WIRED Threat Level

DECEMBER 22, 2017

The NSA leaker's latest project aims to secure your computer—and you—from not just digital but physical attacks.

Security 279

Security 279

Collaboration 2.0

APRIL 2, 2017

A huge opportunity to provide large-scale business innovation with smart strategies and effective execution is tempered by strong competition, legacy perceptions, and a ticking clock to successfully demonstrate relevance and effectiveness.

IT 277

IT 277

Weissman's World

APRIL 3, 2017

Authors: Alan Pelz-Sharpe (Deep Analysis) & Steve Weissman (Holly Group) If records and content management issues such as security, privacy, and compliance seem everlasting, that’s because they are! What aren’t everlasting though, are the so-called information governance “technologies” we use to bring these matters to heel. In recent decades, we have cycled through imaging, document […].

Blockchain 223

Blockchain Information governance Compliance Privacy 223

Data Breach Today

NOVEMBER 15, 2017

The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. Nearly 7.9 million Americans were affected by almost 30,800 health information breaches, according to the report.

221

221

Speaker: Frank Taliano

Document-heavy workflows slow down productivity, bury institutional knowledge, and drain resources. But with the right AI implementation, these inefficiencies become opportunities for transformation. So how do you identify where to start and how to succeed? Learn how to develop a clear, practical roadmap for leveraging AI to streamline processes, automate knowledge work, and unlock real operational gains.

IT

AIIM

NOVEMBER 8, 2017

What if every file—from documents to multimedia—was digital and used the same file format: “File.everything”— wouldn’t that be nice? But for most workers, the present information environment couldn’t be more different. Today, the typical information ecosystem is a content jungle: multiple file formats, a mix of structured and unstructured content, all growing wildly throughout the organization.

Data collection 157

Data collection Security Digital transformation IT 157

TAB OnRecord

NOVEMBER 2, 2017

If you want to save on records storage space, you can do that by deploying high-density shelving, which allows you to increase storage capacity by up to 330% in a given area. Another way to save is by evaluating your records management practices. Properly managing records can help reduce the volume of records, both now… Read More. The post 4 records management best practices for maximizing storage capacity appeared first on TAB Records Management Blog | TAB OnRecord.

Records Management 144

Records Management 144

Imperial Violet

OCTOBER 7, 2017

Last time I reviewed various security keys at a fairly superficial level: basic function, physical characteristics etc. This post considers lower-level behaviour. Security Keys implement the FIDO U2F spec , which borrows a lot from ISO 7816-4. Each possible transport (i.e. USB, NFC, or Bluetooth) has its own spec for how to encapsulate the U2F messages over that transport (e.g. here's the USB one ).

Security 119

Security Authentication Encryption IT 119

Elie

AUGUST 31, 2017

Over the last two years, ransomware has been all over the news. Hardly a week goes by without a report of a large ransomware outbreak or the emergence of a new ransomware family. Despite all this attention, very little is known about how profitable ransomware is and who the criminals are that benefit from it. To answer these questions and expose the inner workings of the ransomware economy, our research team at Google, in partnership with.

Ransomware 115

Ransomware Encryption Blockchain IT 115

The Guardian Data Protection

DECEMBER 13, 2017

Information commissioner announces inquiry into parties’ use of personal information after Ukip’s refusal to cooperate Ukip is to face a tribunal over its use of analytics during the EU referendum after refusing to cooperate with an investigation by the Information Commissioner’s Office (ICO). The ICO announced a formal investigation into how political parties use data analytics to target voters in response to concern about how social media was used during the referendum.

Analytics 111

Analytics IT 111

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Troy Hunt

OCTOBER 13, 2017

A couple of years ago, I was heavily involved in analysing and reporting on the massive VTech hack , the one where millions of records were exposed including kids' names, genders, ages, photos and the relationship to parents' records which included their home address. Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad. then totally screwing up the security.

IoT 111

IoT IT Risk Security 111

WIRED Threat Level

DECEMBER 13, 2017

The DDoS attack that crippled the internet last fall wasn't the work of a nation-state. It was three college kids working a *Minecraft* hustle.

IT 279

IT Security 279

Lenny Zeltser

JULY 6, 2017

When analyzing malware or performing other security research, it’s often useful to tunnel connections through a VPN in a public cloud. This approach helps conceal the analyst’s origin, contributing to OPSEC when interacting with malicious infrastructure. Moreover, by using VPN exit nodes in different cities and even countries, the researcher can explore the target from multiple geographic vantage points, which sometimes yields additional findings.

Cloud 111

Cloud Passwords File names IT 111

Weissman's World

DECEMBER 7, 2017

Seems like not an hour goes by that I don’t see a headline about the soaring value of bitcoin – followed near-immediately by another that warns of the imminent bursting of the bitcoin bubble. Since I’m not a bitcoin owner, my interest in these goings-on is more academic than practical. But I am invested (intellectually, […]. The post Bitcoin ≠ Blockchain appeared first on Holly Group.

Blockchain 159

Blockchain Records Management Information governance Government 159

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Data Breach Today

DECEMBER 27, 2017

18 Best 2018 B2B Lead Generation Strategies For Marketers. Have you yet planned your best 2018 B2B lead generation strategies? Well if you have not until now then you should probably know that when it comes to B2B lead Generation, 2018 is going to become the lifeblood of modern sales process. With loads of strategies to choose from, it has become very challenging for businesses to survive the competition.

