Sat.Jun 30, 2018 - Fri.Jul 06, 2018

article thumbnail

Cryptojacking Displaces Ransomware as Top Malware Threat

Data Breach Today

Criminals' Quest for Cryptocurrency Continues If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. Numerous studies have found that the most seen malware attacks today are designed for cryptojacking. But while ransomware campaigns may be down, they're far from out.

article thumbnail

Bring your own identity (BYOI)

OpenText Information Management

In March, Grand View Research suggested that the Identity and Access Management (IAM) market will be worth over $24 billion by 2020. This healthy growth will be achieved in part, the research firm says, through the increasing popularity of bring-your-own-identity (BYOI). BYOI offers speed and convenience for users, but do the risks still outweigh the … The post Bring your own identity (BYOI) appeared first on OpenText Blogs.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Attackers Keep Winning at 'Patch or Perish'

Data Breach Today

Fresh Flaws Exploited Faster Than They're Patched, Says Tenable's Gavin Millard Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.

100
100
article thumbnail

ExxonMobil Bungles Rewards Card Debut

Krebs on Security

Energy giant ExxonMobil recently sent snail mail letters to its Plenti rewards card members stating that the points program was being replaced with a new one called Exxon Mobil Rewards+. Unfortunately, the letter includes a confusing toll free number and directs customers to a parked page that tries to foist Web browser extensions on visitors. The mailer (the first page of which is screenshotted below) urges customers to visit exxonmobilrewardsplus[dot]com, to download its mobile app, and to cal

Marketing 151
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Warm words for the UK's intelligence privacy practices from the UN

Data Protector

I t’s not often that the UK is praised for the manner in which its intelligence agencies adopt appropriate data protection standards. So let's give due acknowledgement to Joe Cannataci, the UN’s Special Rapporteur on the right to privacy, who has recently used some very warm words to comment on these privacy practices. Of the Investigatory Powers Act, he proclaimed: "I am satisfied that the UK systematically employs multiple safeguards which go to great lengths to ensure that unauthorised survei

Privacy 120

More Trending

article thumbnail

California's New Privacy Law: It's Almost GDPR in the US

Data Breach Today

But Tech Giants are Taking Aim at the Law, Which Can Be Amended Until 2020 California's legislature has quickly introduced and passed new privacy legislation, making the state's laws the strongest in the U.S. The new law gives consumers a raft of new rights, and aims to bring more transparency to the murky trade in people's personal information.

Privacy 199
article thumbnail

The Pentagon Is Building a Dream Team of Tech-Savvy Soldiers

WIRED Threat Level

For years the Army has tried to recruit talent from Silicon Valley. A new initiative aims to nurture the rising technologists within its own ranks, too.

IT 111
article thumbnail

Privacy policies of tech giants 'still not GDPR-compliant'

The Guardian Data Protection

Consumer group says policies of Facebook, Amazon and Google are vague and unclear Privacy policies from companies including Facebook, Google and Amazon don’t fully meet the requirements of GDPR, according to the pan-European consumer group BEUC. An analysis of policies from 14 of the largest internet companies shows they use unclear language, claim “potentially problematic” rights, and provide insufficient information for users to judge what they are agreeing to.

GDPR 93
article thumbnail

Lessons from the front-lines of digital transformation – Part two

TAB OnRecord

In a three-part blog post we are sharing lessons learned from organizations that have taken documents and business processes into the digital realm. In part one, we discussed the benefits offered by digitization and robotic process automation. In part two, we explore the realities of having a hybrid records environment, and how to prepare yourself [.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Need to Look Beyond Endpoint Security

Data Breach Today

Kaspersky's Bhayani on Evolving to Predictive Analytics and Response With endpoint security, the fundamental concept was always to detect and prevent. Mature security strategies today are increasingly looking at response and remediation as well to complete the cycle, says Shrenik Bhayani of Kaspersky Lab.

Security 193
article thumbnail

Ransomware vs. Cryptojacking

Dark Reading

Cybercriminals are increasingly turning to cryptojacking over ransomware for a bigger payday. Here's what enterprises need to know in order to protect their digital assets and bank accounts.

article thumbnail

How to Check App Permissions on iOS, Android, Windows, and macOS

WIRED Threat Level

It's never a bad time to audit your app permissions. In fact, it's more important than ever.

IT 111
article thumbnail

Stealing computing power: A growing trend in cyber crime that can target all Internet-connected devices

CGI

Stealing computing power: A growing trend in cyber crime that can target all Internet-connected devices. pallavi.m@cgi.com. Thu, 07/05/2018 - 05:06. The aim of cyber attacks traditionally has been to either disrupt the target’s web service or to steal important information and other assets. A new and quickly spreading phenomenon is to steal computing power to mine cryptocurrencies.

Mining 74
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Former Insider Indicted for Criminal HIPAA Violations

Data Breach Today

Latest Rare Example of Prosecutors Pursuing a HIPAA Case A federal grand jury in Pennsylvania has indicted a former patient coordinator on several counts of wrongfully obtaining and disclosing the health information of others. The case is the latest rare example of prosecutors pursuing criminal charges for HIPAA violations.

