107

Encryption Authentication Privacy Communications 107

Schneier on Security

APRIL 26, 2019

Cyberattacks don't magically happen; they involve a series of steps. And far from being helpless, defenders can disrupt the attack at any of those steps. This framing has led to something called the " cybersecurity kill chain ": a way of thinking about cyber defense in terms of disrupting the attacker's process. On a similar note, it's time to conceptualize the "information operations kill chain.

Cybersecurity 111

Cybersecurity Government IT Security 111

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. A map showing the distribution of some 2 million iLinkP2P-enabled devices that are vulnerable to eavesdropping, password theft and possibly remote compromise, according to new research.

IoT 273

IoT Manufacturing Passwords Computer and Electronics 273

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

APRIL 23, 2019

Privacy Peril: Thieves Use Location Data to 'Shop' for High-Value Items Facebook has fixed a security vulnerability in its digital marketplace that could have been abused to identify the precise location of a seller, and by extension, their goods. Police warn that thieves regularly trawl location data to find the owners and locations of high-value items.

Privacy 268

Privacy Security IT 268

AIIM

APRIL 22, 2019

Recently, AIIM released an eBook titled, State of the Industry – Content Services that examines the current state of Content Services technologies and how user perceptions about them are changing. For this research study, we surveyed over 300 decision-makers from around the world about their focus on Content Services to answer these three core questions: What critical information management problems are users trying to solve with Content Services?

Content services 111

Content services Records Management Information governance Government 111

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned. An advertisement for RevCode WebMonitor.

Archiving 215

Archiving Sales Encryption Passwords 215

Data Breach Today

APRIL 22, 2019

Marcus Hutchins, aka MalwareTech, Says He Regrets Coding, Distributing 'Kronos' Marcus Hutchins, the British security researcher who helped stop the massive WannaCry ransomware outbreak in mid-2017, has pleaded guilty to developing and distributing "Kronos" banking malware when he was younger.

Ransomware 228

Ransomware Security 228

The Last Watchdog

APRIL 22, 2019

It’s clear that closing the cybersecurity skills gap has to happen in order to make our internet-centric world as private and secure as it ought to be. Related: The need for diversity in cybersecurity personnel One of the top innovators in the training space is Circadence ®. The Boulder, CO-based company got its start in the mid-1990s as a pioneer of massive multi-player video games.

Cybersecurity 190

Cybersecurity Artificial Intelligence Military Security 190

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

AIIM

APRIL 25, 2019

Open Platforms: Perceptions and Realities. What exactly does it mean to have an “open platform”? The perception is that an open platform has no restrictions or limitations; an open platform is agnostic. Yet reality is that there could be some limitations or restrictions. For example, there are ECM solutions that are built upon a proprietary database and are still considered to be “open”.

ECM 95

ECM Marketing Information capture Records Management 95

Security Affairs

APRIL 21, 2019

Researcher discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Researcher Sanyam Jain at GDI foundation discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Most of the data are publicly available, the databases also include the email addresses of the users.

Data breaches 112

Data breaches Archiving Privacy Education 112

Data Breach Today

APRIL 22, 2019

FTC Reportedly Eyes Holding Mark Zuckberberg Personally Accountable for Privacy "Move fast and break things," Facebook CEO Mark Zuckerberg once said of his company's internal motto. But regulators have been increasingly signaling to Facebook that when it comes to users' privacy and data security, too much remains broken.

Privacy 214

Privacy Security IT 214

Schneier on Security

APRIL 22, 2019

This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker. But the fields are closely related and there are a lot of lessons for IoT security -- and the security of complex socio-technical systems in general -- in here.

IoT 108

IoT Security 108

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

AIIM

APRIL 24, 2019

Today's businesses run in the cloud. Organizations are embracing a new way of working in a cloud-native environment that enables content to move effortlessly between teams, partners and customers. This is a powerful way to run the business without compromising on security, governance, and compliance. A 2018 IDG Cloud Computing Study found that 77% of enterprises have at least one application or a portion of their enterprise computing infrastructure in the cloud, and adoption is climbing.

