surveillance security cameras

Aside from the launch of the sky blue M4-powered MacBook Air, this week's flurry of Apple announcements saw the introduction of the most powerful Apple silicon desktop processor yet. Given Apple's numbering scheme for its own chipsets, you'd think that would be one with an M4 label attached, but it's actually the M3 Ultra, which will power the newest Mac Studio.

Since Apple started releasing its own chipsets with the M designation, we've seen a variety of different labels attached. First came the standard processor, then the Pro, then the Max, and then the Ultra, with performance improving with each iteration. We're now up to the M4 Max and the M3 Ultra.

When preordering directly from Apple, you can fit the latest Mac Studio with either the M4 Max or the M3 Ultra, but the latter's superior capabilities are evident in the pricing: The starting price of an M3 Ultra Mac Studio is double that of an M4 Max Mac Studio.

The M3 Ultra is available in the new Mac Studio. Credit: Apple

Here's what's going on: As with previous generation chipsets with the Ultra moniker, the M3 Ultra is essentially two M3 Max processors fused together and appearing as one, using a technique Apple calls UltraFusion. You're basically getting twice the performance: This piece of silicon features an incredible 184 billion transistors.

So many cores

Here are some more stats: The M3 Ultra offers up to 32 CPU cores (compared to 24 on its most comparable predecessor, the M2 Ultra. It sports up to 80 CPU cores (compared to 76 on the M2 Ultra), 32 neural cores (the same as the M2 Ultra), support for up to 512GB of memory (compared to 192GB on the M2 Ultra), and up to 819GB/s of memory bandwidth (compared to 800GB/s). Overall, performance is around 1.5x of the Apple M2 Ultra.

While the M2 Ultra chipset is the direct forebear to the M3 Ultra, if you're buying a Mac Studio, you'll be choosing between the M3 Ultra to the M4 Max—the latter being the processor that launched last year with the refreshed MacBook Pros. The M4 Max gives you up to 16 CPU cores, up to 40 GPU cores, 16 neural cores, support for up to 128GB of memory, and up to 546GB/s of memory bandwidth.

One of the benefits of the M3 Ultra supporting so much RAM—more than half a terabyte—is that users can run more powerful AI models locally, on their own machines. A Mac Studio with an M3 Ultra inside should have enough oomph to run something like DeepSeek R1 locally, without having to connect to servers in China.

Apple's two latest chipsets, compared. Credit: Apple

The M3 Ultra also comes with a Thunderbolt 5 upgrade, doubling the maximum data transfer rates from Thunderbolt 4, up to 120Gb/s. This means you can even link multiple Mac Studios together (if you've got the budget for them), while the display engine on the M3 Ultra is capable of driving more than 160 million pixels—the equivalent of eight Pro Display XDRs.

"M3 Ultra is the pinnacle of our scalable system-on-a-chip architecture, aimed specifically at users who run the most heavily threaded and bandwidth-intensive applications," says Johny Srouji, a senior vice president of hardware technologies at Apple.

And what of the M4 Ultra? Apple hasn't said anything about it yet, but intimated to Ars Technica that it might not add an Ultra model this time around. That would make the M4 series the first to go without an Ultra variant, but as these super-powerful, super-expensive chipsets are only of interest to those with the most demanding needs and the deepest pockets, less frequent launches may be the most logical course of action.

from Lifehacker https://ift.tt/uATXlvt

Persona announced the next generation of their unified KYC-KYB platform that will combat sophisticated fraud during business onboarding and throughout the business lifecycle.

These enhancements deliver insights into both businesses and the individuals behind them, enabling more effective fraud detection compared to traditional single-focus solutions.

The rise in business fraud has created significant challenges across industries, from marketplace merchant fraud to fintech application fraud. According to the FTC, business identity theft has reached unprecedented levels, with $752 million in losses from business impersonation reported in 2023 alone. Fraudsters are increasingly targeting business verification processes for their higher potential payouts compared to individual schemes.

“The landscape of business fraud has fundamentally changed,” said Rick Song, CEO of Persona. “With business fraud offering significantly higher returns than individual fraud schemes, we’re seeing cybercriminals rapidly adapt their techniques. What’s particularly concerning is how easily fraudsters are transferring successful KYC attack methods to business verification flows, especially in industries with less developed fraud prevention frameworks.”

