Weissman's World
APRIL 3, 2017
Authors: Alan Pelz-Sharpe (Deep Analysis) & Steve Weissman (Holly Group) If records and content management issues such as security, privacy, and compliance seem everlasting, that’s because they are! What aren’t everlasting though, are the so-called information governance “technologies” we use to bring these matters to heel. In recent decades, we have cycled through imaging, document […].
Data Breach Today
NOVEMBER 15, 2017
The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. Nearly 7.9 million Americans were affected by almost 30,800 health information breaches, according to the report.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Protector
SEPTEMBER 10, 2017
A huge percentage of the organisations I’ve recently come into contact with have little chance of becoming “GDPR compliant” by May 2018. To be fair, a good proportion of these organisations have spent the past decade or so ignoring the professional advice that's available on how to better comply with the requirements of the existing data protection legislation.
TAB OnRecord
NOVEMBER 2, 2017
If you want to save on records storage space, you can do that by deploying high-density shelving, which allows you to increase storage capacity by up to 330% in a given area. Another way to save is by evaluating your records management practices. Properly managing records can help reduce the volume of records, both now… Read More. The post 4 records management best practices for maximizing storage capacity appeared first on TAB Records Management Blog | TAB OnRecord.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Imperial Violet
AUGUST 12, 2017
Security Keys are (generally) USB-connected hardware fobs that are capable of key generation and oracle signing. Websites can “enroll” a security key by asking it to generate a public key bound to an “appId” (which is limited by the browser based on the site's origin). Later, when a user wants to log in, the website can send a challenge to the security key, which signs it to prove possession of the corresponding private key.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
DECEMBER 29, 2017
The practice of using a website visitor's device to mine cryptocurrency has expanded—and evolved—at an alarming rate.
The Guardian Data Protection
DECEMBER 13, 2017
Information commissioner announces inquiry into parties’ use of personal information after Ukip’s refusal to cooperate Ukip is to face a tribunal over its use of analytics during the EU referendum after refusing to cooperate with an investigation by the Information Commissioner’s Office (ICO). The ICO announced a formal investigation into how political parties use data analytics to target voters in response to concern about how social media was used during the referendum.
Lenny Zeltser
JULY 6, 2017
When analyzing malware or performing other security research, it’s often useful to tunnel connections through a VPN in a public cloud. This approach helps conceal the analyst’s origin, contributing to OPSEC when interacting with malicious infrastructure. Moreover, by using VPN exit nodes in different cities and even countries, the researcher can explore the target from multiple geographic vantage points, which sometimes yields additional findings.
Troy Hunt
OCTOBER 13, 2017
A couple of years ago, I was heavily involved in analysing and reporting on the massive VTech hack , the one where millions of records were exposed including kids' names, genders, ages, photos and the relationship to parents' records which included their home address. Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad. then totally screwing up the security.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Collaboration 2.0
APRIL 2, 2017
A huge opportunity to provide large-scale business innovation with smart strategies and effective execution is tempered by strong competition, legacy perceptions, and a ticking clock to successfully demonstrate relevance and effectiveness.
Weissman's World
DECEMBER 7, 2017
Seems like not an hour goes by that I don’t see a headline about the soaring value of bitcoin – followed near-immediately by another that warns of the imminent bursting of the bitcoin bubble. Since I’m not a bitcoin owner, my interest in these goings-on is more academic than practical. But I am invested (intellectually, […]. The post Bitcoin ≠ Blockchain appeared first on Holly Group.
Data Breach Today
DECEMBER 27, 2017
18 Best 2018 B2B Lead Generation Strategies For Marketers. Have you yet planned your best 2018 B2B lead generation strategies? Well if you have not until now then you should probably know that when it comes to B2B lead Generation, 2018 is going to become the lifeblood of modern sales process. With loads of strategies to choose from, it has become very challenging for businesses to survive the competition.
Data Protector
JANUARY 29, 2017
We have 480 days to go before the General Data Protection Regulation is “in force”. And then what? That's the question I’m being increasingly asked these days. Does it really mean that in 481 days, European privacy regulators will be heralding the first megafine for non-compliance with one of the GDPR’s more obscure requirements? I think not. But it will undoubtedly lead to greater unease amongst the audit committees of many firms, particularly those in the (regulated) financial services sector,
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
TAB OnRecord
NOVEMBER 9, 2017
Any place where you find physical files, you also find a great deal of unneeded documents. We regularly see physical records collections containing over 50 percent non-record content. These non-records include duplicates, convenience copies, and documents that have passed their required retention period. Need help getting rid of unneeded documents? Our TAB SMART program is… Read More.
