What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-06 10:43:00 | Report: Over 59,000 GDPR data breach notifications, but only 91 fines (lien direct) | Since the European Union's General Data Protection Regulation (GDPR) came into effect in May last year, EU organizations have reported almost 60,000 data breaches, but so far fewer than 100 fines have been issued by regulators. [ Learn how to protect personally identifiable information (PII) under GDPR. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach | ||
 |
2019-02-01 21:35:01 | Houzz Urges Password Resets After Data Breach (lien direct) | The decorating website said that account usernames, passwords and more have been compromised as part of a breach. | Data Breach | ||
 |
2019-02-01 16:10:03 | Data Breach Fatigue Makes Every Day Feel Like Groundhog Day (lien direct) | >The incessant stream of high-profile data breaches can make every day seem like Groundhog Day. How can businesses combat data breach fatigue and rebuild trust through improved breach response? | Data Breach | ||
 |
2019-02-01 14:00:00 | Things I Hearted This Week, 1st Feb 2019 (lien direct) |
Hello February! I was doing some research last night and was surprised to discover that the Target breach is over five years old! Five years! I was sure it only happened a couple of years ago - but such is the fast-paced nature of the industry, and also I guess a testament to how certain major breaches become part of infosec folklore. Like TJX, or Heartland - and no, I’m not going to look up when any of those occurred because I’ll probably end up feeling a lot older than I already do.
Enough reminiscing - let’s get down to it.
The Big Five
There’s been a lot of things I didn’t heart this week, although for one reason or another they ended up in my list of things to talk about. So, if you’re wondering about the stories regarding Facebook and Apple, and also Google, then yes, I did see them, and no, I don’t fancy talking about them.
But speaking of large companies, Kashmir Hill has undertaken what is perhaps becoming my favourite piece of tech journalism ever. WIth detailed write ups and slick videos showcasing how she cut out the big five of Amazon, Facebook, Google, Microsoft, and Apple from her life, one week at a time.
Life without the tech giants | Gizmondo
Week 1, Amazon | Gizmondo
Week 2, Facebook | Gizmondo
Week 3, Google | Gizmondo
Considerations for When Your Apartment Goes “Smart”
Everything is getting ‘smart’ these days. By smart, I mean connected and vulnerable. So, what should you do if you live in an apartment where everyone is getting fancy new smart locks (or terribly insecure cheap locks depending on how you look at it).
Lesley Carhart recently found herself in the same position, and has written a really good post on security considerations if you ever find yourself in a similar position.
Security Things to Consider When Your Apartment Goes ‘Smart’ | tisiphone
Abusing Exchange: One API Call Away From Domain Admin
An attacker with just the credentials of a single lowly Exchange mailbox user can gain Domain Admin privileges by using a simple tool. Very good writeup here.
Abusing Exchange: One API call away from Domain Admin | dirkjanm.io
_(1)_(1).jpg)
Sending Love Letters
The "Love Letter" malspam campaign has now changed its focus to Japanese targets and almost doubled the volume of malicious attachments it delivers.