Access 88

Access Cloud Compliance Government 88

Security Affairs

APRIL 23, 2019

CheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe.

Military 111

Military Government Phishing Security 111

Data Breach Today

APRIL 25, 2019

'Five Eyes' Partners Commit to Putting Threat Intelligence Into Public's Hands The director of Britain's GCHQ intelligence agency said at this week's CyberUK conference that declassifying and putting "time-critical, secret information" for stopping online threats into the public's hands "in a matter of seconds" is an imperative.

195

195

Schneier on Security

APRIL 23, 2019

From a G7 meeting of interior ministers in Paris this month, an " outcome document ": Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access digital evidence, when it is removed or hosted on IT servers located abroad or encrypted, without imposing any particular technology and while ensuring that assistance requested from internet companies is underpinned by the r

Encryption 107

Encryption Access IT 107

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Hunton Privacy

APRIL 24, 2019

On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed online, and its results—which included sensitive data such as political opinions, trade union membership and participation in associations—was publicly accessible on the Internet.

Personal data 98

Personal data GDPR Access IT 98

Security Affairs

APRIL 22, 2019

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x and 2.x versions of the library that are affected by the ‘Prototype Pollution’ vulnerability.

Libraries 111

Libraries Security IT 111

Data Breach Today

APRIL 25, 2019

Questions Loom About Whether Big Fines Will Prompt Privacy Reform Facebook has set aside $3 billion from its first quarter profit to pay for what is likely to be a record-breaking fine from the U.S. Federal Trade Commission. But will mega-fines lead to the reform of tech giants' questionable privacy and security practices?

Privacy 221

Privacy Security IT 221

Dark Reading

APRIL 23, 2019

What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.

105

105

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Matters

APRIL 26, 2019

In light of the UK’s possible departure from the European Union (EU), currently scheduled for October 31, 2019 (“Exit Day”), the UK Government has passed the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) (No.2) Regulations 2019 (“Regulations”) which enter into force immediately before Exit Day. Under the Regulations, transfers of personal data from the UK to the U.S., that rely on the EU to U.S.

Privacy 86

Privacy Personal data Communications Government 86

Security Affairs

APRIL 20, 2019

A white hat hacker discovered how to break Tchap, a new secure messaging app launched by the French government for officials and politicians. The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to break into Tchap , a new secure messaging app launched by the French government for encrypted communications between officials and politicians.

Security 111

Security Encryption Communications Government 111

Data Breach Today

APRIL 26, 2019

Attackers' Small Malicious Code Tweaks Keep Faking Out Defenders, Researchers Warn Check Point Research has spotlighted attacks against several embassies that show how subtle changes in source code can alter how security professionals can detect and stop different types of malware.

Security 210

Security 210

erwin

APRIL 25, 2019

For decades now, the professional world has put a great deal of energy into discussing the gulf that exists between business and IT teams within organizations. They speak different languages, it’s been said, and work toward different goals. Technology plans don’t seem to account for the reality of the business, and business plans don’t account for the capabilities of the technology.

Digital transformation 94

Digital transformation Government Education IT 94

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

OpenText Information Management

APRIL 22, 2019

Research has consistently shown that senior management within the insurance sector think digital transformation is critical to their business. While executives see transformation as essential, achieving success is proving to be much more difficult, with a global report recently published by Cap Gemini suggests that insurance companies are lagging behind other Financial Services organizations.

Digital transformation 93

Digital transformation Insurance Financial Services Customer Experience 93

Security Affairs

APRIL 24, 2019

Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. New Oracle #WebLogic #RCE #Deserialization 0-day Vulnerability. No vendor fix yet! Speak to @waratek for guaranteed active protection against 0-day RCE attacks with no blacklists, signatures, or profiling #NoSourceCodeChanges [link]

Access 111

Access Security IT 111

Data Breach Today

APRIL 25, 2019

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.

Security 206

Security 206