Imperial Violet
OCTOBER 7, 2017
Last time I reviewed various security keys at a fairly superficial level: basic function, physical characteristics etc. This post considers lower-level behaviour. Security Keys implement the FIDO U2F spec , which borrows a lot from ISO 7816-4. Each possible transport (i.e. USB, NFC, or Bluetooth) has its own spec for how to encapsulate the U2F messages over that transport (e.g. here's the USB one ).
Elie
NOVEMBER 9, 2017
In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Over the course of March, 2016–March, 2017, we identify 788,000 potential victims of off-theshelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums.
WIRED Threat Level
DECEMBER 27, 2017
Researchers found that network configuration errors have left thousands of high-end speakers open to epic audio pranking.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Guardian Data Protection
OCTOBER 29, 2017
It’s 500 years since Martin Luther defied the authority of the Catholic church. It’s time for a similar revolt against the hypocrisy of the religion of technology A new power is loose in the world. It is nowhere and yet it’s everywhere. It knows everything about us – our movements, our thoughts, our desires, our fears, our secrets, who our friends are, our financial status, even how well we sleep at night.
Lenny Zeltser
SEPTEMBER 7, 2017
This cheat sheet outlines tips for reversing malicious Windows executables via static and dynamic code analysis with the help of a debugger and a disassembler. To print it, use the one-page PDF version; you can also edit the Word version to customize it for you own needs. Overview of the Code Analysis Process. Examine static properties of the Windows executable for initial assessment and triage.
Troy Hunt
DECEMBER 13, 2017
Occasionally, I feel like I'm just handing an organisation more shovels - "here, keep digging, I'm sure this'll work out just fine." The latest such event was with NatWest (a bank in the UK), and it culminated with this tweet from them: I'm sorry you feel this way. I can certainly pass on your concerns and feed this back to the tech team for you Troy?
Schneier on Security
DECEMBER 15, 2017
Interesting research : The trick in accurately tracking a person with this method is finding out what kind of activity they're performing. Whether they're walking, driving a car, or riding in a train or airplane, it's pretty easy to figure out when you know what you're looking for. The sensors can determine how fast a person is traveling and what kind of movements they make.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Weissman's World
MARCH 23, 2017
Like so many others, I have lots of nice things to say about last week’s AIIM17 conference in Orlando, FL. Energy levels were high, sessions were engaging, exhibitors seemed happy, and a good time was had by all. However, rather than write yet another trip report on the subject (links to some are listed below), […]. The post View From AIIM17: New Blood or Fresh Meat?
Data Breach Today
NOVEMBER 22, 2017
Firm Paid Hackers $100,000, But Was It Bug Bounty Reward or Extortion Payoff? Uber paid hackers $100,000 to keep quiet about a 2016 breach that exposed 57 million accounts belonging to customers and drivers, Bloomberg reports. But was the payment a bug bounty, as Uber has suggested, or really an extortion payoff and hush money?
Data Protector
JANUARY 8, 2017
I’m increasingly asked whether particular firms actually need to appoint a Data Protection Officer in order to comply with the requirements of the GDPR. Given that the potential fine for non-compliance (with Article 37) is €10 million Euros or up to 2% of the total worldwide annual turnover, companies quite understandably don't want to get such a basic issue wrong.
AIIM
NOVEMBER 8, 2017
What if every file—from documents to multimedia—was digital and used the same file format: “File.everything”— wouldn’t that be nice? But for most workers, the present information environment couldn’t be more different. Today, the typical information ecosystem is a content jungle: multiple file formats, a mix of structured and unstructured content, all growing wildly throughout the organization.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Imperial Violet
MAY 30, 2017
In 2005 and 2006, a series of significant results were published against SHA-1 [ 1 ][ 2 ][ 3 ]. These repeated break-throughs caused something of a crisis of faith as cryptographers questioned whether we knew how to build hash functions at all. After all, many hash functions from the 1990's had not aged well [ 1 ][ 2 ]. In the wake of this, NIST announced ( PDF ) a competition to develop SHA-3 in order to hedge the risk of SHA-2 falling.
Elie
SEPTEMBER 8, 2017
This blog post shed light on the inner workings of the ransomsphere economics and exposes which cybercriminal groups are the biggest earners. This is the second blog post in my series about ransomware economics. The first post. is dedicated to the methodology and techniques needed to trace ransomware payments end-to-end. As this post builds on that methodology, I encourage you to read through the first post if you haven’t done so.
WIRED Threat Level
DECEMBER 22, 2017
The NSA leaker's latest project aims to secure your computer—and you—from not just digital but physical attacks.
Expert insights. Personalized for you.
223 
Let's personalize your content