What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-25 08:40:00 | Cathay Pacific data breach affecting 9.4 million passengers (lien direct) | Cathay Pacific Airways Limited, the flag carrier of Hong Kong, had suffered a major data leak affecting up to 9.4 million passengers. Cathay Pacific Airways Limited, the flag carrier of Hong Kong, admitted having suffered a major data leak affecting up to 9.4 million passengers. Exposed data includes passport numbers, identity card numbers, email addresses, and […] | Data Breach | ||
 |
2018-10-24 16:32:04 | Cathay Pacific Suffers Data Breach Impacting 9.4 Million Passengers (lien direct) | The Cathay Pacific airline announced today that a system containing passenger data for up to 9.4 million passengers was breached by attackers. [...] | Data Breach | ||
 |
2018-10-24 12:10:01 | Yahoo agrees to pay $50M to users hit by biggest ever data breach (lien direct) | Yahoo agrees to pay $50 million in data-breach settlement and give affected users free credit monitoring services Yahoo has agreed to pay $50 million in data-breach settlement to 200 million victims of what is believed to be the biggest data breach ever. The company will also provide two years of free credit-monitoring services to these […] | Data Breach | Yahoo | |
 |
2018-10-24 11:22:04 | (Déjà vu) Yahoo Agrees to Pay $50 Million in Damages to Settle Data Breach Lawsuit (lien direct) | Yahoo has agreed to pay $50 million to help settle a lawsuit that seeks to hold the company responsible for a data breach the company suffered several years ago. On 23 October, Yahoo said it would pay $50 million and provide two years of free credit-monitoring services to 200 million people whose email addresses and […]… Read More | Data Breach | Yahoo | |
 |
2018-10-24 10:30:01 | Morrisons Loses Data Leak Challenge (lien direct) | It has just been reported that Morrisons has lost its challenge to a High Court ruling that it is liable for a data breach that saw thousands of its employees’ details posted online in the first data leak class action seen in the UK. Workers brought a claim against the company after employee Andrew Skelton stole … The ISBuzz Post: This Post Morrisons Loses Data Leak Challenge | Data Breach | ||
 |
2018-10-24 09:18:04 | Yahoo agrees to pay $50 million to settle data breach lawsuit (lien direct) | The company will also provide free credit monitoring services to roughly 200 million people impacted by the cyberattacks. | Data Breach | Yahoo | |
|
2018-10-24 03:00:04 | Survey: Nearly Half of U.S. Adults Experienced a Data Breach in the Past Three Years (lien direct) | October is National Cybersecurity Awareness Month, an annual, national observance to raise awareness for online security. This is a relevant topic today, as every day it seems like a new data breach makes headlines. From government organizations to big-name corporations, everyone is a target of cybercrime. Most of us have probably been a victim or […]… Read More | Data Breach | ||
|
2018-10-23 19:31:02 | Morrisons To Provide Staff With Pay-Out Following Data Breach (lien direct) | News broke this afternoon that one of the UK’s leading supermarkets Morrisons will potentially be required to pay out a ‘vast’ sum to employees following a 2014 security breach which seen the payroll details of 100,000 members of staff leaked. Corin Imai, Senior Security Advisor at DomainTools: “With data breaches we are conditioned to think more about customer data … The ISBuzz Post: This Post Morrisons To Provide Staff With Pay-Out Following Data Breach | Data Breach Guideline | ||
|
2018-10-23 09:00:04 | Industry Leaders Reaction On Healthcare.gov Data Breach (lien direct) | It has been reported that hackers breached the following. A HealthCare.gov sign-up system and have gotten their hands on the personal information of roughly 75,000 people. The system is named Federally Facilitated Exchanges (FFE), and is managed by the Centers for Medicare & Medicaid Services (CMS). Healthcare insurance agents and brokers use the FFE to enroll users into … The ISBuzz Post: This Post Industry Leaders Reaction On Healthcare.gov Data Breach | Data Breach Guideline | ||
 |
