Sat.Jan 05, 2019 - Fri.Jan 11, 2019

article thumbnail

Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

Readiness, Morale, Investigations and Recruitment at Risk as Standoff Persists The U.S. government shutdown is impacting agencies integral to the nation's cybersecurity readiness, and experts fear its long-term impact on the country's cyberattack response capabilities, as well as the risk that it will drive away desperately needed new cybersecurity talent from entering public service.

article thumbnail

Machine Learning to Detect Software Vulnerabilities

Schneier on Security

No one doubts that artificial intelligence (AI) and machine learning (ML) will transform cybersecurity. We just don't know how , or when. While the literature generally focuses on the different uses of AI by attackers and defenders ­ and the resultant arms race between the two ­ I want to talk about software vulnerabilities. All software contains bugs.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

No, Spotify Wasn't Hacked

Troy Hunt

Time and time again, I get emails and DMs from people that effectively boil down to this: Hey, that paste that just appeared in Have I Been Pwned is from Spotify, looks like they've had a data breach Many years ago, I introduced the concept of pastes to HIBP and what they essentially boil down to is monitoring Pastebin and a bunch of other services for when a trove of email addresses is dumped online.

article thumbnail

Dirt-Cheap, Legit, Windows Software: Pick Two

Krebs on Security

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. But purchasing steeply discounted licenses for cloud-based subscription products like recent versions of Microsoft Office can be an extremely risky transaction, mainly because you may not have full control over who has access to your data.

Passwords 254
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.

GDPR 273

More Trending

article thumbnail

Do you have a data breach response plan?

IT Governance

This blog has been updated to reflect industry updates. Originally published 6 August 2018. The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This places a significant burden on organisations: taking the appropriate measures to comply with the law while simultaneously dealing with the collateral impact of a breach is not a picnic!

article thumbnail

Secret Service: Theft Rings Turn to Fuze Cards

Krebs on Security

Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards , a smartcard technology that allows users to store dozens of cards on a single device, the U.S. Secret Service warns. A Fuze card can store up to 30 credit/debit cards.

Retail 231
article thumbnail

Lessons From Report on Massive Singapore Healthcare Hack

Data Breach Today

Analysis of SingHealth Attack Offers Recommendations That Could Be Applied Wordwide A variety of security weaknesses contributed to a massive 2017 health data security breach in Singapore, according to a new report. What can healthcare organizations around the world learn from the report's security recommendations?

Security 195
article thumbnail

Q&A: Why emerging IoT platforms require the same leading-edge security as industrial controls

The Last Watchdog

The heyday of traditional corporate IT networks has come and gone. In 2019, and moving ahead, look for legacy IT business networks to increasingly intersect with a new class of networks dedicated to controlling the operations of a IoT-enabled services of all types, including smart buildings, IoT-enabled healthcare services and driverless cars. Related: Why the golden age of cyber espionage is upon us.

IoT 174
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Take Action on Data Privacy Day

AIIM

Data Privacy Day takes place annually on January 28th in recognition of the January 28, 1981 signing of Convention 108, the first legally binding international treaty concerning privacy and data protection. This day, led officially by The National Cyber Security Alliance (NCSA) , is an international effort to “create awareness about the importance of respecting privacy, safeguarding data, and enabling trust”.

article thumbnail

Patch Tuesday, January 2019 Edition

Krebs on Security

Microsoft on Tuesday released updates to fix roughly four dozen security issues with its Windows operating systems and related software. All things considered, this first Patch Tuesday of 2019 is fairly mild, bereft as it is of any new Adobe Flash updates or zero-day exploits. But there are a few spicy bits to keep in mind. Read on for the gory details.

Security 180
article thumbnail

Encryption: Avoiding the Pitfalls That Can Lead to Breaches

Data Breach Today

Analysis of Common Mistakes Made When Encrypting Data The Marriott mega-breach is calling attention to whether organizations are storing too much data and whether they're adequately protecting it with the proper encryption steps. Experts offer insights on making the right moves.

article thumbnail

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Security Affairs

The Dark Overlord published the first batch of decryption keys for 650 confidential documents related to the 9/11 terrorist attacks. The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks.

Insurance 112
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Austrian DPA Issues Decision on Validity of Cookie Consent Solution

Hunton Privacy

On November 30, 2018, the Austrian Data Protection Authority (“DPA”) published a decision in response to a complaint received from an individual regarding the cookie consent options offered on an Austrian newspaper’s website. As a factual matter, the Austrian newspaper offered three options to individuals who sought to access content on the site: (1) accept the use of cookies for analytics and advertising purposes and have full, complimentary website access; (2) refuse cookies and obtain access

GDPR 108
article thumbnail

FinTech banking’s nightmare frozen customer money problem

Collaboration 2.0

There’s a lot to like about modern mobile-first FinTech banks, but being locked out of your account isn’t one of them. Minimal customer service, opaque information flows and vague timelines create serious client stress levels.