Love Letter Malspam Serves Cocktail of Malware, Heavily Targets Japan | Bleeping Computer
While we’re talking about Japan, a new law in Japan allows the nation's National Institute of Information and Communications Technology (NICT) to hack into citizens' personal IoT equipment as part of a survey of vuln |
Data Breach Hack | Yahoo | |
 |
2019-02-01 13:55:01 | Home Design Website Houzz Alerts Users of Data Breach (lien direct) | Home remodeling and design platform Houzz informed customers this week of a data breach that involved some personal information. | Data Breach | ||
 |
2019-02-01 09:04:02 | State Bank of India left archive with millions of Customer messages exposed (lien direct) | Another data breach made the headlines, this time the victim is the State Bank of India that left a database containing personal information exposed online. The State Bank of India that left a database containing personal information exposed online. The discovery was made by an anonymous security researcher that has found a server used for […] | Data Breach | ||
|
2019-01-31 21:55:03 | Minnesota Department of Human Services Reports Data Breach (lien direct) | The Minnesota Department of Human Services says a data breach potentially exposed personal information on up to 3,000 people. | Data Breach | ||
|
2019-01-31 18:51:05 | 2019 Already Marred By Slew of Data Breach Incidents (lien direct) | So far, 2019 shows no signs of a decline in data incidents. | Data Breach | ||
|
2019-01-31 15:13:00 | Airbus data breach exposes some employees\'data (lien direct) | The European airplane manufacturer Airbus announced to have suffered a data breach that exposed some employees’ data. The European airplane manufacturer Airbus announced to have suffered a data breach, hackers broke into the company “Commercial Aircraft business” information systems and gained access to some of its employees’ personal information. “Airbus SE (stock exchange symbol: AIR) […] | Data Breach | ||
 |
2019-01-31 13:50:00 | Airbus Employee Info Exposed in Data Breach (lien direct) | Few details as yet on a cyberattack that hit Airbus' commercial aircraft business. | Data Breach | ||
 |
2019-01-31 10:31:03 | Yahoo\'s Settlement Proposal on Data Breach Case Rejected by Court. (lien direct) | Yahoo's proposed a $50 million pay-out, plus two years of free credit monitoring for about 200 million people in the United States and Israel was rebuffed by U.S. District Judge Lucy Koh, who said she couldn't declare the settlement “fundamentally fair, adequate and reasonable” because it did not say how much victims could expect to […] | Data Breach | Yahoo | |
 |
2019-01-31 00:59:01 | Airbus Suffers Data Breach, Some Employees\' Data Exposed (lien direct) | European airplane maker Airbus admitted yesterday a data breach of its "Commercial Aircraft business" information systems that allowed intruders to gain access to some of its employees' personal information.
Though the company did not elaborate on the nature of the hack, it claimed that the security breach did not affect its commercial operations. So, there's no impact on aircraft production.
|
Data Breach | ||
 |
2019-01-30 22:34:01 | Airbus data breach impacts employees in Europe (lien direct) | Aircraft manufacturer still investigating the breach. Did not reveal any other information. | Data Breach | ||
 |
2019-01-30 16:33:04 | Airbus Data Breach Exposes Employee Credentials, Professional Contact Details (lien direct) | Commercial aircraft manufacturer Airbus announced a data breach incident that impacted the company's "Commercial Aircraft business" information systems and led to third parties gaining unauthorized access to data. [...] | Data Breach | ||
 |
2019-01-30 12:19:00 | Judge Denies Approval of $50M Settlement to Yahoo Data Breach Lawsuit (lien direct) | A federal judge has denied the approval of a proposed $50 million settlement to a class action lawsuit over a data breach at Yahoo. On 28 January, Judge Lucy Koh rejected the settlement in a order submitted to the San Jose division of the U.S. District Court in the Northern District of California. The settlement, […]… Read More | Data Breach | Yahoo | |
|
2019-01-30 12:00:00 | Discover Issues New Cards Following Data Breach (lien direct) | The credit card company reports Discover's card systems were not involved in the breach, discovered in August 2018. | Data Breach | ||
 |
2019-01-29 14:50:00 | Yahoo data breach payout blocked by judge (lien direct) | The judge is unhappy about the sum involved and the vagueness of promised cyber-security fixes. | Data Breach | Yahoo | |
|
2019-01-29 12:06:02 | Untold Number of Discover Card Account Holders Notified of Data Breach (lien direct) | An undisclosed number of Discover card account holders have learned of a data breach that might have compromised their account information. According to Bleeping Computer, Discover Financial Services first learned of the security incident on 13 August 2018. The American financial services company subsequently filed data breach notices with the California Attorney General’s office on […]… Read More | Data Breach | ||
|