Comprehensive protection against emerging business fraud vectors

Persona’s signal-based architecture provides a powerful foundation for comprehensive fraud detection that minimizes impact on legitimate business onboarding. By leveraging data points already collected during the verification process, organizations can derive rich risk insights without requiring additional customer input.

The platform generates over 40 distinct signals from standard business verification data, enabling sophisticated fraud detection across multiple vectors. This intelligent approach allows companies to proactively identify and prevent the most common types of business fraud while maintaining efficient conversion rates.

Building on this signals-based foundation, Persona delivers targeted solutions for today’s most critical business fraud challenges:

Advanced business impersonation detection: A comprehensive “Chain of Trust” approach integrates business registration data, online presence verification, and ownership analysis to automatically validate connections between individuals and businesses.
Sophisticated fraud ring prevention: Enhanced link analysis capabilities uncover hidden connections across businesses and associated individuals across aspects like beneficial owner information or device data enabling organizations to identify and stop coordinated fraud attempts before they scale.
Proactive account takeover protection: Continuous monitoring combined with adaptive verification workflows provides robust security while maintaining seamless experiences for legitimate businesses.

“Traditional fragmented approaches to business verification which focused on just one aspect of a business like its registration information or online presence have left organizations vulnerable,” added Song. By unifying critical business and individual insights into a seamless, automated framework, we provide a holistic view that connects the dots between companies and the people behind them. This comprehensive approach enables our customers to detect sophisticated fraud patterns and verify legitimate businesses more effectively, while future-proofing their fraud defenses against evolving threats.”

Persona helps hundreds of customers streamline and automate global Know Your Business (KYB) processes through their integrated KYB-KYC solution today. With end-to-end KYB capabilities, organizations can onboard businesses faster while maintaining robust verification standards. Leading marketplaces and fintech companies like GetYourGuide, Branch, and 6lock are already using Persona’s business fraud prevention solution, seeing significant improvements in fraud prevention without compromising their onboarding efficiency.

“Our partnership with Persona had an incredible positive impact on our business,” said Gianmichele Zappia, Head of Risk and Fraud at GetYourGuide, a global online marketplace for travel experiences which serves over 12,000 cities.. “It has fundamentally changed the way we approach fraud prevention, allowing us to proactively identify and stop fraudulent suppliers in real-time, thereby protecting our platform’s integrity and enhancing trust with our users.”

from Help Net Security https://ift.tt/ZaJI5NO

Whether we recognize it or not, anytime an incident occurs, it sets off the grieving process. But grief isn’t a bad thing: it’s how we process our emotional reactions and move on. That’s precisely what security teams need to do in the wake of a cyber incident—and you’d be surprised how well the stages of incident response map to the famous “Five Stages of Grief.”

Starting with denial and moving through anger, bargaining, depression, and acceptance, security experts can take a few lessons from the grieving process:

Denial (analysis)

In many ways, denial is the most difficult stage of grief. Suppose you’re a security or IT professional. In that case, it can be difficult to accept that an intruder may have breached your defenses and gotten into your systems—and when you first see the evidence of an incident in progress, you might first consider alternate explanations. Is it a false alarm? Did an employee open the wrong application by mistake? Maybe an automated process is misfiring, or a misconfiguration is causing an alert to trigger. You want to consider your options before assuming the worst.

But in your heart, you probably know the truth. It’s impossible to stop 100% of attacks, so incidents will eventually happen. Getting past the denial stage starts with gathering information—understanding where the incident is occurring, what is happening, and what the attacker’s goals might be. Once you accept that a security incident is in progress, you can take the next step toward addressing it.

Anger (containment)

Anger and frustration are common responses to an incident in progress, but CISOs and other security leaders can help channel those reactions into action. Once you confirm that it isn’t a false alarm and there is, in fact, an attacker present in the system, your first thought is probably, “this is going to consume the next few days, weeks, or months of my life.” You may become angry at a specific team for not following security guidelines or shortcutting a process. Hopefully the attack was detected quickly enough to mitigate the incident before significant damage can be done—but if the attack is severe, it will probably take time to rectify. That’s enough to make anyone angry.

Channeling that anger toward containment is essential. Once an attacker has been identified in your systems, you’ve passed the prevention stage, and you now need to focus on reducing the blast radius of impact and any further lateral movement. That might mean shutting down certain systems or quarantining areas of the network where evidence of intrusion is present. The specific steps you take will depend on the nature of the security incident and how severe it is, but it’s important not to let your frustration slow you down. If the incident gets worse, it will only make you angrier – but you can’t let that blind you.

