erwin

MARCH 8, 2019

For regulatory compliance (e.g., GDPR) and to ensure peak business performance, organizations often bring consultants on board to help take stock of their data assets. This sort of data governance “stock check” is important but can be arduous without the right approach and technology. That’s where data governance comes in …. While most companies hold the lion’s share of operational data within relational databases, it also can live in many other places and various other formats.

Government 65

Government Metadata GDPR Compliance 65

Schneier on Security

MARCH 5, 2019

The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly explaining that there's no way to provide this capability without also weakening the security of every user of those devices and communications systems.

Cybersecurity 95

Cybersecurity Artificial Intelligence Government Communications 95

Data Breach Today

MARCH 5, 2019

ACLU's Jon Callas Briefs RSA Conference on Evolution of Privacy Discussion At the start of RSA Conference 2019, Jon Callas of the ACLU discusses how attitudes toward privacy continue to evolve and why the general tenor of the conversation is not as bad as some headlines suggest.

Privacy 230

Privacy 230

Krebs on Security

MARCH 8, 2019

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal , it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday.

Passwords 276

Passwords Authentication Security Access 276

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

MARCH 4, 2019

A common thread runs through the cyber attacks that continue to defeat the best layered defenses money can buy. Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT s

Energy and Utilities 212

Energy and Utilities Systems administration Access Cybersecurity 212

Data Breach Today

MARCH 5, 2019

Columbia Surgical Specialists of Spokane Reports Breach Columbia Surgical Specialists of Spokane has reported a breach impacting 400,000 individuals, the largest added to the federal health data breach tally so far in 2019. Meanwhile, a medical center in Chicago has also reported a major breach.

Data breaches 238

Data breaches 238

Security Affairs

MARCH 8, 2019

Experts found an unprotected server exposing online 4 MongoDB databases belonging to the email validation company Verifications.io. A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million records. The archive includes 808,539,849 records containing: emailrecords = 798,171,891 records emailWithPhone = 4,150,600 records businessLeads = 6,217,358 records.

Archiving 111

Archiving Phishing Compliance Marketing 111

WIRED Threat Level

MARCH 7, 2019

A exposed database belonging to Verifications.io contained both personal and business information, including 763 million unique email addresses.

Marketing 111

Marketing Security 111

Lenny Zeltser

MARCH 2, 2019

If you’d like to start experimenting with malware analysis in your own lab, here’s how to download and set up a free Windows virtual machine: Step 1: Install Virtualization Software Step 2: Get a Windows Virtual Machine Step 3: Update the VM and Install Malware Analysis Tools Step 4: Isolate the Analysis VM and Disable Windows Defender AV Step 5: Analyze Some Malware.

File names 112

File names Access Archiving Passwords 112

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

MARCH 6, 2019

Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to identify individual elements of a campaign, putting the onus on human analysts to piece together the bigger picture - when time and resources allow.

Analytics 223

Analytics Security 223

Security Affairs

MARCH 8, 2019

The American multinational software company Citrix disclosed a security breach, according to the firm an international cyber criminals gang gained access to its internal network. The American multinational software company Citrix is the last victim of a security breach, according to the company an international cyber criminal gang gained access to its internal network, Hackers were able to steal business documents, but its products or services were impacted by the attack.

Security 111

Security Passwords Data breaches Access 111

WIRED Threat Level

MARCH 5, 2019

No one's better at hacking than the NSA. And now one if its powerful tools is available to everyone for free.

Cybersecurity 112

Cybersecurity IT Security 112

IT Governance

MARCH 8, 2019

2018 saw some of the biggest data breaches yet , with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. It was also the year of the GDPR (General Data Protection Regulation) , which changed the way organisations handle customers’ personal data and introduced hefty fines for non-compliance.

Data breaches 105

Data breaches GDPR Personal data Compliance 105

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

MARCH 8, 2019

Former Patient Coordinator Wrongfully Disclosed Patient Information A former patient coordinator at UPMC, a medical center in Pittsburgh, has pleaded guilty to wrongfully disclosing health information in a rare case involving criminal prosecution for violating HIPAA.

