WIRED Threat Level

DECEMBER 22, 2017

The NSA leaker's latest project aims to secure your computer—and you—from not just digital but physical attacks.

Security 280

Security 280

Collaboration 2.0

APRIL 2, 2017

A huge opportunity to provide large-scale business innovation with smart strategies and effective execution is tempered by strong competition, legacy perceptions, and a ticking clock to successfully demonstrate relevance and effectiveness.

IT 277

IT 277

Weissman's World

APRIL 3, 2017

Authors: Alan Pelz-Sharpe (Deep Analysis) & Steve Weissman (Holly Group) If records and content management issues such as security, privacy, and compliance seem everlasting, that’s because they are! What aren’t everlasting though, are the so-called information governance “technologies” we use to bring these matters to heel. In recent decades, we have cycled through imaging, document […].

Blockchain 223

Blockchain Information governance Compliance Privacy 223

Data Breach Today

NOVEMBER 15, 2017

The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. Nearly 7.9 million Americans were affected by almost 30,800 health information breaches, according to the report.

221

221

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

AIIM

NOVEMBER 8, 2017

What if every file—from documents to multimedia—was digital and used the same file format: “File.everything”— wouldn’t that be nice? But for most workers, the present information environment couldn’t be more different. Today, the typical information ecosystem is a content jungle: multiple file formats, a mix of structured and unstructured content, all growing wildly throughout the organization.

Data collection 154

Data collection Security Digital transformation IT 154

TAB OnRecord

NOVEMBER 2, 2017

If you want to save on records storage space, you can do that by deploying high-density shelving, which allows you to increase storage capacity by up to 330% in a given area. Another way to save is by evaluating your records management practices. Properly managing records can help reduce the volume of records, both now… Read More. The post 4 records management best practices for maximizing storage capacity appeared first on TAB Records Management Blog | TAB OnRecord.

Records Management 144

Records Management 144

Imperial Violet

OCTOBER 7, 2017

Last time I reviewed various security keys at a fairly superficial level: basic function, physical characteristics etc. This post considers lower-level behaviour. Security Keys implement the FIDO U2F spec , which borrows a lot from ISO 7816-4. Each possible transport (i.e. USB, NFC, or Bluetooth) has its own spec for how to encapsulate the U2F messages over that transport (e.g. here's the USB one ).

Security 119

Security Authentication Encryption IT 119

Elie

AUGUST 31, 2017

Over the last two years, ransomware has been all over the news. Hardly a week goes by without a report of a large ransomware outbreak or the emergence of a new ransomware family. Despite all this attention, very little is known about how profitable ransomware is and who the criminals are that benefit from it. To answer these questions and expose the inner workings of the ransomware economy, our research team at Google, in partnership with.

Ransomware 115

Ransomware Encryption Blockchain IT 115

The Guardian Data Protection

OCTOBER 29, 2017

It’s 500 years since Martin Luther defied the authority of the Catholic church. It’s time for a similar revolt against the hypocrisy of the religion of technology A new power is loose in the world. It is nowhere and yet it’s everywhere. It knows everything about us – our movements, our thoughts, our desires, our fears, our secrets, who our friends are, our financial status, even how well we sleep at night.

IT 112

IT Big data 112

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Troy Hunt

OCTOBER 13, 2017

A couple of years ago, I was heavily involved in analysing and reporting on the massive VTech hack , the one where millions of records were exposed including kids' names, genders, ages, photos and the relationship to parents' records which included their home address. Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad. then totally screwing up the security.

IoT 111

IoT IT Risk Security 111

WIRED Threat Level

DECEMBER 13, 2017

The DDoS attack that crippled the internet last fall wasn't the work of a nation-state. It was three college kids working a *Minecraft* hustle.

IT 279

IT Security 279

Lenny Zeltser

JULY 6, 2017

When analyzing malware or performing other security research, it’s often useful to tunnel connections through a VPN in a public cloud. This approach helps conceal the analyst’s origin, contributing to OPSEC when interacting with malicious infrastructure. Moreover, by using VPN exit nodes in different cities and even countries, the researcher can explore the target from multiple geographic vantage points, which sometimes yields additional findings.

Cloud 111

Cloud Passwords File names IT 111

Weissman's World

DECEMBER 7, 2017

Seems like not an hour goes by that I don’t see a headline about the soaring value of bitcoin – followed near-immediately by another that warns of the imminent bursting of the bitcoin bubble. Since I’m not a bitcoin owner, my interest in these goings-on is more academic than practical. But I am invested (intellectually, […]. The post Bitcoin ≠ Blockchain appeared first on Holly Group.

Blockchain 159

Blockchain Records Management Information governance Government 159

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Data Breach Today

DECEMBER 27, 2017

18 Best 2018 B2B Lead Generation Strategies For Marketers. Have you yet planned your best 2018 B2B lead generation strategies? Well if you have not until now then you should probably know that when it comes to B2B lead Generation, 2018 is going to become the lifeblood of modern sales process. With loads of strategies to choose from, it has become very challenging for businesses to survive the competition.