2018-10-22 14:00:00 | BrandPost: Know the Facts – Today\'s Cyberthreat Landscape (lien direct) | The facts are undeniable: A new global survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that more than half the companies have experienced a breach in the past year.In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Janene Casella, Director of Product Marketing for Security and Risk, ServiceNow, explore the Ponemon survey findings.Casella offers a sobering take on the 48% stat. “As our IT environments continue to expand, we're more and more vulnerable to attacks -- and we know that cybercrime is very profitable, whether that's selling personal information or ransomware, which was huge last year,” she says. “The other thing is that cybercrime is becoming more and more expensive for those who get breached. The average cost of data breach is reaching about $3 million US.” | Data Breach | ||
|
2018-10-22 03:06:00 | 3 top multi-cloud security challenges, and how to build a strategy (lien direct) | A data breach or intruder alert will send security teams into high gear as they scramble to stem the damage and determine the cause. | Data Breach | ||
|
2018-10-18 15:35:00 | Facebook\'s major investors want Mark Zuckerberg to step down as chairman (lien direct) | Major Facebook shareholders propose the removal of Mark Zuckerberg as chairman Several major public investment funds on Wednesday proposed removing Facebook CEO Mark Zuckerberg as the company's chairman of the board. The proposal comes right after the recent data breach that affected 30 million Facebook accounts. State treasurers from Illinois, Rhode Island and Pennsylvania, and […] | Data Breach | ||
 |
2018-10-18 04:43:01 | Ex-Equifax Manager Gets Home Confinement for Insider Trading (lien direct) | A former Equifax manager was sentenced Tuesday to serve eight months home confinement for engaging in insider trading in the wake of the company's massive data breach last year. | Data Breach | Equifax | |
|
2018-10-17 13:30:01 | (Déjà vu) 35 Million Voter Records From 20 States For Sale On The Dark Web (lien direct) | News has broken that an advertisement on a forum that sells data breach information is also offering the personally identifiable details and voting history of millions of US residents. The estimated size of the cache is in excess of 35 million records. The announcement says that the data sold is from updated state-wide voter lists, and includes millions … The ISBuzz Post: This Post 35 Million Voter Records From 20 States For Sale On The Dark Web | Data Breach | ||
 |
2018-10-17 09:26:04 | GUEST ESSAY: Pentagon\'s security flaws highlighted in GAO audit - and recent data breach (lien direct) | Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure And yet two recent disclosures highlight just how brittle the military's cyber defenses remain in critical areas. By extension these […] | Data Breach | ||
 |
2018-10-16 19:45:00 | FICO & US Chamber of Commerce Score Cyber-Risk Across 10 Sectors (lien direct) | Media, telecom, and technology firms are far more likely to experience a data breach in the near future than organizations in sectors including energy, construction, and transportation. | Data Breach | ||
|
2018-10-16 17:39:01 | Insurer Anthem Will Pay Record $16M for Massive Data Breach (lien direct) | The nation's second-largest health insurer has agreed to pay the government a record $16 million to settle potential privacy violations in the biggest known health care hack in U.S. history, officials said Monday. | Data Breach Hack | ★★★★★ | |
|
2018-10-16 13:30:04 | (Déjà vu) Pentagon Data Breach Of 30,000 Personnel\'s Credit Card Data (lien direct) | CNBC is reporting today that the Pentagon disclosed a cyber breach of Defense Department travel records that compromised the personal information and credit card data of up to 30,000 U.S. military and civilian personnel. IT security experts commented below. Pravin Kothari, CEO at CipherCloud: “In context, this breach at DOD is potentially part of a much … The ISBuzz Post: This Post Pentagon Data Breach Of 30,000 Personnel’s Credit Card Data | Data Breach | ||
|
2018-10-16 11:27:02 | Anthem agrees to pay $16 million in data breach privacy settlement (lien direct) | The insurer will shell out to settle a privacy violations case issued by the US government. | Data Breach | ||
 |
2018-10-16 08:07:05 | Pentagon data breach puts personal details of 30,000 staff at risk (lien direct) |  The Pentagon has admitted that up to 30,000 military workers and civilian personnel have had their personal information and credit card data exposed following a security breach.