While no one wants an incident to occur, there are some positive outcomes. For instance, most of the time, the shared anger across teams will break down communication siloes or political barriers, and departments that were experiencing friction with security before are now working in lockstep against a common enemy.

Remember, when dealing with breached data, the main goal is to “drive the value to zero.” That means in addition to containing the threat from a technical perspective, it’s essential to evaluate the economics of the data exposed and take action to inactivate it. For example, if the attack included an SQLi to steal a table containing (hopefully hashed) passwords, forcing a password change and identity validation during that process will render that stolen data useless.

Bargaining (eradication)

Whatever is in your system needs to be removed—and you need to make sure it can’t get back in. If you’ve successfully contained the incident during the previous stage, this is the next logical step. But it isn’t always easy. You may have to come to grips with the fact that certain data has been encrypted or stolen, or certain systems have been corrupted beyond repair. Some may have backup systems, others may not. Some may be easy to restore, others may take time. There isn’t always a quick and easy solution, and that can be hard for security teams to accept.

Stopping an incident in progress always requires some level of bargaining. If only I had deployed XYZ agent to these systems, this wouldn’t have happened. That budget request that was denied last year would have given me more headcount. Please, please, please don’t let me find another persistence method after all this work.

Sadly, getting an intruder out of your system is rarely a quick and easy process. But understanding the layout of your digital landscape and working with stakeholders throughout the organization can help ensure you’re making the right decisions at the right time. There is a time to reflect on what could or would have stopped the incident in the first place, but the eradication stage isn’t that time – at this point, it will only distract you.

Depression (recovery)

The incident has been confirmed and contained, and the threat actor has been removed. Now, it’s time to work with the other stakeholders to bring systems back online correctly.

Are there systems that need to be restored from backups? Who can make that happen, and how long will it take? Can other systems be brought back online immediately, or are there steps the IT team needs to take to ensure they are clean and secure? Are there external partners that need to be consulted? What are the protocols for informing impacted customers? If we restore from backups, how much data will we have lost? What are the downstream effects of data misalignment across integrated systems? Now that the organization is beginning to breathe a little easier, addressing these concerns is essential.

And let’s not forget about the crisis communication protocols – informing the Board, communicating to customers and regulators, documenting for audits, and taking other steps to correctly handle the incident with integrity. The good news is incidents happen, and the industry has generally embraced that as a fact. Some customers may be upset and question the security of their data, but when businesses respond to an incident effectively and ethically, most will appreciate the transparency – especially proactive communication that outlines the clear steps being taken to remedy the issue. Businesses and customers increasingly recognize that incidents happen.

Acceptance (postmortem)

Finally, acceptance. With the recovery process well underway, it’s time to take what you’ve learned and apply it. Now is the time to start bringing in all those suppressed thoughts from the former stages.

That begins with understanding what went wrong. What was the cyber kill chain? What vulnerabilities did they exploit to gain access to certain systems? How did they evade detection solutions? Are certain solutions not working as well as they should? Did we have unexpected blind spots? Are additional controls needed to compensate? Were any regulatory or compliance standards impacted, and do they need to be reported or addressed? Did our incident response process work and how can we make it better? Understanding what went wrong is the first step toward making sure it can’t happen again.

You may not be able to stop every attack, but you can avoid falling for the same trick twice. That might mean implementing new security solutions. It might mean better compartmentalizing your security architecture. It might also mean looking into the people and processes involved in the breach and determining where there are opportunities for improvement.

Accepting that breaches happen is important, but acceptance doesn’t mean complacency. Arming yourself with information allows you to take a more data-driven proactive approach, ensuring the subsequent breach will be much easier to stop.

Channeling grief into action

Grief is a universal experience, which means we have a pretty good understanding of how to process it and use it to our advantage—even if it’s sometimes challenging. Allowing yourself to move thoughtfully and carefully through each stage of incident response grief gives you a valuable checklist that can help contain an event in progress and ensure you are well-positioned to prevent similar incidents.

Stages like “anger” and “depression” are a necessary part of the recovery process, but don’t let them bog you down – instead, let them motivate you to take the actions needed to create a stronger, more secure environment in the future.

from Help Net Security https://ift.tt/jKWG8o1

The first Pixel Drop of 2025 is here—quarterly upgrades coming to Google's phones, tablets, and watches include improvements to Gemini Live and other AI-powered functionality (like scam detection for calls and texts), health and safety features, and camera and connectivity updates.