B2B 213

B2B Marketing Sales B2C 213

AIIM

NOVEMBER 13, 2017

Many organizations are on some sort of Digital Transformation journey – or they should be. Everyone wants to “transform.” But what exactly is Digital Transformation? Most organizations and departments have a mandate to continuously improve operations. A conventional change agenda involves better tools and technology, better behaviors, and better processes, all focused on generating better efficiencies and improved productivity.

Digital transformation 156

Digital transformation B2C Insurance Paper 156

Data Protector

JANUARY 29, 2017

We have 480 days to go before the General Data Protection Regulation is “in force”. And then what? That's the question I’m being increasingly asked these days. Does it really mean that in 481 days, European privacy regulators will be heralding the first megafine for non-compliance with one of the GDPR’s more obscure requirements? I think not. But it will undoubtedly lead to greater unease amongst the audit committees of many firms, particularly those in the (regulated) financial services sector,

GDPR 136

GDPR Privacy Compliance Personal data 136

TAB OnRecord

NOVEMBER 9, 2017

Any place where you find physical files, you also find a great deal of unneeded documents. We regularly see physical records collections containing over 50 percent non-record content. These non-records include duplicates, convenience copies, and documents that have passed their required retention period. Need help getting rid of unneeded documents? Our TAB SMART program is… Read More.

Records Management 134

Records Management 134

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Imperial Violet

AUGUST 12, 2017

Security Keys are (generally) USB-connected hardware fobs that are capable of key generation and oracle signing. Websites can “enroll” a security key by asking it to generate a public key bound to an “appId” (which is limited by the browser based on the site's origin). Later, when a user wants to log in, the website can send a challenge to the security key, which signs it to prove possession of the corresponding private key.

Security 119

Security Metadata IT Encryption 119

Elie

NOVEMBER 9, 2017

In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Over the course of March, 2016–March, 2017, we identify 788,000 potential victims of off-theshelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums.

Data breaches 112

Data breaches Phishing Risk Passwords 112

The Guardian Data Protection

OCTOBER 29, 2017

It’s 500 years since Martin Luther defied the authority of the Catholic church. It’s time for a similar revolt against the hypocrisy of the religion of technology A new power is loose in the world. It is nowhere and yet it’s everywhere. It knows everything about us – our movements, our thoughts, our desires, our fears, our secrets, who our friends are, our financial status, even how well we sleep at night.

IT 112

IT Big data 112

Troy Hunt

DECEMBER 13, 2017

Occasionally, I feel like I'm just handing an organisation more shovels - "here, keep digging, I'm sure this'll work out just fine." The latest such event was with NatWest (a bank in the UK), and it culminated with this tweet from them: I'm sorry you feel this way. I can certainly pass on your concerns and feed this back to the tech team for you Troy?

Encryption 111

Encryption Security Phishing IT 111

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

DECEMBER 1, 2017

The company's fix for an embarrassing security bug includes a big bug of its own.

Security 279

Security IT 279

Lenny Zeltser

SEPTEMBER 7, 2017

This cheat sheet outlines tips for reversing malicious Windows executables via static and dynamic code analysis with the help of a debugger and a disassembler. To print it, use the one-page PDF version; you can also edit the Word version to customize it for you own needs. Overview of the Code Analysis Process. Examine static properties of the Windows executable for initial assessment and triage.

Access 111

Access IT Information Security Security 111

Weissman's World

MARCH 23, 2017

Like so many others, I have lots of nice things to say about last week’s AIIM17 conference in Orlando, FL. Energy levels were high, sessions were engaging, exhibitors seemed happy, and a good time was had by all. However, rather than write yet another trip report on the subject (links to some are listed below), […]. The post View From AIIM17: New Blood or Fresh Meat?

ECM 159

ECM Information governance Government 159

Data Breach Today

NOVEMBER 22, 2017

Firm Paid Hackers $100,000, But Was It Bug Bounty Reward or Extortion Payoff? Uber paid hackers $100,000 to keep quiet about a 2016 breach that exposed 57 million accounts belonging to customers and drivers, Bloomberg reports. But was the payment a bug bounty, as Uber has suggested, or really an extortion payoff and hush money?

IT 198

IT 198

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

NOVEMBER 16, 2017

This is the seventh post in a series on privacy by Andrew Pery. You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. Privacy by Design: The Intersection of Law and Technology. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR 154

GDPR Compliance Privacy Paper 154

Data Protector

JANUARY 8, 2017

I’m increasingly asked whether particular firms actually need to appoint a Data Protection Officer in order to comply with the requirements of the GDPR. Given that the potential fine for non-compliance (with Article 37) is €10 million Euros or up to 2% of the total worldwide annual turnover, companies quite understandably don't want to get such a basic issue wrong.

B2B 136

B2B Personal data GDPR Compliance 136

Schneier on Security

DECEMBER 15, 2017

Interesting research : The trick in accurately tracking a person with this method is finding out what kind of activity they're performing. Whether they're walking, driving a car, or riding in a train or airplane, it's pretty easy to figure out when you know what you're looking for. The sensors can determine how fast a person is traveling and what kind of movements they make.

Data collection 111

Data collection Paper Access IT 111