fbpx

Download free GDPR compliance checklist!

Tag Archives for " cybersecurity "

Over 15 billion records were exposed last year

The total number of records exposed in 2019 increased by 284 percent compared to 2018. In total, there were over 15.1 billion records exposed.

There were 7,098 breaches reported in 2019, a one percent increase on 2018, though the gap is anticipated to grow throughout Q1 2020 as more 2019 incidents come to light, says the new Risk Based Security report, 2019 Year End Data Breach QuickView Report.

Source: #Privacy: Over 15 billion records were exposed last year

Macs in greater cybersecurity danger than Windows for first time

The “State of Malware” report published by endpoint protection and remediation specialist, Malwarebytes, shows Mac threats are growing faster than their Windows counterparts for the first time ever, with nearly twice as many Mac threats detected per endpoint as Windows threats.

Malwarebytes detected an average of 11 threats per Mac endpoint in 2019—nearly double the average of 5.8 threats per endpoint on Windows. Overall Mac threats increased by more than 400 percent, year-over-year.

Source: #Privacy: Macs in greater cybersecurity danger than Windows for first time, malware report finds

ICO issues maximum pre-GDPR fine on major UK retailer

Last month the Information Commissioner’s Office (ICO), the UK data protection regulator, imposed a monetary penalty notice of £500,000 on electronics retailer DSG Retail Limited (DSG), a company better known by its trading brands, such as Currys PC World and Dixons Travel. DSG is a subsidiary of Dixons Carphone plc.

The personal data breach occurred during a compromise of DSG’s systems in the time period between 24 July 2017 to 25 April 2018 – before GDPR came into force.

The ICO’s decision to impose the maximum penalty is another clear example of the fact that the ICO is determined to use its fining powers when it considers it appropriate and to impose high fines for what it considers to be serious failures.

Source: #Privacy: ICO issues maximum pre-GDPR fine on major UK retailer

Software error exposes the ID numbers for 1.26 million Danish citizens

Danish tax portal accidentally shares tax payer identification numbers with Google and Adobe analytics services.

The error lasted for five years (between February 2, 2015, and January 24, 2020) before it was discovered by Danish Agency for Development and Simplification (Udviklings-og Forenklingsstyrelsen, or UFST).

Source: Software error exposes the ID numbers for 1.26 million Danish citizens | ZDNet

Russian hackers sponsoring cyber-crime competitions

Researchers have uncovered a new cybercriminal trend where Russian hackers are running contests on cybercriminal forums, such as Exploit and XSS, with increasingly high-stakes prizes.

According to Digital Shadows researchers , these forum-based contests are not exactly new, but prize values have recently increased as major hacking teams, such as Sodinokibi (aka REvil), are signing on to sponsor such competitions.

Source: #Privacy: Russian hackers sponsoring cyber-crime competitions

Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought

Corporations love to pretend that ‘anonymization’ of the data they collect protects consumers. Studies keep showing that’s not really true.

When it was revealed that Avast is using its popular antivirus software to collect and sell user data, Avast CEO Ondrej Vlcek first downplayed the scandal, assuring the public the collected data had been “anonymized”—or stripped of any obvious identifiers like names or phone numbers.

But analysis from students at Harvard University shows that anonymization isn’t the magic bullet companies like to pretend it is. Previous studies have shown that even within independent individual anonymized datasets, identifying users isn’t all that difficult. But when data from different leaks are combined, identifying actual users isn’t all that difficult.

Source: Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought – VICE

Hackers are hijacking smart building access systems to launch DDoS attacks

More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix.

Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall.

Source: Hackers are hijacking smart building access systems to launch DDoS attacks | ZDNet

Chicago police using controversial Clearview AI facial recognition tool that taps photos from Facebook, other sites

The Chicago Police Department is using a controversial facial recognition tool that allows investigators to search an image of unknown suspects to see if it matches a database of three billion photos lifted from websites like Facebook, YouTube and Twitter — a technology privacy advocates say is so ripe for abuse that cops should stop using it immediately.

Critics say Clearview AI’s software is an invasive overreach because it grabs the photos without the consent of those pictured or even the websites that post them. But Chicago police spokesman Anthony Guglielmi said facial recognition software like Clearview adds “jet fuel” to the department’s ability to identify and locate suspects.

Source: Clearview AI facial recognition: Chicago police using controversial tool that taps photos from Facebook, other sites – Chicago Sun-Times

Avast Is Going To Stop Selling Your Web Habits

Avast, one of the world’s biggest antivirus and security companies, announced plans to wind up its subsidiary Jumpshot after a privacy furor erupted over the last two months.

With 400 million users, the potential for privacy infringements was great. Data sold to companies like Google, Microsoft, Home Depot and many other companies included information about websites people visited, including porn sites and what specific videos they watched and more.

Source: Avast Is Going To Stop Selling Your Web Habits

Forensics detective says Android encryption now superior to iPhones

According to a forensics detective, Android encryption has made it harder to crack Android phones as compared to iPhones. This is a reversal from the norm.

Cellebrite — one of the most prominent companies that government agencies hire to crack smartphones — has a cracking tool that can break into any iPhone made up to and including the iPhone X. The tool pulls data such as GPS records, messages, call logs, contacts, and even data from specific apps such as Instagram, Twitter, LinkedIn, etc., all of which could be incredibly helpful in prosecuting criminals.

However, that same Cellebrite cracking tool is much less successful with Android encryption on prominent handsets.

Source: Forensics detective says Android encryption now superior to iPhones

1 2 3 105
>