Here's everything in the March drop, rolling out now.

Gemini upgrades

As with the December Pixel Drop, much of what's new for Pixel this month is powered by Google Gemini. Gemini Live is getting smarter with the ability to automatically switch between 45 languages in conversation without having to change your language settings. Multimodal capabilities for adding images, files, and YouTube videos to conversations are expanding to Pixel 6 (and newer) as well as Pixel Fold devices, and live video and screen sharing are coming to Gemini Advanced.

If you have a Pixel 9 phone with Gemini Nano, you'll soon get real-time Scam Detection that alerts you to malicious calls. The on-device, AI-powered feature identifies conversation patterns typical of scammers and gives you an on-screen prompt to end the call. Scam Detection is also available in Google Messages for anyone with a Pixel 6 or newer located in the U.S., Canada, or the UK. If the AI suspects a scam text message, you'll see a warning to report and block the number.

Also in the AI category: Pixel Screenshots is getting a new suggestions feature and integration with work profiles, while Pixel Studio will be able to generate images of people based on a description of the person or scene.

While many Pixel features remain limited to users in the U.S., Pixel Screenshots, Pixel Studio, Pixel AI weather reports, and Pollen tracker in the Weather app are being rolled out for those in Germany and Japan. Recorder App AI summaries will also be available in Japanese (on Pixel 9 only) as well as in English.

New health features for Pixel Watch

Pixel Watch 3 wearers in the U.S. will soon have access to Loss of Pulse Detection. This feature detects if the wearer's heart stops beating, and then calls emergency services with an automated message if you remain unresponsive (your device must have a cell connection). The feature was recently cleared by the FDA and is expected to roll out toward the end of the month. Pixel Watch 3 is also getting on-device menstrual tracking and more accurate step counting for atypical walking patterns, such as pushing a cart or hiking with poles.

Finally, Auto-bedtime Mode, which turns off your watch face and disables notifications when you fall asleep (and back on when you wake up), is expanding to Pixel Watch 2.

Improved connectivity

Google is releasing several safety-oriented connectivity features, including a Find My Device beta that shares your live location with family and friends. Satellite SOS—which lets you contact emergency services even if you don't have a cell or wifi connection—is expanding to Pixel 9 users in Hawaii, Alaska, Europe, and Canada, and satellite texting is now available for U.S.-based Verizon and T-Mobile customers.

Camera and video upgrades

A new feature called Connected Cameras lets you link your Pixel 9 to another Pixel phone (6 or newer) or GoPro camera (HERO10 Black or newer) to stream video from multiple angles directly to Facebook, YouTube, Instagram, TikTok, and Snapchat. Dual Screen Preview on Pixel Fold is adding support for video recording as well as Add Me for those on Pixel 9 Pro Fold.

Additional accessibility and quality-of-life upgrades

Pixel's speech-to-text Recorder app is getting another update: The app will now automatically transcribe audio recordings, such as lectures, transferred from an older device or Pixel Watch to your current phone. And Gboard has a new Voice Toolbar so you can easily access voice-to-type without opening the full keyboard.

A new Modes menu is coming to the Quick Settings panel, allowing you to switch between modes for driving, bedtime, do not disturb, and other customizations simply by swiping down.

Finally, new actions for audio coming to Pixel Watch include fast forward, rewind, and the ability to adjust playback speed and control the playback queue.

How to get new Pixel Drop features on your device

To check if these updates are available on your Pixel phone or tablet, go to Settings > System > Software updates.

from Lifehacker https://ift.tt/w8hGjEz

Less than a month after Apple released its own "budget" iPhone, the iPhone 16e, Samsung is out with a new midrange Galaxy A series update for 2025. And unlike Apple's $599 phone, the Galaxy A26, an admittedly more budget-friendly device, starts at just $300. The Galaxy A56 on the other hand, a more direct iPhone 16e competitor, will be $500 when it launches later this year, yet nets you double the storage as the 16e.

If you're thinking about picking up any of these phones, you might be curious about how they all compare on paper. While we'll need to wait for reviewers to get their hands on these devices before we truly know how they stack up, it's helpful to see the specs and price points side-by-side.

iPhone 16e

Credit: Apple

What was once the iPhone SE is now called the iPhone 16e, and at a $599 starting price for the 128GB model, it's expensive for a midrange phone. But if you can stretch your budget, you do get a lot for that money.

