fbpx

Download free GDPR compliance checklist!

Tag Archives for " cybersecurity "

NSA officials worried about the day its potent hacking tool would get loose. Then it did.

When the National Security Agency began using a new hacking tool called EternalBlue, those entrusted with deploying it marveled at both its uncommon power and the widespread havoc it could wreak if it ever got loose.

Some officials even discussed whether the flaw was so dangerous they should reveal it to Microsoft, the company whose software the government was exploiting, according to former NSA employees who spoke on the condition of anonymity given the sensitivity of the issue.

But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials’ worst fears have been realized.

Source: NSA officials worried about the day its potent hacking tool would get loose. Then it did. – The Washington Post

Leaked NSA Malware Is Helping Hijack Computers Around the World

IN MID-APRIL, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Source: Leaked NSA Malware Is Helping Hijack Computers Around the World

5 things we learned from WanaCryptor, the biggest ransomware attack in internet history

On Friday, some hospitals in the United Kingdom were struck with a peculiar attack: computers taken over, data inside encrypted and held ransom, all for the measly payment of just $300. The attack spread rapidly, hitting 150 countries and shutting down everything from telecoms in Spain to the Interior Ministry in Russia. And then, through a stroke of luck, the WanaCryptor attack was stalled in its tracks, a killswitch discovered by happenstance just in time for the weekend. What, exactly are we to make of the largest ransomware attack in history?

Source: 5 things we learned from WanaCryptor, the biggest ransomware attack in internet history | Popular Science

Global Ransomware Attacks Raise Key Legal Considerations

On May 12, 2017, a massive ransomware attack, known as “WannaCry,” began affecting tens of thousands of computer systems in over 100 countries. These types of incidents can have significant legal implications for affected entities and industries for whom data access and continuity is critical.

Source: Global Ransomware Attacks Raise Key Legal Considerations : : Privacy & Information Security Law Blog

Can gender balance impact organizational security?

According to new research, age, experience, gender, and attitudes influence risky behaviors and security culture.

CLTRe, a Norwegian security culture research company, today released its Security Culture Report 2017, which studied more than 10,000 employees across five verticals in two countries within the Nordics to determine how risk and security is understood and actioned.

Source: New report reveals how “human factors,” including gender balance, can impact organizational security | ZDNet

Google’s NightWatch Team Stands Between Users and Dark Places of the Internet

The NightWatch team at Google is unique not just at the internet giant, but for Silicon Valley overall, where an emphasis on being quick to market and capturing audience attention often comes at the expense of creating a product that takes into account the diverse range of people using it. Made up of engineers, lawyers, activists, and others who take a special interest in advocating for communities that might otherwise be overlooked, the NightWatch team doesn’t look like the average group of people you’d find on a tech campus.

Source: You’ve Never Heard Of This Team At Google — But They’re Thinking About You

On Balancing Insider-Threat Protection and Employee Privacy

Insider attacks is serious threat to business. They are hard to detect and stop with traditional preventative controls. Cloud computing and BYOD makes it even harder. However, practices engaged in by business to secure their data and prevent data breaches may come in conflict with employees right to privacy.

Source: On Balancing Insider-Threat Protection and Employee Privacy

>