107
107
article thumbnail

Why Are We So Stupid About Passwords? German Edition

Data Breach Today

Politicians' All-Star Password Picks: '123' and 'ILoveYou' German officials say the suspect behind the mega-leak of politicians' and celebrities' personal details exploited their weak passwords to access email, social media and cloud service accounts. What can the security industry do to help address the password problem?

Passwords 175
article thumbnail

Tens of thousands of hot tubs are exposed to hack

Security Affairs

Experts from security firm Pen Test Partners reported that tens of thousands of hot tubs are currently vulnerable to cyber attacks. Security experts at Pen Test Partners have discovered thousands of connected hot tubs vulnerable to remote cyber attacks. The hot tubs could be remotely controlled by an app, dubbed Balboa Water App, that lack of authentication mechanisms. “The mobile app connects to a Wi-Fi access point on the tub.

IoT 111
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Leadership Behaviors

PerezBox

I have been given a lot of thought to Leadership lately. I have been placing special emphasis on the things I personally look for in Leaders. It doesn’t matter if. Read More. The post Leadership Behaviors appeared first on PerezBox.

IT 103
article thumbnail

Looking to form Industry Insights VIP Group

AIIM

I am interested in forming a dedicated group of knowledgeable end users to provide insight on key trends in Intelligent Information Management. The intention is to systematically identify: The key drivers motivating potential customers. Buying intentions during the next 12-24 months. Obstacles faced during the acquisition and implementation process.

IT 80
article thumbnail

Marriott Mega-Breach: Victim Count Drops to 383 Million

Data Breach Today

Hotel Giant Warns 5.3 Million Unencrypted Passport Numbers Also Stolen Marriott International's digital forensic investigation now counts not 500 million but an "upper limit" of 383 million customers affected by the four-year mega-breach of its Starwood reservations system. The hotel giant now says the breach also exposed more than 5 million unencrypted passport numbers.

IT 201
article thumbnail

Victims of Pylocky ransomware can decrypt their files for free

Security Affairs

Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware. The good news is that security researcher Mike Bautista at Cisco Talos group released a decryption tool that allows them to decrypt their files for free.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Germany’s cyber security authority criticised for failing to disclose data breach

IT Governance

Germany’s BSI (Federal Office for Information Security) has come under fire for its alleged mishandling of a security incident in which the personal details of almost a thousand public figures, including Chancellor Angela Merkel, were stolen and published online. . The authority reportedly discovered the leak in December 2018, but didn’t notify the Federal Crime Office until Friday, 4 January 2019. .

article thumbnail

[Podcast] Where do ‘I’ fit into the AI Future of business?

AIIM

If you take a look around your office, home, or even places like your car you’re sure to see it – Artificial Intelligence. And it’s not just in our personal lives, in the world of business we continue to grow and expand the way we work with the use of automation, smart machines, and more. But, as we continue toward the convergence of business and technology and improve how we’re using Artificial Intelligence (AI) , do we fear machines will start taking our jobs?

article thumbnail

Visual Journal: Black Hat Europe 2018

Data Breach Today

London Docklands Plays Host to 17th Annual Information Security Conference The recent Black Hat Europe conference in London touched on topics ranging from combating "deep fake" videos and information security career challenges to hands-on lock-picking tutorials and the dearth of research proposals centered on deception technology.

article thumbnail

Three security bugs found in the popular Linux suite systemd

Security Affairs

Experts disclosed three flaws in the systemd , a software suite that provides fundamental building blocks for Linux operating systems. Security firm Qualys has disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd , a software suite that provides fundamental building blocks for a Linux operating system used in most major Linux distributions.

Security 111
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Cyber resilience and the GDPR

IT Governance

We recently discussed the changing threat landscape and the need for all organisations to adopt a cyber resilience approach. This is essentially the combination of cyber security measures to prevent data breaches and business continuity measures to respond quickly when incidents can’t be stopped. The main benefit of cyber resilience is that it enables your organisation to address its security concerns as effectively as possible.

GDPR 89
article thumbnail

Quiet Lawsuit in Pennsylvania May Create a Groundbreaking Data Security Priority Shift. Are You Ready?

Thales Cloud Protection & Licensing

Personally, I find the daily announcement of a company losing control of their employees’, partners’, or customers’ data depressing. My home state, California had 259 formally reported breaches in 2018 alone! It doesn’t matter where in the world you are, many companies are not properly protecting your data and hackers are very good at seeking those companies out.

article thumbnail

German Police Identify Suspect Behind Massive Data Leak

Data Breach Today

Anger at Politicians and Public Figures Allegedly Motivated 20-Year-Old Suspect German police arrested a 20-year-old student - living at home with his parents - who they say confessed to leaking contact details and sensitive information for an estimated 1,000 German celebrities, journalists and politicians, including Chancellor Angela Merkel.

178
178