Sat.May 05, 2018 - Fri.May 11, 2018

article thumbnail

Who’s more of a threat – insiders or external threat actors?

Thales Cloud Protection & Licensing

In past years’ Thales Data Threat Reports, we asked IT security pros around the world separate questions about whom they believed were the riskiest internal threats and external threats. The results were useful but didn’t allow us to compare which category proved most worrisome. This year, we restructured the two separate questions into a single one, and that gave us some very interesting results about who worries these IT security professionals the most.

article thumbnail

It’s Eleven O’Clock. Do You Know If Your Organizational Data Is Safe?

Thales Cloud Protection & Licensing

Data is increasingly amassed and harnessed to accelerate organizational transformation in the new digital economy. But because databases can hold sensitive details, protecting them is imperative. Unprotected data at rest is an attractive target for cybercriminals, and in today’s ever more distributed environment, not a week goes by without hearing of a new data breach.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Facial Recognition Tech Is Creepy When It Works—And Creepier When It Doesn’t

WIRED Threat Level

It's a powerful tool, but recent incidents have shown that there's no winning with facial recognition.

IT 110
article thumbnail

5 Ways to Better Use Data in Security

Dark Reading

Use these five tips to get your security shop thinking more strategically about data.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

INDIA: Data Localization – is it disruptive?

DLA Piper Privacy Matters

Recently, India’s Central Bank, Reserve Bank of India (RBI) came out with a directive on April 6, 2018 related to “storage of payment system data”. This order makes it mandatory for all system providers (as well as their service providers/intermediaries/ third party vendors and other entities) to ensure that all data relating to payment systems operated by the provider are stored in a system only in India.

IT 40

More Trending

article thumbnail

Technical Writing Tips for IT Professionals

Lenny Zeltser

This cheat sheet offers guidelines for IT professionals seeking to improve technical writing skills. To print it, use the one-page PDF version; you can also customize the Word version of the document. General Recommendations. Determine your write-up’s objectives and audience. Keep the write-up as short and simple as possible to achieve the objectives.

IT 111
article thumbnail

How to Keep Hackers Out of Your Facebook and Twitter Accounts

WIRED Threat Level

Scammers, pranksters, and bad actors all want to break into whatever social media accounts they can. Here's how to keep yours safe.

Security 111
article thumbnail

UK regulator orders Cambridge Analytica to release data on US voter

The Guardian Data Protection

In landmark cross-border decision, Information Commissioner’s Office gives company 30 days to comply with David Carroll’s request Cambridge Analytica has been ordered to hand over all the data and personal information it has on an American voter, including details of where it got the data and what it did with it, or face a criminal prosecution. The UK Information Commissioner’s Office (ICO) served the enforcement notice to the company on Friday in a landmark legal decision that opens the way for

IT 111
article thumbnail

Zero-Day Attack Exploits Windows via Malicious Word Doc

Data Breach Today

Microsoft Patches Flaw, Warns It Could Be Exploited via Websites, Malvertising Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.

Security 182
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Phishing Attack Bypasses Two-Factor Authentication

Dark Reading

Hacker Kevin Mitnick demonstrates a phishing attack designed to abuse multi-factor authentication and take over targets' accounts.

article thumbnail

The Iran Nuclear Deal Unraveling Raises Fears of Cyberattacks

WIRED Threat Level

For the last three years, Iran has restrained its state-sponsored hackers from disruptive attacks on the West. That ceasefire may now be over.

IT 106
article thumbnail

Cambridge Analytica: how did it turn clicks into votes?

The Guardian Data Protection

Whistleblower Christopher Wylie explains the science behind Cambridge Analytica’s mission to transform surveys and Facebook data into a political messaging weapon • The six weeks that brought Cambridge Analytica down How do 87m records scraped from Facebook become an advertising campaign that could help swing an election? What does gathering that much data actually involve?

IT 111
article thumbnail

Cryptocurrency Miners Exploit Widespread Drupal Flaw

Data Breach Today

Researcher: 400 Sites or More Fall Victim to Massive, Forced Monero Mining Operation A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining the virtual currency monero, a researcher says. At least 400 websites have been infected, and the total number is likely far higher, security experts warn.

