Sat.May 25, 2019 - Fri.May 31, 2019

article thumbnail

Is your organisation equipped for long-term GDPR compliance?

IT Governance

Last week, the GDPR (General Data Protection Regulation) turned one year old. Whether the panic and stress that accompanied the compliance deadline feels like a distant memory or still gives you nightmares, your data protection and privacy posture is something that shouldn’t be in your rear-view mirror. GDPR compliance is an ongoing process and should be embedded by design in your data protection practices.

GDPR 59
article thumbnail

Focusing on Endpoints: 5 Steps to Fight Cybercrime

Dark Reading

Follow these best practices to strengthen endpoint management strategies and protect company data.

87
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

America is losing its memory

IG Guru

By T.J. StilesMay 7 via the Washington Post T.J. Stiles received the 2016 Pulitzer Prize for History, the 2010 Pulitzer Prize for Biography and the 2009 National Book Award for Nonfiction. He is a member of the governing boards of the Society of American Historians and the Organization of American Historians. America is losing its memory. […].

IT 40
article thumbnail

Should Failing Phish Tests Be a Fireable Offense?

Krebs on Security

Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated infractions. As this was the first time I’d ever heard of an organization actually doing this, I asked some phishing experts what they thought (spoiler alert: they’re not fans of this partic

Phishing 256
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Business Associates Reminded of HIPAA Duties

Data Breach Today

New Guidance Clarifies BA's Responsibility to Safeguard PHI Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion?

More Trending

article thumbnail

Google white hat hacker found code execution flaw in Notepad

Security Affairs

The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoft’s Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoft’s Notepad text editor. Am I the first person to pop a shell in notepad? … believe it or not, It's a real bug!

article thumbnail

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. [NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful.

article thumbnail

1 Million Windows Devices 'Vulnerable to Remote Desktop Flaw'

Data Breach Today

Security Researcher Warns That Flaw Could Lead to Worm-Like Exploit A security researcher warns that nearly 1 million devices running older versions of Microsoft Windows remain vulnerable to a recently discovered flaw in Microsoft's Remote Desktop Protocol service that could enable attackers to use a worm-like exploit to take over unpatched machines.

Security 199
article thumbnail

Data-Driven Enterprise Architecture: Why Enterprise Architects Need to Look at Data First

erwin

It’s time to consider data-driven enterprise architecture. The traditional approach to enterprise architecture – the analysis, design, planning and implementation of IT capabilities for the successful execution of enterprise strategy – seems to be missing something … data. I’m not saying that enterprise architects only worry about business structure and high-level processes without regard for business needs, information requirements, data processes, and technology changes necessary to exec

Metadata 104
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Russian military plans to replace Windows with Astra Linux

Security Affairs

The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux.

Military 112
article thumbnail

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Krebs on Security

Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software. In March 2019, the Canadian Radio-television and Telecommunications Commission (CRTC) — Canada’s equivalent of the U.S. Federal Communications Commission (FCC), executed a search warrant in tandem with the Royal Canadian Mounted Police (RCMP) at the home of a Toronto softwa

article thumbnail

Under GDPR, UK Data Breach Reports Quadruple

Data Breach Today

After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple. Meanwhile, the number of data protection complaints filed by Europeans has doubled.

article thumbnail

How to Dominate the Domains of the NEW CIP - D1: Creating and Capturing Information

AIIM

Hopefully, you've heard by now that we're updating the Certified Information Professional (CIP) exam. If so, you’re probably wondering: What's new? What's changed? What do you need to know to be successful? These are important questions, so I thought I’d take some time to go over each of the 5 Domains of the New CIP in detail to help clear up any confusion.

Paper 83
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Security Affairs

Public Wi-Fi is easily accessible by everyone, as much as free surfing sounds cool, it is risky as well. Let’s see how your data can be hacked easily. In the contemporary world of networking, Wi-Fi has become a vital commodity. Wi-Fi are now installed in each and every place regardless of the size of the place; from international airports to small kiosks, you can find an internet connection everywhere.

Passwords 111
article thumbnail

Seven Microservices Identity Questions to Secure your Data

Thales Cloud Protection & Licensing

As I noted in my last blog post , containers, which are now pervasive in enterprises, are ephemeral, and microservices frameworks like Kubernetes treat them as such. Data security is a complex subject, and, unfortunately, microservices only add to the complexity. I frequently try to untangle the threads of knotty issues by asking questions. So, in this and my next few blogs, I will share some questions you might want to ask as you go about securing your data in a microservices environment.

article thumbnail

Checkers, Rally's Burger Joints Hit By POS Malware

Data Breach Today

Infections Started in 2015 and Ran Through April Checkers Drive-In Restaurants says 102 of its 900 U.S. locations were hit with point-of-sale malware, with one California restaurant infected over a more than two-year period starting in December 2015. Checkers is the latest victim in a string of attacks against retailers, restaurants and hotel chains.