Read more in my article on the Hot for Security blog.
|
Data Breach | ||
|
2018-10-15 17:46:04 | Tens of Millions of U.S. Voter Records for Sale (lien direct) | An advertisement on a forum trading data breach information offers to sell personally identifiable details and voting history of millions of US residents. The estimated size of the cache is in excess of 35 million records. [...] | Data Breach | ||
|
2018-10-15 11:14:05 | Scottish Ambulance Service Exposed Employees\' Data Online (lien direct) | The Scottish Ambulance Service suffered a data breach in which it exposed its staff members’ personal information online. On 12 October, the NHS Ambulance Services Trust, which is part of NHS Scotland, sent an email to its staff in which it disclosed the data breach. As quoted by BBC News: For a time, the names […]… Read More | Data Breach | ||
|
2018-10-15 10:46:00 | Pentagon Data Breach Exposes up to 30,000 Travel Records (lien direct) | The travel records for up to 30,000 U.S. military and civilian workers have reportedly been leaked through a commercial vendor used by the Pentagon. [...] | Data Breach | ||
|
2018-10-13 21:07:04 | Pentagon Defense Department travel records data breach (lien direct) | Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The Pentagon revealed that the Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The data breach […] | Data Breach | ||
|
2018-10-12 23:08:03 | Facebook Data Breach Update: attackers accessed data of 29 Million users (lien direct) | Facebook data breach – The company provided an updated for the data breach it disclosed at the end of September, hackers accessed personal data of 29 million users. Facebook announced that hackers accessed data of 29 Million users, a number that is less than initially thought of 50 million. The hackers did not access did not affect Facebook-owned Messenger, Messenger Kids, Instagram, […] | Data Breach | ||
 |
2018-10-11 22:00:00 | (Déjà vu) Talking DerbyCon, spy chip whispers and Google\'s data breach | Salted Hash Ep 47 (lien direct) | Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach. | Data Breach | ||
|
2018-10-11 22:00:00 | (Déjà vu) Talking DerbyCon, Chinese whispers and Google\'s data breach | Salted Hash Ep 47 (lien direct) | Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach. | Data Breach | ||
 |
2018-10-09 15:11:03 | Google+ Privacy Snafu Leaves a Cloud Over the Tech Landscape (lien direct) | Google was caught not disclosing a potential data breach -- leaving questions as to whether a lack of transparency is the new normal. | Data Breach | ★★★ | |
 |
2018-10-09 10:12:01 | RepKnight launches BreachMarkers for \'watermarking\' of corporate data (lien direct) | Cybersecurity firm RepKnight today extends the capabilities of its flagship dark web monitoring product BreachAlert with BreachMarkers™, a new feature enabling organisations to detect breach or misuse of their data by cybercriminals, staff and third parties. BreachAlert is a data breach detection application that continuously monitors the dark web for corporate data being leaked online. ... | Data Breach | ||
|
2018-10-09 08:47:00 | Heathrow Airport fined £120,000 over USB data breach debacle (lien direct) | In a prime example of data protection failure, a USB containing sensitive information ended up in the hands of the public. | Data Breach | ||
 |
2018-10-09 01:37:00 | From Now On, Only Default Android Apps Can Access Call Log and SMS Data (lien direct) | A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident.
Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app.