B2B 213

B2B Marketing Sales B2C 213

AIIM

NOVEMBER 13, 2017

Many organizations are on some sort of Digital Transformation journey – or they should be. Everyone wants to “transform.” But what exactly is Digital Transformation? Most organizations and departments have a mandate to continuously improve operations. A conventional change agenda involves better tools and technology, better behaviors, and better processes, all focused on generating better efficiencies and improved productivity.

Digital transformation 152

Digital transformation B2C Insurance Paper 152

Data Protector

OCTOBER 29, 2017

Your Lordships This bill has been eagerly awaited by data protection professionals, whose careers depend on its successful passage. Please don’t worry too much that the bill is so very hard to understand. It's the Government’s way of ensuring that a select band of privacy professionals will be offered very significant salaries to decipher its contents and recommend ways of complying with the key provisions.

Paper 120

Paper Compliance Privacy IT 120

TAB OnRecord

NOVEMBER 9, 2017

Any place where you find physical files, you also find a great deal of unneeded documents. We regularly see physical records collections containing over 50 percent non-record content. These non-records include duplicates, convenience copies, and documents that have passed their required retention period. Need help getting rid of unneeded documents? Our TAB SMART program is… Read More.

Records Management 134

Records Management 134

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Imperial Violet

AUGUST 12, 2017

Security Keys are (generally) USB-connected hardware fobs that are capable of key generation and oracle signing. Websites can “enroll” a security key by asking it to generate a public key bound to an “appId” (which is limited by the browser based on the site's origin). Later, when a user wants to log in, the website can send a challenge to the security key, which signs it to prove possession of the corresponding private key.

Security 119

Security Metadata IT Encryption 119

Elie

NOVEMBER 9, 2017

In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Over the course of March, 2016–March, 2017, we identify 788,000 potential victims of off-theshelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums.

Data breaches 112

Data breaches Phishing Risk Passwords 112

The Guardian Data Protection

OCTOBER 16, 2017

WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.

Security 112

Security 112

Troy Hunt

DECEMBER 13, 2017

Occasionally, I feel like I'm just handing an organisation more shovels - "here, keep digging, I'm sure this'll work out just fine." The latest such event was with NatWest (a bank in the UK), and it culminated with this tweet from them: I'm sorry you feel this way. I can certainly pass on your concerns and feed this back to the tech team for you Troy?

Encryption 111

Encryption Security Phishing IT 111

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

DECEMBER 1, 2017

The company's fix for an embarrassing security bug includes a big bug of its own.

Security 279

Security IT 279

Lenny Zeltser

SEPTEMBER 7, 2017

This cheat sheet outlines tips for reversing malicious Windows executables via static and dynamic code analysis with the help of a debugger and a disassembler. To print it, use the one-page PDF version; you can also edit the Word version to customize it for you own needs. Overview of the Code Analysis Process. Examine static properties of the Windows executable for initial assessment and triage.

Access 111

Access IT Information Security Security 111

Weissman's World

MARCH 23, 2017

Like so many others, I have lots of nice things to say about last week’s AIIM17 conference in Orlando, FL. Energy levels were high, sessions were engaging, exhibitors seemed happy, and a good time was had by all. However, rather than write yet another trip report on the subject (links to some are listed below), […]. The post View From AIIM17: New Blood or Fresh Meat?

ECM 159

ECM Information governance Government 159

Data Breach Today

NOVEMBER 22, 2017

Firm Paid Hackers $100,000, But Was It Bug Bounty Reward or Extortion Payoff? Uber paid hackers $100,000 to keep quiet about a 2016 breach that exposed 57 million accounts belonging to customers and drivers, Bloomberg reports. But was the payment a bug bounty, as Uber has suggested, or really an extortion payoff and hush money?

IT 198

IT 198

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

AIIM

NOVEMBER 14, 2017

Your business deals with documents on a constant basis. Without technology in place, organizing the different types of files and contact points for written communication can be intense. You might have paper contracts, email and attachments, faxes, and web forms all integral to the same client or customer file. This is where capture automation becomes effective in streamlining your productivity and organizational ability.

ECM 140

ECM Communications GDPR Paper 140

Data Protector

SEPTEMBER 22, 2017

Whenever I visit a clinic for a health check, I’m asked a slightly different set of questions. Each clinic is very professionally run, and, until recently I haven’t been unduly concerned that the same questions aren’t always asked. I’ve generally been healthy, so I guess there was never any real need for the medical profession to probe too deeply. So, why should I be worried about different questions being asked about data protection?

GDPR 120

GDPR IT Data breaches Risk 120

Schneier on Security

DECEMBER 15, 2017

Interesting research : The trick in accurately tracking a person with this method is finding out what kind of activity they're performing. Whether they're walking, driving a car, or riding in a train or airplane, it's pretty easy to figure out when you know what you're looking for. The sensors can determine how fast a person is traveling and what kind of movements they make.

Data collection 111

Data collection Paper Access IT 111