2019-01-28 18:35:05 | Discover Card Users Affected by Data Breach, New Credit Cards Issued (lien direct) | Discover Financial Services learned that on August 13, 2018, "Discover card account might have been part of a data breach," according to a data breach notice filed on January 25, 2019, with the California Attorney General's office [...] | Data Breach | ||
|
2019-01-28 09:25:05 | (Déjà vu) Data breach notification law amended in Massachusetts. (lien direct) | The Massachusetts data breach notification law has been amended. The amendments include providing victims who fall victim to a data breach a free credit freeze and 18 months of free credit monitoring. Furthermore, companies can no longer delay notifying authorities and victims of a breach on the basis that they do not know the number […] | Data Breach | ||
|
2019-01-28 04:00:01 | Regulatory Fines, Prison Time Render “Check Box” Security Indefensible (lien direct) | In May 2017, the Equifax data breach compromised critical credit and identity data for 56 percent of American adults, 15 million UK citizens and 20,000 Canadians. The Ponemon Institute estimates that the total cost to Equifax could approach $600M in direct expenses and fines. That doesn't include the cost of the security upgrades required to […]… Read More | Data Breach | Equifax | |
|
2019-01-27 10:47:00 | (Déjà vu) Security Affairs newsletter Round 198 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Collection #1 Data Breach Analysis – Part 1 […] | Data Breach | ||
|
2019-01-26 08:48:04 | “Collection #1” Data Breach Analysis – Part 2 (lien direct) | The cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on dataThe cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on data On January 19th we downloaded Collection #1 to make statistics […] | Data Breach | ||
|
2019-01-25 12:22:04 | GDPR Behind 42K Data Breach Notifications, 255 Investigations (lien direct) | Data Protection Authorities (DPAs) across Europe received 95,180 complaints regarding the mishandling of personal data and companies reported a record number of 41,502 data breaches since the General Data Protection Regulation (GDPR) was enacted on 25 May 2018 [...] | Data Breach | ||
|
2019-01-25 10:21:00 | What is a supply chain attack? Why you should be wary of third-party providers (lien direct) | A supply chain attack, also called a value-chain or third-party attack, occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data. This has dramatically changes the attack surface of the typical enterprise in the past few years, with more suppliers and service providers touching sensitive data than ever before. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach | ||
|
2019-01-24 14:00:00 | The Changing Face Of Cybersecurity In The 21st Century (lien direct) |
67% of small and micro businesses have experienced a cyber attack, while 58% have experienced a data breach within the last 12 months, according to a study conducted by the Ponemon Institute. Cybersecurity has become one of the major questions that plague the 21st century, with numerous businesses reporting significant losses resulting from loss of private customer data, denial of service (DoS) attacks that cripple operations and internal employee threats that pose a growing data security challenge for both small and large companies. When you consider the effects of the cyber attack in Alaska and the astounding number of businesses it crippled, it's clear that businesses owners need to understand the threats they face today.
The Question of Cybersecurity
A few decades ago, the thought of cyber warfare would have seemed far-fetched to say the least. But today, it has become as likely as it is terrifying, especially when you consider how many of our gadgets are connected to the internet - mobile phones, smart TVs, PCs, and IoT devices. The technical advancements in data-hacking have led to the parallel development of data-protection. While downloading an antivirus software may previously have been sufficient protection, this is now only a preliminary measure, and must be coupled with stronger controls like 2-factor authentication, access control, and raising threat awareness. The cyber-security industry grows steadily each day, and it is now possible to find adequate protection for all your gadgets: from your phone to your tablet and yes, even your new television set.
Artificial Intelligence Shaping Cybersecurity
If you have a basic interest in the tech world, you will have undoubtedly come across Sophia. Sophia is a humanoid robot and may be termed by many as the perfect illustration of how far AI has come. It is for this reason that AI is leading the cybersecurity field. This is through the application of the concept of synthesizing data. Basically, what this means is that two independent chunks of information can be combined to arrive at a single conclusion. In layman's terms, AI is expected to improve cybersecurity by speeding up incident response when malicious activity is detected, thwarting ransomware and automating practices. This way, companies will be able to remain a step ahead of potential cyber threats.