Yes, it has a notch and not a Dynamic Island, but you get a 6.1-inch screen, Apple's latest and greatest A18 chip (that's only missing one GPU core when compared to the iPhone 16 model), 8GB of RAM, Apple Intelligence, a 48MP single camera setup, and a long battery life.

That said, since you're paying less than you would for the standard iPhone 16 or any of its upgrades, you do miss out on some bonuses. The screen is still only 60Hz; there's no always-on display; and you lose an ultra-wide lens, in addition to camera features like Cinematic mode and the new Photographic Styles. Apple even took out MagSafe.

At its core, though, it's a solid iPhone. Apple is known for supporting its devices for years, and the fact that this has 8GB of RAM and the A18 chip means that the iPhone 16e will continue to stay fast and fresh for a good while.

Samsung Galaxy A26, A36, and A56

Credit: Samsung

There are three new phones to talk about here. The A26, starting at $300, the A36, starting at $400, and the A56, starting at $500. For the sake of this comparison, I will mostly focus on the A56, as it's the closest in scope to the 16e, but there are reasons to consider the other options, especially the $400 A36.

All three phones run One UI 7.0, which includes new software features like the Now Bar and a redesigned interface that looks quite a bit like iOS. And while the complete Galaxy AI suite is reserved for Samsung's flagship phones, the A series devices do get Google's Circle-to-Search, Filters, Best Face, Auto Trim, and Samsung's AI Object Eraser tools. Samsung is calling this suite of features "Awesome Intelligence," which I'm sure won't be confusing to anyone. Samsung is also promising six generations of OS upgrades, and six years of security updates, which is up there with Google's seven-year updates promise for Pixel devices.

As specs, go, all three phones get a 5,000 mAh battery, but the 45-watt fast wired charging is only available for the A36 and the A56. It's a similar story with the display too: the A36 and A56 both feature a 6.7-inch AMOLED display with a 120Hz refresh rate, a 1080 x 2340 resolution, and Corning Gorilla Victus+ Glass protection (not present on the iPhone 16e). The A26, though gets a smaller 6.5-inch screen, featuring the same 120Hz refresh rate, and the FHD+ display. The screen goes up to 1,200 nits when you're outside, and can push to 1,900 nits using the Vision Booster feature. The iPhone 16e, meanwhile, is locked to 800 nits.

All three devices feature different processors and RAM configurations, with the best chip saved for the A56. The A26 features Samsung's Exynos 1380 chipset, 6GB RAM, and 128GB storage, while the A36 uses Qualcomm's Snapdragon Gen 3 processor, 6GB RAM, and 128GB storage. The A56 comes with the Exynos 1580 chip, 8 or 12GB RAM (depending on the configuration), and 128 or 256GB storage.

When it comes to raw performance, however, the iPhone 16e easily beats out the A56. Based on early (leaked) testing data compiled by ZoneofTech, the Exynos 1580 in the Galaxy A56 scores 1353 in single-core and 3832 in multi-core performance. The A18 chip, on the other hand, scores 3317 in single-core, and a whopping 8165 in multi-core performance. That's more than double the raw performance on the 16e.

Credit: ZoneofTech

The body shape differs slightly between the three devices. The A26 has a plastic frame and body, compared to the more "premium" metals found on the other two devices. All three phones feature thin bezels around, but a prominent chin, so the bottom bezel is slightly thicker than the other three sides.

There's a triple camera setup on every A series phone, compared to Apple's single 48 MP unit. All three Samsung units get the same 50 MP wide-angle lens. The A56 gets a 12 MP ultra-wide, and a 5 MP macro lens, while the A36 gets a 8 MP ultra-wide, and a 5 MP macro lens. The cheaper A26 gets 8MP ultra-wide and a 2 MP macro lens. All A series phones can take advantage of AI photography features like Best Take, which merges faces from different photos to create a better single image. There's also Samsung's Object Eraser tool which is better than Apple's Cleanup utility. The A56 and A36 can also record content in HDR from the main sensor.

The 5,000 mAh battery in the A series devices is rated for 29 hours of video playback, while the iPhone 16e manages 26 hours on a single charge. Those might not reflect real-life battery tests, however, so we'll need to watch for reviewers before we know how these batteries really compare.