157
157
article thumbnail

European Parliament Calls for Suspension of EU-U.S. Privacy Shield Unless U.S. Can “Fully Comply”

Hunton Privacy

On July 5, 2018, the European Parliament issued a nonbinding resolution (“the Resolution”) that calls on the European Commission to suspend the EU-U.S. Privacy Shield unless U.S. authorities can “fully comply” with the framework by September 1, 2018. The Resolution states that the data transfer mechanism does not provide the adequate level of protection for personal data as required by EU data protection law.

Privacy 72
article thumbnail

SCOTUS and Congress Leave the Right to Privacy Up for Grabs

WIRED Threat Level

As the push for more digital privacy grows, the question is whether the courts or lawmakers will step up to protect our rights—or if it will fall through the cracks.

Privacy 83
article thumbnail

Board Oversight of Cybersecurity Risks

Data Matters

*This article originally appeared in Practical Law Journal July/August 2018. In her regular column on corporate governance issues, Holly Gregory discusses the rapidly changing cybersecurity landscape, and the role of the board in addressing cybersecurity risks to the company. Read More. The post Board Oversight of Cybersecurity Risks appeared first on Data Matters Privacy Blog.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Life After Webstresser Disruption: No DDoS Holiday

Data Breach Today

Arbor's Darren Anstee Talks Terabit Attacks, Stresser/Booter Mayhem Police recently arrested the suspected administrators and top users of the stresser/booter service Webstresser.org. Unfortunately, the plethora of such services means the world is unlikely to see a reduction in DDoS attack volumes, says Darren Anstee of Arbor Networks.

154
154
article thumbnail

Security Should Never Be on Holiday

Thales Cloud Protection & Licensing

For many organizations, July and August are synonymous with holidays. And, while we all want to disconnect, no one does this completely given how connected we all are. Some successfully disconnect from work, but if they check the news on their phone, call an Uber, watch Netflix on an iPad or sign up for a yoga class via an app, they are still very much connected.

article thumbnail

How the Pentagon Keeps Its App Store Secure

WIRED Threat Level

To keep malware at bay, the GEOINT App Store has created a screening process that no commercial platform could ever match.

IT 87
article thumbnail

First Circuit’s Decision Provides Guidance on Creating Enforceable Website Terms and Conditions

Data Matters

On June 25, the United States Court of Appeals for the First Circuit in Cullinane v. Uber Technologies, Inc., __ F.3d __, 2018 WL 3099388 (1st Cir. 2018), evaluated the enforceability of arbitration provisions in online contracts. The First Circuit found Uber’s arbitration provision, which contained a class action waiver, unenforceable because Uber did not make its terms of service sufficiently conspicuous.

Privacy 60
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Humana Notifying Victims of 'Identity Spoofing' Attack

Data Breach Today

Health Plan: Large Volume Log-In Attempts Coming From 'Foreign Countries' Humana is notifying individuals in multiple states that the company was a recent target of an "identity spoofing attack" that potentially compromised personal information of its members, including those participating in the health insurer's Go365 wellness programs.

Insurance 151
article thumbnail

Request for Comments on Two Draft NARA Bulletins to Update Format Guidance

National Archives Records Express

We are making a few minor changes to NARA Bulletin 2014-04, Format Guidance for the Transfer of Permanent Records. These changes will streamline the process for future updates to the format tables. We are making these changes via a new NARA Bulletin, 2018-XX. We welcome your participation in the development of this guidance. We are requesting your comments on both bulletin drafts — NARA Bulletin 2018-XX and NARA Bulletin 2014-04.

65
article thumbnail

30% of UK companies have sacked an employee for data breach negligence

IT Governance

Shred-it’s 2018 State of the Industry Report has revealed that 30% of UK companies that suffered a data breach terminated an employee’s contract for related negligence. . 1,000 small business owners, 1,000 C-suite executives of large organisations and 1,100 consumers/employees took part in the research, which also revealed that: . 88% of C-suites and 49% of small businesses believe that employee negligence is one of the biggest information security risks to their organisation; . 55% of larg

article thumbnail

[INFOGRAPHIC] Be a Records Management Hero!

Gimmal

Earlier this year, we unveiled our superhero theme, inviting records managers to join us at their regional ARMA events (as well as ARMA Live!) and answer the question: "what kind of records management hero are you?".

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Why California's New Privacy Law is a 'Whole New Ballgame'

Data Breach Today

While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.

Privacy 142
article thumbnail

7 Reasons Why Businesses Should Adopt A Modern MDM Platform

Reltio

Ankur Gupta, Sr. Product Marketing Manager, Reltio. A modern Master Data Management (MDM) Platform helps businesses manage data like leading digital companies, leveraging continuous data organization and recommended actions to measure and improve their operations. Here are the seven reasons why enterprises should invest in a modern MDM Platform to drive ongoing business value. 1.

MDM 60
article thumbnail

UK government cracks down on cyber security

IT Governance

To improve cyber risk governance among public-sector departments and their suppliers, the UK government has issued a series of minimum cyber security standards that will be incorporated into the Government Functional Standard for Security. The first standard to be incorporated, the Minimum Cyber Security Standard (MCSS), comprises ten sections across five broad categories: Identify, Protect, Detect, Respond and Recover.