The Future of Cybersecurity Innovation
Conventionally, data transfer has been achieved through electrical signals. However, this may change if we enter the era of data exchange through light signals. This works through the use of photons as carriers of quantum information in cyberspace. Photons are light particles which are generated simultaneously in pairs. With timing controls, this would mean that data transfer would only be possible if twin-photon particles existed for the sender and recipient. Ultimately, the only way to hack the data would be to upend the laws of physics. More innovations like deep learning, cloud technology, and hardware will revolutionalize the future of cybersecurity, making it easier for companies to prevent cyber attacks.
The field of cybersecurity is shifting and improving daily to match the changing needs of today’s cyberspace. It is essential that everyone, including businesses, become familiar with the means with which to protect their data. Understanding the changing face of cybersecurity is a key step to achieving that goal.
|
Ransomware Data Breach Hack Threat Guideline | ||
|
2019-01-24 08:00:00 | GDPR Compliance Lowers Data Breach Frequency and Impact Says Report (lien direct) | Companies that follow the requirements of the General Data Protection Regulation (GDPR) experience extra benefits such as lower frequency and effect of data breaches, as well as fewer records being impacted in the attacks, shorter downtimes and lower overall costs [...] | Data Breach | ||
|
2019-01-22 15:39:04 | Proposed Law Classifies Ransomware Infection as a Data Breach (lien direct) | The newly announced Act to Strengthen Identity Theft Protections in North Carolina proposes that ransomware attacks be treated as data breaches. | Ransomware Data Breach | ★★ | |
|
2019-01-21 12:02:02 | Data Collected from Old Breaches Is Not a New Data Breach (lien direct) | Knowing what I typically write about, my phone has been dinging and ringing lately as people were concerned about the new MONSTER MEGA DATA BREACH that they read about online. Of course they were referring to the numerous stories published this week about a giant data breach with 773 million unique email addresses in it. [...] | Data Breach | ||
|
2019-01-20 06:31:04 | “Collection #1” Data Breach Analysis – Part 1 (lien direct) | Cybersecurity expert Marco Ramilli has analyzed the huge trove of data, called Collection #1, that was first disclosed by Troy Hunt. Few weeks ago I wrote about “How Data Breaches Happen“, where I shared some public available “pasties” within apparently (not tested) SQLi vulnerable websites. One of the most famous data breaches in the past […] | Data Breach | ||
|
2019-01-18 14:00:00 | Things I Hearted This Week, 18 Jan 2019 (lien direct) |
London saw a few flakes of snow drop this week, and social media nearly broke with everyone sharing photos of the white pixie dust falling from the sky. Fortunately, I have few friends, and even fewer social media platforms that I use, so was saved from most of the insanity… well, except for my daughter singing “let it snow”..jpg)
TheCurious Case of the Raspberry Pi in the Network Closet
What would you do if you found a Raspberry Pi plugged into the network closet? Sounds like something from your worst nightmare, especially if you hadn’t commissioned any red team testing.
But that’s exactly what one team found, and this is the story of how they tracked down (almost) the suspect. If Scooby Doo has taught me anything, it was the janitor!
The curious case of the Raspberry Pi in the network closet | Christian Haschek
Ad Company Serves Magecard Code
To quote Miss IG Geek, when your supply chain is so long you don’t even know who’s got their fingers in your website, you cannot manage your risk.
Yeah, go ahead, ask me to disable my ad-blocker.
Compromised ad company serves Magecart skimming code to hundreds of websites | HelpNetSecurity
Hunting the Con Queen of Hollywood: Who's the "Crazy Evil Genius" Behind a Global Racket?
This is a story from last July, but only saw it this week, and wow. This is a masterclass in social engineering, and the work of someone who genuinely seems to enjoy tormenting her victims.
Hunting the Con Queen of Hollywood: Who's the "Crazy Evil Genius" Behind a Global Racket? | Hollywood Reporter
Beware Of This Scam Targeting Travel Photographers And Instagram Influencers | SLR Lounge
The DDoS Attacker Rescued by a Disney Cruise Ship is Sentenced to Over 10 Years in Prison
.jpg)
A 34-year old man has been sentenced to more than 10 years in prison, after being found guilty of launching a massive denial-of-service attack against Boston Children’s Hospital.