Mining 170
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

5 predictions for the future of machine learning

IBM Big Data Hub

The future of machine learning is one the hottest topics in data and analytics.

article thumbnail

Microsoft Enabling Javascript in Excel Has Security Pros Anxious

WIRED Threat Level

Enabling JavaScript should make Excel more powerful, but increasing access points makes it even more of a web security nightmare than it already is.

Security 104
article thumbnail

Government faces possible defeat on press regulation votes

The Guardian Data Protection

Theresa May tells cabinet two amendments to data protection bill will undermine free press The government is facing two difficult votes, and potential defeats, over amendments to the data protection bill that are due to be debated in the Commons on Wednesday. The amendments would establish a “Leveson two” inquiry into the misuse of personal data by the media, and a measure that would impose punitive legal costs on English media organisations that refuse to sign-up to Impress, the officially reco

article thumbnail

Equifax: US Breach Victim Tally Stands at 146.6 Million

Data Breach Today

Unpatched Struts Implementations Remain Widespread, Researcher Warns Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Properly Framing the Cost of a Data Breach

Dark Reading

The expenses and actions typically associated with a cyberattack are not all created equal. Here's how to explain what's important to the C-suite and board.

article thumbnail

Georgia Hacking Bill SB315 Gets Cybersecurity All Wrong

WIRED Threat Level

Georgia's SB315 discourages security research and encourages hacking back—meaning it's exactly backwards.

article thumbnail

Ministers risk judicial review of plan to deny immigrants data access

The Guardian Data Protection

Campaign groups say clause preventing access to records will make EU citizens ‘second class’ The government is being warned that it will face judicial review proceedings in June unless it scraps a clause in the data protection bill that would prevent immigrants from accessing their Home Office records. The campaign groups the3million , a grassroots organisation representing EU citizens living in the UK, and the Open Rights Group argue that the exemption for data protection for immigrants is unla

Access 101
article thumbnail

Report: Chinese Actors Steal Code-Signing Certificates

Data Breach Today

ProtectWise Says Group's Mistakes Proved Helpful During Investigation Security vendor ProtectWise says a series of operating mistakes has allowed it to gain insight into a group, believed to be affiliated with Chinese intelligence, that specializes in stealing code-signing certificates. The certificates allow for the signing of malware that's unlikely to raise security alarms.

Security 165
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Ready or Not: Transport Layer Security 1.3 Is Coming

Dark Reading

Better encryption could mean weaker security if you're not careful.

article thumbnail

Drone Swarms, North Korean Antivirus, and More Security News This Week

WIRED Threat Level

Bad drones, boobytrapped North Korean antivirus, and more of the week's top security news.

article thumbnail

Data rules threaten 'last avenue' used in thousands of immigration cases

The Guardian Data Protection

Home Office figures show there were almost 25,950 subject access requests for files in 2016 Tens of thousands of people each year could be prevented from obtaining information about their own immigration status under new data protection powers, Home Office figures reveal. Changes proposed in the data protection bill, which was being debated by MPs on Wednesday, would deprive applicants of a reliable means of obtaining files on themselves from the department through what are known as subject acce

Access 92
article thumbnail

Protecting the Industrial Internet of Things

Data Breach Today

Asif Effendi of GE Oil and Gas Offers Risk Mitigation Insights The industrial internet of things presents a significant new risk paradigm, says Asif Effendi of GE Oil and Gas, who offers threat mitigation tips.

Risk 150
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Reader Favorites May 2018: Our most popular RIM resources

TAB OnRecord

Our most popular resources this month cover the costs of imaging for DIY and outsourcing projects, how to design a quality RIM training program, and lessons on how to apply green practices to your RIM program. The real cost of imaging: DIY vs. outsourcing One of the biggest questions to answer before starting an imaging [.] Read More. The post Reader Favorites May 2018: Our most popular RIM resources appeared first on TAB Records Management Blog | TAB OnRecord.

article thumbnail

Gandcrab Ransomware Exploits Website Vulnerabilities

Dark Reading

Researchers find campaigns distributing Gandcrab by hosting malware on legitimate websites with poor security measures.

article thumbnail

Why the GDPR email deluge, and can I ignore it?

The Guardian Data Protection

A stringent new law will change how companies handle your data. Here’s what you need to do ‘Urgent action required ”, “Do you still want to hear from us?”, “We’ve updated our privacy policy”, “Should we stop sending you updates? If not, act now!” Many of us will have received emails like this during the past few weeks, some of them from companies we haven’t used for years or have maybe never even heard of.

GDPR 92