IT Governance
MAY 28, 2019
Last week, the GDPR (General Data Protection Regulation) turned one year old. Whether the panic and stress that accompanied the compliance deadline feels like a distant memory or still gives you nightmares, your data protection and privacy posture is something that shouldn’t be in your rear-view mirror. GDPR compliance is an ongoing process and should be embedded by design in your data protection practices.
Dark Reading
MAY 31, 2019
Follow these best practices to strengthen endpoint management strategies and protect company data.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
IG Guru
MAY 28, 2019
By T.J. StilesMay 7 via the Washington Post T.J. Stiles received the 2016 Pulitzer Prize for History, the 2010 Pulitzer Prize for Biography and the 2009 National Book Award for Nonfiction. He is a member of the governing boards of the Society of American Historians and the Organization of American Historians. America is losing its memory. […].
Krebs on Security
MAY 29, 2019
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated infractions. As this was the first time I’d ever heard of an organization actually doing this, I asked some phishing experts what they thought (spoiler alert: they’re not fans of this partic
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
MAY 28, 2019
New Guidance Clarifies BA's Responsibility to Safeguard PHI Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion?
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
MAY 30, 2019
Before engaging in any Enterprise Content Management (ECM) initiative in your organization, it is crucial to have a list of current ECM systems or tools and make the proper gap analysis to define the desired state, having always in mind to deliver the right value proposition to the business. Every content has the same life cycle in an organization of any industry, with the following five phases: One of the key items to gather during the requirements analysis of any Enterprise Content Management
Krebs on Security
MAY 31, 2019
New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. [NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful.
Data Breach Today
MAY 28, 2019
Security Researcher Warns That Flaw Could Lead to Worm-Like Exploit A security researcher warns that nearly 1 million devices running older versions of Microsoft Windows remain vulnerable to a recently discovered flaw in Microsoft's Remote Desktop Protocol service that could enable attackers to use a worm-like exploit to take over unpatched machines.
Security Affairs
MAY 31, 2019
The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
MAY 27, 2019
Google knows more about you than you might think. Here's how to keep it from knowing your location, web browsing, and more.
Krebs on Security
MAY 30, 2019
Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software. In March 2019, the Canadian Radio-television and Telecommunications Commission (CRTC) — Canada’s equivalent of the U.S. Federal Communications Commission (FCC), executed a search warrant in tandem with the Royal Canadian Mounted Police (RCMP) at the home of a Toronto softwa
Data Breach Today
MAY 31, 2019
Infections Started in 2015 and Ran Through April Checkers Drive-In Restaurants says 102 of its 900 U.S. locations were hit with point-of-sale malware, with one California restaurant infected over a more than two-year period starting in December 2015. Checkers is the latest victim in a string of attacks against retailers, restaurants and hotel chains.
Security Affairs
MAY 30, 2019
Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. Recent research by the cybersecurity experts at VPNpro shows that the popular mobile VPN developer Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
MAY 26, 2019
We've picked our favorite password managers for PC, Mac, Android, iPhone, and web browsers.
erwin
MAY 31, 2019
It’s time to consider data-driven enterprise architecture. The traditional approach to enterprise architecture – the analysis, design, planning and implementation of IT capabilities for the successful execution of enterprise strategy – seems to be missing something … data. I’m not saying that enterprise architects only worry about business structure and high-level processes without regard for business needs, information requirements, data processes, and technology changes necessary to exec
Data Breach Today
MAY 29, 2019
After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple. Meanwhile, the number of data protection complaints filed by Europeans has doubled.
Security Affairs
MAY 31, 2019
Security experts at Intezer have discovered a new Linux malware tracked as ‘HiddenWasp’ that borrows from Mirai, Azazel malicious codes. HiddenWasp is a new sophisticated Linux malware still undetected by the majority of anti-virus solutions. According to the experts at Intezer, the malware was involved in targeted attacks. . “Unlike common Linux malware, HiddenWasp is not focused on crypto-mining or DDoS activity.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
MAY 25, 2019
You don't have to get your hands dirty to do the most important spring cleaning of the year.
Dark Reading
MAY 28, 2019
Passwordless authentication has a shot at becoming more ubiquitous in the next few years. We take a look at where things stand at the moment.
Data Breach Today
MAY 31, 2019
Security Experts Warn Exploits Are Coming Microsoft has taken the unusual step of issuing a second warning about BlueKeep, a vulnerability that, if left unpatched, could allow an attacker to use a worm-like exploit to take over devices running older Windows operating systems. Security researchers warn that exploits are coming.
Security Affairs
MAY 29, 2019
The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoft’s Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoft’s Notepad text editor. Am I the first person to pop a shell in notepad? … believe it or not, It's a real bug!
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Threatpost
MAY 30, 2019
One of the most popular U.S. drive-through restaurants has been hit with a data breach due to POS malware.
Hunton Privacy
MAY 30, 2019
On May 27, 2019, Thailand’s Personal Data Protection Act B.E. 2562 (A.D. 2019) (the “PDPA”), which was passed by the National Legislative Assembly on February 28, 2019, was finally published in the Government Gazette, and thus became effective on May 28, 2019. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilitie
Data Breach Today
MAY 28, 2019
Debates Touch on NSA Exploit-Hoarding, City's Patch-Speed Failures, Windows Code Quality Reports that the city of Baltimore was attacked using a vulnerability in Windows originally stockpiled by the National Security Agency has triggered a blame game. Cybersecurity watchers are debating attacker culpability, patch management prowess and zero-day stockpiling.
Security Affairs
MAY 29, 2019
Public Wi-Fi is easily accessible by everyone, as much as free surfing sounds cool, it is risky as well. Let’s see how your data can be hacked easily. In the contemporary world of networking, Wi-Fi has become a vital commodity. Wi-Fi are now installed in each and every place regardless of the size of the place; from international airports to small kiosks, you can find an internet connection everywhere.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Threatpost
MAY 30, 2019
HiddenWasp is unique for Linux-based malware in that it targets systems to remotely control them.
WIRED Threat Level
MAY 31, 2019
At this rate, it will take years to fix a critical vulnerability that remains in over 900,000 Windows machines. A worm will arrive much sooner.
Data Breach Today
MAY 30, 2019
No Patch Available Yet, But Exploiting the Flaw Would Be 'Challenging' A security researcher has found a significant flaw all versions of Docker, an open source container platform, that can give attackers read and write access to all the files within the host system, allowing them to execute arbitrary code. As of now, there's no patch available.
Expert insights. Personalized for you.
60 
Let's personalize your content