The sentencing of Martin Gottesfeld, from Somerville, Massachusetts, comes almost three years after he attempted to escape to Cuba – a plan that failed after his speedboat broke down in the choppy sea, and he was picked up by a Disney cruise liner.
The DDoS attacker rescued by a Disney cruise ship is sentenced to over 10 years in prison | Hot for Security
Facebook Cybersecurity Exec Victim of Swatting Call
A Facebook cybersecurity exec had his home swatted by Palo Alto police after a prank call claimed he shot his wife, tied up his kids, and placed pipe bombs around the house.
A SWAT squad arrived in force at the exec's home, a two-bedroom house in Palo Alto, ordered him to ste |
Data Breach | ||
 |
2019-01-18 13:47:01 | MEGA Data Breach (lien direct) | A newly revealed trove of 772,904,991 unique email addresses and more than 21 million unique passwords that have been aggregated from over 2,000 leaked databases was recently discovered by Troy Hunt, the security researcher who maintains HaveIBeenPwned. The records were stored on one of the most popular cloud storage sites, MEGA, until it got taken down, and then … The ISBuzz Post: This Post MEGA Data Breach | Data Breach | ||
 |
2019-01-18 01:31:04 | Weekly Update 122 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd then there was the biggest data breach to go into HIBP ever! I wrote that sentence from home just after publishing all the data, then I got on a plane...Holy cow that's a lot of emails! Hundreds upon hundreds of emails came in whilst on the way to | Data Breach | ||
|
2019-01-17 21:15:02 | (Déjà vu) If Cybersecurity Breaches Are Inevitable What Should Organizations Do About It? (lien direct) | There's an inconvenient truth in the business community. As many business decision-makers are only too aware, hardly a week seems to go by without a data breach of some form being reported to press, and this year alone has witnessed some major breaches which have affected thousands of people around the world. Just take a … The ISBuzz Post: This Post If Cybersecurity Breaches Are Inevitable What Should Organizations Do About It? | Data Breach | ||
|
2019-01-17 18:01:00 | 773 Million Records Amassed in Massive Data Breach Collection (lien direct) | A newly discovered set of compromised login details contains roughly 773 million email addresses, Australian web security expert Troy Hunt reveals. | Data Breach | ||
|
2019-01-17 16:32:03 | Oklahoma Securities Commission Data Breach (lien direct) | Another huge leak of government information – a huge amount, 3 terabytes, of unprotected data from theOklahomaSecurities Commission wasuncoveredby Greg Pollock, a researcher with cybersecurity firm UpGuard. It amounted to millions of files, many on sensitive FBI investigations, all of which were left wide open on a server with no password, accessible to anyone with … The ISBuzz Post: This Post Oklahoma Securities Commission Data Breach | Data Breach | ||
|
2019-01-17 16:06:00 | Data Breach Collection with 773 Million Email Entries Leaked Online (lien direct) | A giant 87 gigabyte archive consisting of 773 million unique email addresses and their associated cracked, or dehashed, passwords has been spotted being promoted on an online hacking forum. This file is being called "Collection #1" and was designed to easily be used in credential stuffing attacks. [...] | Data Breach | ||
 |
2019-01-17 15:04:01 | The Collection #1 data breach - what you need to do about it (lien direct) |  A huge collection of email addresses and passwords, which can be used in attempts to break into online accounts, has been discovered.
If you are one of the affected users, what should you do about it?
