fbpx

Download free GDPR compliance checklist!

Category Archives for "Security"

€114 Million in Fines Imposed by EU Authorities Under GDPR

New findings from DLA Piper show that 160,000 data breach notifications reported across 28 European Union Member States and data protection authorities have imposed €114 million in monetary fines under the GDPR for a wide range of infringements. Not all fines were related to data breach infringements, however.

In terms of the total value of fines issued by geographical region, France (€51m), Germany (€24.5m) and Austria (€18m) topped the rankings, whilst the Netherlands (40,647), Germany (37,636) and the UK (22,181) had the highest number of data breaches notified to regulators.

Source: €114m in Fines Imposed by Euro Authorities Under GDPR – Infosecurity Magazine

Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

2019 saw continued growth and change in data protection and cyber-security across the Asia-Pacific. Following the implementation of the GDPR in May, 2018, many jurisdictions moved to review and strengthen existing data privacy and cyber-security laws.

In addition, 2019 saw regulators publishing findings in respect of some of the largest data incidents of 2018. We have set out below the key highlights of the year and what to look out for in 2020.

Full article: Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

NSA alerted Microsoft to major Windows 10 security flaw

The National Security Agency recently alerted Microsoft to a major flaw in its Windows operating system that could let hackers pose as legitimate software companies.

Microsoft issued a software update on Tuesday to fix the vulnerability, as part of its normal schedule for releasing software patches.

Source: NSA alerted Microsoft to major Windows 10 security flaw – CNN

US Government-funded Android phones come preinstalled with unremovable malware

An Android phone subsidized by the US government for low-income users comes preinstalled with malware that can’t be removed without making the device cease to work, researchers reported on Thursday.

The first is heavily obfuscated malware that can install adware and other unwanted apps without the knowledge or permission of the user. The second unpleasant surprise is something called Wireless Update. While it provides a mechanism for downloading and installing phone updates, it also loads a barrage of unwanted apps without permission.

Source: US Government-funded Android phones come preinstalled with unremovable malware | Ars Technica

Top Apps Invade User Privacy By Collecting and Sharing Personal Data

A new report published today by the Norwegian Consumer Council (NCC) looks at the hidden side of the data economy and its findings are alarming.

Scrutinizing 10 popular apps in Google Play Store, such as Grindr, Clue, and Perfect365, the NCC report’s technical analysis reveals comprehensive tracking and profiling practices. Personal data is systematically collected and shared with dozens of third-party companies without users’ knowledge.

Source: Top Apps Invade User Privacy By Collecting and Sharing Personal Data, New Report Finds

The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About

More and more of our vital infrastructure is coming online and vulnerable to digital attacks, data breaches involving the leak of personal information are becoming more frequent and bigger, and there’s an increasing awareness of political interference and state-sanctioned cyberattacks.

Here’s what will be top of the agenda when it comes to cybersecurity over the coming year:

  1. Artificial intelligence (AI) will play an increasing role in both cyber-attack and defense
  2. Political and economic divisions between east and west lead to increased security threats
  3. Political interference increasingly common and increasingly sophisticated
  4. The cybersecurity skills gap continues to grow
  5. Vehicle hacking and data theft increases

Full article: The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About

Exploit Fully Breaks SHA-1 encryption

Users of GnuPG, OpenSSL and Git could be in danger from an attack that’s practical for ordinary attackers to carry out.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering.

Source: Exploit Fully Breaks SHA-1, Lowers the Attack Bar | Threatpost

UK looks to replace passwords with biometric technology to reduce NHS login time

The U.K. government is investing £40 million (USD$52 million) in multi-factor authentication technology to upgrade NHS staff computer login system and reduce employee login time, which has reportedly brought great stress and dissatisfaction among staff members.

The system will focus on a partnership with IT system suppliers to replace password logins with biometric multi-factor logins such as fingerprint access, making sure trusts comply and update processes so that staff is granted the access permission needed, and merging local with national system so healthcare facilitators can access all clinical and workforce systems. The upgrade will not only save time logging into different IT systems, but it will also boost infrastructure security.

Source: UK looks to replace passwords with biometric technology to reduce NHS login time | Biometric Update

Retailer fined half a million pounds for data breach of at least 14 million people

The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.

An attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine month period before the attack was detected.

The company’s failure to secure the system allowed unauthorised access to 5.6 million payment card details used in transactions and the personal information of approximately 14 million people, including full names, postcodes, email addresses and failed credit checks from internal servers.

Source: National retailer fined half a million pounds for failing to secure information of at least 14 million people | ICO

Study finds consumers would choose biometric authentication over passwords

Passwords are a double-edged sword: they are meant to protect information, but they are also frustrating with so many to remember and manage.

A recent Visa survey showed that 68% of U.S. shoppers have abandoned an online purchase due to forgetting a password, trouble logging in, or issues receiving a one-time passcode.

According to Visa, more than half of credit cardholders who responded to the survey (53%) say they would switch banks if their current doesn’t offer biometric authentication options.

Source: #Privacy: Study finds consumers would choose biometric authentication over passwords

1 2 3 108
>