The changes are part of
|
Data Breach | ||
|
2018-10-08 21:41:04 | Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it (lien direct) | This is a very bad news for Google that suffered a massive data breach that exposed the private data of over 500,000 of Google Plus users to third-party developers. As a consequence of the data exposure, the company is going to shut down the social media network Google+. The root cause of the data breach is a security […] | Data Breach | ||
|
2018-10-08 15:30:00 | Google May Face £3.3bn For UK Customer Data Breach (lien direct) | News broke over the weekend that Google could face a bill of up to £3.3bn over claims it harvested personal data from over 4 million Brits without their permission. Commenting, Javid Malik, security advocate for AlienVault, an AT&T company commented below. Javid Malik, Security Advocate for AlienVault: “The amount and accuracy of personal information that devices … The ISBuzz Post: This Post Google May Face £3.3bn For UK Customer Data Breach | Data Breach | ||
 |
2018-10-08 14:55:01 | Check Point Named Leader in Gartner Magic Quadrant for Enterprise Network Firewalls (lien direct) | With the average data breach costing businesses $3.8 million, enterprises need to secure their network with nothing short of the best of the best. Check Point is proud to announce, that for the sixteenth time in the company's history, Gartner's Magic Quadrant has listed Check Point as a leader in the enterprise network firewall… | Data Breach Guideline | ||
 |
2018-10-08 14:28:00 | Heathrow fined for USB stick data breach (lien direct) | A worker lost a USB stick containing personal data which was later found by a member of the public. | Data Breach | ||
|
2018-10-08 12:31:00 | Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users\' Data (lien direct) | Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers.
According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their
|
Data Breach Vulnerability | ||
|
2018-10-05 23:15:03 | Sales intel firm Apollo data breach exposed more than 200 million contact records (lien direct) | The sales intelligence firm Apollo is the last victim of a massive data breach that exposed more than 200 million contact records. Apollo collects a lot of its information from public sources, including names, email addresses, and company contact information, it also gathers data by scraping Twitter and LinkedIn. The company already notified the security breach to […] | Data Breach | ||
 |
2018-10-05 13:00:00 | Things I Hearted this Week: 5th Oct 2018 (lien direct) |
There was no update last week because I was in Dallas for the AT&T Business Summit which was a great event. Chuck Brooks wrote a detailed post on his experience, while I made a couple of videos charting my time.
But enough of that, lets see what went down in the world of security over these last few days.
Facebook breach
One of the biggest stories in these past few days must be the Facebook breach. The company issues a security update on September 28th which led with the facts,
On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security.
At this stage, there are probably more questions than answers and it’s likely this is one story that will play out for a long time.
The ultimate fallout from the Facebook data breach could be massive | Help Net Security
Facebook faces $1.6 billion fine as top EU regulator officially opens probe into data breach | CNBC
What we still don’t know about the Facebook breach | The Verge
The Facebook security meltdown exposes way more sites than Facebook | Wired
Local file inclusion at IKEA.com
Flatpack vulnerabilities now available in this great writeup by Jonathan Bouman.
Local file inclusion at IKEA | Medium / Jonathan Bouman
Out of office notices for OSINT
A nice reminder by Stuart Coulson on the perils of out of office notifications, and how they can divulge a lot more than you’d want to anyone.
Out Of Office notices for OSINT | HiddenText
While you’re on the HiddenText site, check out, Seven types of cyber criminals : 2018 version
Put ads down your Pi-Hole
Nobody really likes ads when they’re browsing online. So, they sometimes revert to using adblockers. But there are some issues with those as well.
Surely, in an industry full of clever tech people, hackers, and tinkerers, there is a better way - enter Pi-hole.
Self-described as a black hole for internet ads, it is basically a mini DNS server you run on a Raspberry Pi in your local network through which your traffic goes and then blacklists any malicious domains.
