fbpx

Download free GDPR compliance checklist!

Category Archives for "Security"

Atlassian says encryption-busting law has damaged Australia’s tech reputation

Startup darling has taken further aim at the TOLA Act, echoing calls for the warrant process to have independent oversight.

Atlassian believes Australia’s encryption-busting legislation continues to have a negative impact on the country’s technology sector, both from the perspective of partnering with an Australian company and attracting tech talent down under.

Source: Atlassian says encryption-busting law has damaged Australia’s tech reputation | ZDNet

Years before big hack, Twitter contractors reportedly spied on celebs

Years before the July 15th attack on Twitter that let hackers compromise some of the social network’s most high-profile accounts to tweet Bitcoin scams, Twitter contractors apparently were able to use Twitter’s internal tools to spy on some celebrities, including Beyoncé, chronicling longtime security concerns at the company.

The tools in question typically allow certain Twitter staffers to do things like reset accounts or respond to content violations, but they could apparently also be used to spy on or hack an account.

Source: Years before big hack, Twitter contractors reportedly spied on celebs, including Beyoncé – The Verge

The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

On Tuesday, July 21, 2020, the New York Department of Financial Services (NYDFS) brought its first enforcement action under its Cybersecurity Regulation against a large title insurer for failing to protect sensitive personal information.

The NYDFS is seeking civil monetary penalties, an order requiring the Company to remedy the alleged violations, and any other relief deemed just and appropriate.

Source: The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

Garmin global outage caused by ransomware attack

The WastedLocker ransomware, used by a notorious Russian hacking group, is said to be to blame.

The incident began late Wednesday and continued through the weekend, causing disruption to the company’s online services for millions of users, including Garmin Connect, which syncs user activity and data to the cloud and other devices.

Source: Garmin global outage caused by ransomware attack, sources say | TechCrunch

EU citizens raise concerns about online data misuse

More than one in two citizens of the European Union are concerned about the misuse of their online data by fraudsters and cybercriminals, a new EU study has found.

As part of a recent survey undertaken by the EU’s agency for fundamental rights published on Wednesday, an average of 55% of respondents said they are concerned that the information they share online and on social media, could be maliciously accessed.

Source: EU citizens raise concerns about online data misuse – EURACTIV.com

Twitter notifies Irish DPC about hack

Social media company Twitter has officially informed Ireland’s Data Protection Commissioner (DPC) of a cyberattack involving high-profile accounts.

The DPC is reviewing the notification and has yet to decide if to launch an investigation into the incident, according to media reports.

Source: Twitter notifies Irish DPC about hack

The Twitter hack shows a major cybersecurity vulnerability: employees

Attackers keep finding ways to leverage human weakness to get around security measures.

On Wednesday, Twitter fell victim to hackers who used a “coordinated social engineering attack” to compromise some of Twitter’s highest-profile accounts—including those belonging to Barack Obama, Elon Musk, Bill Gates, and Kanye West—to launch a crypto scam targeting those users’ followers.

While cybersecurity advances have hardened IT infrastructure and made it increasingly difficult to hack systems remotely, criminals have a logical way around these measures: targeting the employees who are already inside the systems.

Source: The Twitter hack shows a major cybersecurity vulnerability: employees.

Academic Project Used Marketing Data to Monitor Russian Military Sites

Cellphone location data purchased from marketers enabled researchers at Mississippi State to track the movements of Russian generals. The data have major implications for national-security and law-enforcement agencies, too.

At one of the locations, the Nyonoksa Missile Test Site in northern Russia, the group identified 48 mobile devices present on Aug. 9, one day after a mysterious radiation spike there generated international headlines and widespread speculation that a Russian missile test had gone wrong.

Source: Academic Project Used Marketing Data to Monitor Russian Military Sites – WSJ

UK Government admits breaking privacy law with NHS test and trace

Ministers accused of reckless behaviour over roll-out, with Guardian learning of data breaches.

The UK government broke the law in rolling out its test-and-trace programme without a full assessment of the privacy implications, the Department of Health and Social Care has admitted after a legal challenge.

Source: Government admits breaking privacy law with NHS test and trace

Seven ‘no log’ VPN providers accused of leaking user logs onto the internet

A string of “zero logging” VPN providers have some explaining to do after more than a terabyte of user logs were found on their servers unprotected and facing the public internet.

This data, we are told, included in at least some cases clear-text passwords, personal information, and lists of websites visited, all for anyone to stumble upon.

Source: Seven ‘no log’ VPN providers accused of leaking – yup, you guessed it – 1.2TB of user logs onto the internet • The Register

1 2 3 123
>