|
Data Breach | ||
|
2019-01-17 12:17:05 | Nearly 800 Million Email Addresses Exposed in “Collection #1” Data Breach (lien direct) | A data breach known as “Collection #1” exposed approximately 800 million email addresses as well as tens of millions of passwords. In the beginning of January, multiple people reached out to Australian web security expert Troy Hunt about a sizable collection of files hosted on cloud service MEGA. This collection, which is no longer available […]… Read More | Data Breach | ||
|
2019-01-16 21:54:01 | The 773 Million Record "Collection #1" Data Breach (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackMany people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this post for the masses | Data Breach | ||
|
2019-01-15 21:44:03 | Data Breach Roundup: U.S. Healthcare, Cryptopia, SingHealth and Experian (lien direct) | January is off to a running start on the data breach front, while Experian is predicting new attack frontiers ahead. | Data Breach | ||
|
2019-01-15 09:57:00 | IDG Contributor Network: Breaches, market volatility and the government shutdown: Security in the crosshairs (lien direct) | Last year ended with a number of high profile data breaches, tech stocks taking a massive tumble and the start of what has been to date the longest government shutdown on record. Marriott International's Starwood reservation system was hacked exposing the personal data of up to 500 million guests. Quora's data breach exposed up to 100 million users' names, email addresses, IP addresses, and more…Apple, Facebook and Google stocks took heavy hits in December 2018 as the global economy and privacy concerns took their toll, and investors worried about a looming bear market. And then came the government shutdown. For cybersecurity professionals looking ahead at the rest of 2019, these events present a trifecta of challenges. | Data Breach | ||
|
2019-01-14 16:20:03 | Massachusetts Amends Law Protecting Consumers From Security Breaches (lien direct) | Massachusetts Governor Charlie Baker signed a new law on January 10 that amends the state's data breach law removing the fees imposed by credit reporting agencies for security disclosures and freezes of consumer credit reports [...] | Data Breach | ||
|
2019-01-14 10:57:00 | If Cybersecurity Breaches Are Inevitable What Should Organisations Do About It? (lien direct) | By Maxim Frolov, Vice President of Global Sales at Kaspersky Lab There's an inconvenient truth in the business community. As many business decision-makers are only too aware, hardly a week seems to go by without a data breach of some form being reported to press, and this year alone has witnessed some major breaches which […] | Data Breach | ||
|
2019-01-10 18:30:01 | Why Fixing The Internet Isn\'t That Hard (lien direct) | The Internet is a scary place right now, similar to the old American Wild, Wild West, where well-armed gangs of bad guys faced off with common town folk, taking and destroying anything they wanted with near impunity. Hackers routinely steal so many data record each year that a new 100M record data breach barely makes … The ISBuzz Post: This Post Why Fixing The Internet Isn't That Hard | Data Breach | ||
|
2019-01-10 15:27:01 | Singapore Airlines Customers Have Passport Details Exposed (lien direct) | In response to the news today that Singapore Airlines has suffered a software glitch that exposed customer data, please see below for comment from Kaspersky Lab. “While the sum of customers affected by Singapore Airline's data breach is not large, the fact that sensitive details such as passports and email addresses were accessed is particularly worrying. Customers whoentrusttheir … The ISBuzz Post: This Post Singapore Airlines Customers Have Passport Details Exposed | Data Breach | ||
|
2019-01-10 13:51:00 | Neiman Marcus agrees to $1.5 million data breach settlement (lien direct) | Neiman Marcus credit cards were accessed fraudulently, exposing customer information. | Data Breach | ||
|
2019-01-10 12:22:01 | Neiman Marcus to Pay $1.5 Million under Data Breach Settlement (lien direct) | Neiman Marcus Group, Inc. has agreed to pay $1.5 million as part of a settlement for an earlier data breach that exposed customers’ information. Ken Paxton, Attorney General of Texas, announced on 8 January that he and his fellow Attorneys General from 42 other states will enter into the $1.5 million settlement with Neiman Marcus. […]… Read More | Data Breach | ||
|
2019-01-10 05:13:04 | Young Man Admits To German Politician Data Breach (lien direct) | A young man has confessed to being responsible for the data breach that affected hundreds of German politicians, which he reportedly did out of annoyance at statements made by the public figures whose data he exposed. In light of this news, please see the comment below from Jake Moore, cyber security expert at ESET UK. … The ISBuzz Post: This Post Young Man Admits To German Politician Data Breach | Data Breach | ||
|
2019-01-10 00:00:00 | How Enterprises Are Attacking the Cybersecurity Problem (lien direct) | Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today. | Data Breach |
To see everything:
Our RSS (filtrered)