Both |
Data Breach | ||
|
2018-10-04 10:50:01 | Burgerville customer credit card info stolen in data breach laid at Fin7\'s feet (lien direct) | Despite the recent arrests of alleged Fin7 members, the threat group is actively targeting US companies. | Data Breach Threat | ||
|
2018-10-03 11:51:03 | Gwinnett Medical Center investigates possible data breach (lien direct) | Patient records may have been leaked online due to the alleged security incident. | Data Breach | ||
|
2018-10-03 03:01:03 | The Verizon PHIDBR: A Wake-Up Call for Healthcare Organizations (lien direct) | The healthcare industry continues to be challenged with securing patient health information. According to the Verizon Protected Health Information Data Breach Report (PHIDBR), 58 percent of all security incidents involved insiders, ransomware accounts for 70 percent of all malicious code and alarmingly basic security hygiene is still lacking at many healthcare organizations. The security challenge […]… Read More | Ransomware Data Breach | ||
|
2018-10-02 16:30:02 | 200M Contacts Affected In Sales Engagement Startup Data Breach (lien direct) | The story broke today that Apollo, a sales engagement startup boasting a database of over 200 million contact records from 10 million companies, has been hacked. Jacob Serpa, Product Marketing Manager at Bitglass: “For any company that boasts a database of 200 million contacts from 10 million companies, cybersecurity must be a top priority. If other organizations want … The ISBuzz Post: This Post 200M Contacts Affected In Sales Engagement Startup Data Breach | Data Breach | ||
|
2018-10-02 14:18:00 | Gwinnett Medical Center investigating possible data breach (lien direct) | After being contacted by Salted Hash about a possible data breach, Gwinnett Medical Center(GMC), a not-for-profit network of healthcare providers in Gwinnett County, Georgia, has confirmed they're investigating what they're calling an IT incident.Salted Hash first became aware of a possible data breach at GMC late last week, but the exact details surrounding the incident were not immediately available.What we learned was that on Saturday (Sept. 29), IT staff at GMC Lawrenceville became aware of an incident involving several hundred patient records at the least. Immediately following the discovery, the alleged attackers sent threats.Sometime later, an agent from the local FBI field office arrived and offered to assist, but it isn't clear if the FBI knew something was wrong, or if the law enforcement agency was called in after the threats were made. | Data Breach | ||
|
2018-10-02 11:54:00 | Facebook could face $1.63bn fine under GDPR over latest data breach (lien direct) | Facebook was fined £500,000 under the Data Protection Act for the Cambridge Analytica scandal but may not get away so lightly this time. | Data Breach | ||
|
2018-10-01 20:00:01 | Facebook Could Face Billions In Fines (lien direct) | In response to the news that Facebook could face billions in fines for its recent data breach, please see below comments from Hitesh Kargathra, Lead Security Consultant at Falanx Group. Hitesh Kargathra, Lead Security Consultant at Falanx Group: “Organisations are being judged less on whether they have suffered a data breach and more on how these … The ISBuzz Post: This Post Facebook Could Face Billions In Fines | Data Breach Guideline | ||
|
2018-10-01 15:45:00 | October Events at Dark Reading You Can\'t Miss (lien direct) | Cybersecurity Month at Dark Reading is packed with educational webinars, from data breach response to small business security. | Data Breach | ||
|
2018-09-28 19:37:00 | Facebook Discloses Data Breach, 50 Million User Accounts Affected (lien direct) | Facebook announced on Friday that it recently discovered a data breach affecting 50 million user accounts. The social media giant said the security issue was uncovered by its engineering team on Tuesday, Sept. 25. “Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted […]… Read More | Data Breach Vulnerability | ||
|
2018-09-28 18:32:02 | Facebook Data Breach Impacts Almost 50 Million Accounts (lien direct) | Hackers exploited a flaw in Facebook's code impacting its “View As” feature. | Data Breach | ||
|
2018-09-28 18:30:00 | Over Half Of SMBs Have Experienced A Data Breach (lien direct) | Following Cisco’s SMB Cybersecurity Report, which has revealed that 53% of midmarket companies have experienced a data breach, Todd Peterson, Product Manager at One Identity, discusses why they are such an attractive target to hackers and how they can protect against attack. Todd Peterson, Product Manager at One Identity: “There are so many more SMBs … The ISBuzz Post: This Post Over Half Of SMBs Have Experienced A Data Breach | Data Breach | ||
|
2018-09-27 10:24:03 | Uber pays $148m over data breach cover-up (lien direct) | The 2016 breach involved hackers grabbing data on millions of Uber customers and drivers. | Data Breach | Uber |
To see everything:
Our RSS (filtrered)