In fact, that's true for a lot of features across these devices. We'll simply need to see how the A series' cameras and chips stack up against the iPhone 16e in real-world use before we can make any definitive calls here. But, for now, it's helpful to compare the specs and data we do have.

The Galaxy A36 5G will be available March 26th in Black and Lavender, and an exclusive Lime color at Best Buy. While the A26 goes on sale March 27th and is only available in a Black color. But the A56 will be out in the US later this year, no details on the color options yet.

from Lifehacker https://ift.tt/xiHzkDy

A recent outbreak of measles in West Texas has resulted in 159 cases of the disease in the state so far; 22 victims required hospitalization, and one has died. In response to the deadly outbreak, some Texas parents seem to be considering hosting "measles parties" instead of vaccinating their kids. Misinformation about measles can have deadly consequences, so here's a look at some ways people are getting measles wrong.

Myth: Measles vaccines are potentially dangerous

While a small percentage of people suffer side effects from the measles, mumps, and rubella (MMR) vaccine, they are almost always mild. The most common is a fever that hits between 5% and 10% of those vaccinated. About 2% to 5% develop a mild rash, and about 1 in 4,000 develop something more serious. The "side effects" of contracting the disease itself, on the other hand, are much worse: Nearly 100% of people who contract the disease develop symptoms that include fever, red eyes, a sore throat, and a blotchy rash. About one in 300 people who get measles will die.

Myth: The measles vaccine gives people measles

The belief that measles outbreaks are caused by the measles vaccine is growing in certain circles, helped along by advocates like Children's Health Defense, the anti-vaccine advocacy group founded by Secretary of Health and Human Services Robert F. Kennedy, Jr.

The measles vaccine works by introducing a weakened form of the measles virus into the body to trigger an immune response. So the theory goes, people who have been injected with the measles vaccine are infecting others with the disease. But while the measles virus can potentially be detected in people for up to four weeks after a shot, it is extremely unlikely for the virus to be be transmitted to anyone in that weakened form—which is significant, given measles itself is among the most contagious diseases. As for the Texas outbreak specifically, to make sure, all cases have been tested, and they've all been declared to be the result of "wild" measles. No one got it from vaccine "shedding," because that doesn't really happen with the measles vaccine.

Myth: The measles vaccine is linked to autism

The vaccine for measles has been around since 1963. It has prevented countless cases of the diseases and has long been proven safe and effective. But people are still hesitant to take it and/or give it to their children. The belief that the measles vaccine, or any vaccine, can cause autism is one of the reasons. A recent survey conducted by the University of Pennsylvania's Annenberg Public Policy Center, found that 24% of Americans believe there is a link between vaccines and autism, and 3% aren't sure.

The supposed link between autism and vaccination is based on two flawed studies that have been thoroughly and overwhelmingly debunked. To put it simply, if you listen to the science, there's no there there. Vaccines for measles are safe and effective, and they prevent the disease and thus save lives. If enough people get vaccinated, we can eliminate measles from our country (in fact, the World Health Organization did declare it eradicated in the U.S. back in 2000, though as lower vaccination rates have recently resulted in more frequent outbreaks, that designation is at risk). It's really as simple as that.

Myth: Measles can be cured or prevented with vitamin A

The idea that vitamin A can be used to treat measles has a grain of truth of it, but it's a small grain. Studies conducted in developing nations indicate vitamin A can help prevent complications in severe measles cases, and that children with low amounts of vitamin A tend to develop more severe cases of measles. But in the United States, where few children have such nutritional deficiencies, it's unclear whether there's any benefit to giving vitamin A for measles. Some doctors' position is "why not?" but vitamin A is not part of the measles treatment protocol in the U.S., let alone a recognized cure or preventative measure. It's definitely not a substitute for vaccination.

To prevent measles cases in the current outbreak, public health officials are encouraging people to get vaccinated. One cool thing about the measles vaccine: As the Texas health department points out, a dose can still be given within 72 hours after you are exposed to the virus to lessen the severity of the disease if you do get sick.

Myth: Measles can be prevented by "natural means"

The only "natural" way you can prevent the spread of measles is by staying away from other people if you are infected with it. Measles doesn't care if you eat healthy food and work out. It's extremely contagious—according to the CDC, "if one person has it, up to 9 out of 10 people who are nearby will become infected if they are not protected." Being a generally healthy may result in a better outcome if you are infected, but not getting infected in the first place (by being vaccinated) is an infinitely healthier choice.