220

220

Security Affairs

MARCH 8, 2019

A few days ago, Cybaze-Yoroi ZLAB researchers spotted a suspicious JavaScript file that implemented several techniques to evade detection of all AV solutions. Introduction. A few days ago, Cybaze -Yoroi ZLAB researchers spotted a suspicious JavaScript file needing further attention: it leveraged several techniques in order to evade all AV detection and no one of the fifty-eight antivirus solution hosted on the notorious VirusTotal platform detected it.

IT 111

IT Access Security 111

WIRED Threat Level

MARCH 7, 2019

Researchers built an AI engine that uses tweets to predict the severity of software vulnerabilities with 86 percent accuracy.

Security 107

Security 107

IBM Big Data Hub

MARCH 7, 2019

Success with AI models depends on achieving success with collecting and organizing your data, then analyzing the data to make smarter business decisions.

103

103

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

MARCH 7, 2019

Matt Kunkel of LogicGate Offers Update on Governance, Risk Management and Compliance How are governance, risk management and compliance changing as a result of evolving privacy regulations? Matt Kunkel of LogicGate offers an update.

Compliance 209

Compliance Risk Government Privacy 209

Security Affairs

MARCH 6, 2019

A new zero-day vulnerability in Google Chrome, tracked as CVE-2019-5786, is actively exploited in attacks in the wild. A new zero-day vulnerability in Google Chrome is actively exploited in attacks in the wild. The vulnerability was discovered late February by Clement Lecigne, a security researcher at the Google Threat Analysis Group. The high severity zero-day flaw in Chrome could be exploited by a remote attacker to execute arbitrary code and take full control of the target computer.

Libraries 112

Libraries Security Access 112

WIRED Threat Level

MARCH 4, 2019

Google's Project Zero researchers find a potentially powerful privilege escalation trick in how Macs manage memory.

Security 107

Security 107

National Archives Records Express

MARCH 4, 2019

We are changing the process for public review and comment of proposed records schedules to one using the Federal eRulemaking Portal, [link]. We posted a Federal Register notice detailing this change in process today. Currently, we publish notice in the Federal Register of agency records schedules open for comment. People who wish to review and comment on the schedules must request copies of the actual documents, submit comments, and receive responses via mail or email.

Records Management 99

Records Management 99

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

MARCH 4, 2019

Moody's Says Hospitals, Banks Among Those That Have the Most Significant Potential Impact Four business sectors - hospitals, banks, securities firms and market infrastructure providers - potentially face the most significant financial impact from cyberattacks that could lead to a weakened credit profile, according to a new report from Moody's Investors Service.

Risk 208

Risk Marketing Security 208

Security Affairs

MARCH 6, 2019

The NSA released the Ghidra, a multi-platform reverse engineering framework that could be used to find vulnerabilities and security holes in applications. In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux).

IT 111

IT Security Cybersecurity 111

WIRED Threat Level

MARCH 3, 2019

Will Roper, acquisition executive for the US Air Force, talks to WIRED's editor-in-chief about making the military more adaptive, the role of AI, and what he worries about every day.

Military 106

Military IT Security 106

Threatpost

MARCH 7, 2019

In a proof-of-concept hack, researchers penetrated an ultrasound and were able to download and manipulate patient files, then execute ransomware.

Ransomware 98

Ransomware Data breaches IoT Privacy 98

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

MARCH 5, 2019

RSA President Rohit Ghai on Humans and Machines Working Together as 'Trustworthy Twins' In a keynote address at the RSA Conference 2019, RSA President Rohit Ghai encouraged attendees to work in the coming years to "implement a security program with machines and humans working together. Humans asking questions; machines hunting answers.

Security 200

Security 200

Security Affairs

MARCH 3, 2019

The Wireshark Foundation released Wireshark 3.0.0, the latest release of the popular open-source packet analyzer. The Wireshark Foundation announced the release of Wireshark 3.0.0, the latest release of the popular open-source packet analyzer. The new version addresses several bugs and introduces tens of new features, it also improved existing features.

Libraries 111

Libraries Security IT 111

WIRED Threat Level

MARCH 8, 2019

Meltdowns like the Chrome zero day bug show why enabling auto-updates can be the wisest choice for many consumers.

Security 103

Security 103