Retail 194
article thumbnail

Thailand’s First Personal Data Protection Law Enters into Effect

Hunton Privacy

On May 27, 2019, Thailand’s Personal Data Protection Act B.E. 2562 (A.D. 2019) (the “PDPA”), which was passed by the National Legislative Assembly on February 28, 2019, was finally published in the Government Gazette, and thus became effective on May 28, 2019. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilitie

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

BlueKeep scans observed from exclusively Tor exit nodes

Security Affairs

GreyNoise experts detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability from exclusively Tor exit nodes. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS vulnerability dubbed BlueKeep that can be exploited to carry out WannaCry -like attack. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that it can be exploited by an unauthenticated attacker by connecting to the targeted system via the RDP

article thumbnail

IBM Planning Analytics receives top ranks in world’s largest planning survey

IBM Big Data Hub

Before making any major purchase decision, most of us read reviews to learn about the experiences of other users and get an understanding of a product from the perspective of the marketplace. This is especially important for when evaluating options for a major investment like planning software.

article thumbnail

EHR Vendor Penalized Again, This Time by States

Data Breach Today

Settlement Follows Federal HIPAA Penalty Tied to Data Breach Cloud-based electronic health records vendor Medical Informatics Engineering has signed a $900,000 settlement with 16 state attorneys general in a case involving the same 2015 data breach that was at the center of a recent $100,000 settlement with a federal regulator.

article thumbnail

8 Ways to Authenticate Without Passwords

Dark Reading

Passwordless authentication has a shot at becoming more ubiquitous in the next few years. We take a look at where things stand at the moment.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Security Affairs

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. Recent research by the cybersecurity experts at VPNpro shows that the popular mobile VPN developer Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt.

Privacy 111
article thumbnail

Fraudulent Academic Papers

Schneier on Security

The term "fake news" has lost much of its meaning, but it describes a real and dangerous Internet trend. Because it's hard for many people to differentiate a real news site from a fraudulent one, they can be hoodwinked by fictitious news stories pretending to be real. The result is that otherwise reasonable people believe lies. The trends fostering fake news are more general, though, and we need to start thinking about how it could affect different areas of our lives.

Paper 90
article thumbnail

Researcher Describes Docker Vulnerability

Data Breach Today

No Patch Available Yet, But Exploiting the Flaw Would Be 'Challenging' A security researcher has found a significant flaw all versions of Docker, an open source container platform, that can give attackers read and write access to all the files within the host system, allowing them to execute arbitrary code. As of now, there's no patch available.

Access 179
article thumbnail

Kofax Launches Intelligent Automation Software Platform and Marketplace to Advance Future-of-Work Initiatives for Hyper-Connected Enterprises

Info Source

Industry’s First Integrated, AI-Enabled Platform Ecosystem Automates End-To-End Business Operations at Scale. Irvine, CA – May 29, 2019 – Kofax ®, a leading supplier of Intelligent Automation software to digitally transform end-to-end business operations, today announced it has launched the industry’s first Intelligent Automation platform and marketplace , advancing future-of-work initiatives for hyper-connected enterprises.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

HiddenWasp, a sophisticated Linux malware borroes from Mirai and Azazel

Security Affairs

Security experts at Intezer have discovered a new Linux malware tracked as ‘HiddenWasp’ that borrows from Mirai, Azazel malicious codes. HiddenWasp is a new sophisticated Linux malware still undetected by the majority of anti-virus solutions. According to the experts at Intezer, the malware was involved in targeted attacks. . “Unlike common Linux malware, HiddenWasp is not focused on crypto-mining or DDoS activity.

Archiving 111
article thumbnail

All the Ways Google Tracks You—And How to Stop It

WIRED Threat Level

Google knows more about you than you might think. Here's how to keep it from knowing your location, web browsing, and more.

IT 107
article thumbnail

Microsoft Sounds Second Alarm Over BlueKeep Vulnerability

Data Breach Today

Security Experts Warn Exploits Are Coming Microsoft has taken the unusual step of issuing a second warning about BlueKeep, a vulnerability that, if left unpatched, could allow an attacker to use a worm-like exploit to take over devices running older Windows operating systems. Security researchers warn that exploits are coming.

Security 189