Myth: Measles parties can help kids gain "natural immunity"

While surviving measles will protect you from reinfection, this "natural" immunity offers no more protection from the disease than vaccination, and, again, it's much riskier: About three out of every 1,000 people who get measles die (a tally that sadly included a child in Texas amid the current outbreak) and more suffer life-changing complications. As Dr. Ron Cook, chief health officer for the Texas Tech University Health Sciences Center in Lubbock, put it in a press conference, "We can’t predict who is going to do poorly with measles, being hospitalized, potentially get pneumonia or encephalitis, or potentially pass away.

"It’s a foolish thing to go have measles parties," he added, I imagine with a pained sigh.

Myth: The current measles outbreak is normal

Deadly measles outbreaks are unusual in the U.S. Until this year, we hadn't had a child die from measles since 2015. Heck, measles has been considered eliminated from both North and South America since 2000. Since 2000, our measles outbreaks have been small and sporadic, started by travelers who brought a case in from overseas. Quick action from the CDC and from local health authorities has usually managed to get things back under control. But low rates of measles vaccination make it easier for these small outbreaks to spread to larger areas, and we may be looking at a new and growing problem.

Along with Texas, this year measles cases have been reported in Kentucky, California, New Mexico, Georgia, Alaska, New Jersey, and Pennsylvania, but there are less than 200 cases total, so it's unclear if the current wave is the beginning of a larger problem. But it isn't good. The fear is that the current climate of vaccine hesitancy and reduced vaccination rates will lower the percentage of immunized people enough that measles will reestablish a foothold in the U.S. According to the CDC a vaccination rate of 95% is needed for "herd immunity" but we're slipping below that magic number. Fourteen states have fallen under 90 percent.

Myth: You can't get measles if you've been vaccinated

The vaccine for measles is extremely effective (and safe) but it's not 100% effective. It's "only" 97% effective. No one knows why a small number of people get measles even though they've had shots. On the bright side, vaccinated people who suffer from "breakout" measles tend to have milder cases.

Myth: There's nothing we can do about rising rates of measles

The sudden spike in measles cases is alarming, but it's nothing compared to a measles outbreak that occurred in the early 1990s. That one was much worse, but it also provides historical evidence of how to combat a measles outbreak.

Even though the vaccine was nearly 30 years old at that point, there were 27,000 cases of measles in the U.S. in 1990. Low-income communities in New York City were hit hardest, although outbreaks were also reported in Philadelphia, Chicago, Los Angeles, and Houston. The root cause was the same as with the current rash of the disease: Not enough people were being vaccinated. In 1990, the CDC estimated that about half of all inner-city toddlers in New York City had not been vaccinated by their second birthday, mostly because the vaccine was difficult to get or difficult to afford.

The response from city, state, and federal government included wide-ranging public outreach programs, mobile immunization centers, the creation of the federal, congressionally approved Vaccines for Children Program, pro vaccine messages flashed in Times Square, and even Michelangelo from the Teenage Mutant Ninja Turtles emerging from a sewer to encourage kids to get vaccinated. In short, we really threw everything we had at pro-vaccine, anti-measles messaging. And it worked: Vaccination rates climbed above 90% in New York. Whether a similar effort would work in today's climate of distrust and misinformation is an open question, but at least there's evidence vaccination has worked to contain an outbreak once before.

from Lifehacker https://ift.tt/b7s1YzJ

Virtual Chief Information Security Officer (vCISO) services are in high demand. Even though it is clear to all that this trend is growing, most service providers only offer a portion of overall CISO duties. Many ask themselves “Can we offer vCISO services?”, “What does it take to offer comprehensive vCISO services”?, and “What will be the benefit of doing so?”.

About the ebook

This eBook provides answers gleaned from some of the best vCISOs in the world – people who have successfully scaled their vCISO services without adding personnel or expensive infrastructure. It explains the minimal requirements for a vCISO practice.

The eBook explains:

The essential functions of the vCISO – the minimum requirements for full vCISO services
What it takes to move from partial delivery of vCISO duties to comprehensive delivery
The upsell potential of delivering comprehensive vCISO services
How service providers already offering risk assessments or compliance services can expand effortlessly into vCISO services
The platforms that help vCISO providers to broaden their offerings and scale without adding more personnel resources

from Help Net Security https://ift.tt/63B2N1P