What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-16 08:07:05 | Pentagon data breach puts personal details of 30,000 staff at risk (lien direct) |  The Pentagon has admitted that up to 30,000 military workers and civilian personnel have had their personal information and credit card data exposed following a security breach.
Read more in my article on the Hot for Security blog.
|
Data Breach | ||
 |
2018-10-15 17:46:04 | Tens of Millions of U.S. Voter Records for Sale (lien direct) | An advertisement on a forum trading data breach information offers to sell personally identifiable details and voting history of millions of US residents. The estimated size of the cache is in excess of 35 million records. [...] | Data Breach | ||
 |
2018-10-15 11:14:05 | Scottish Ambulance Service Exposed Employees\' Data Online (lien direct) | The Scottish Ambulance Service suffered a data breach in which it exposed its staff members’ personal information online. On 12 October, the NHS Ambulance Services Trust, which is part of NHS Scotland, sent an email to its staff in which it disclosed the data breach. As quoted by BBC News: For a time, the names […]… Read More | Data Breach | ||
|
2018-10-15 10:46:00 | Pentagon Data Breach Exposes up to 30,000 Travel Records (lien direct) | The travel records for up to 30,000 U.S. military and civilian workers have reportedly been leaked through a commercial vendor used by the Pentagon. [...] | Data Breach | ||
 |
2018-10-13 21:07:04 | Pentagon Defense Department travel records data breach (lien direct) | Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The Pentagon revealed that the Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The data breach […] | Data Breach | ||
|
2018-10-12 23:08:03 | Facebook Data Breach Update: attackers accessed data of 29 Million users (lien direct) | Facebook data breach – The company provided an updated for the data breach it disclosed at the end of September, hackers accessed personal data of 29 million users. Facebook announced that hackers accessed data of 29 Million users, a number that is less than initially thought of 50 million. The hackers did not access did not affect Facebook-owned Messenger, Messenger Kids, Instagram, […] | Data Breach | ||
 |
2018-10-11 22:00:00 | (Déjà vu) Talking DerbyCon, spy chip whispers and Google\'s data breach | Salted Hash Ep 47 (lien direct) | Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach. | Data Breach | ||
|
2018-10-11 22:00:00 | (Déjà vu) Talking DerbyCon, Chinese whispers and Google\'s data breach | Salted Hash Ep 47 (lien direct) | Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach. | Data Breach | ||
 |
2018-10-09 15:11:03 | Google+ Privacy Snafu Leaves a Cloud Over the Tech Landscape (lien direct) | Google was caught not disclosing a potential data breach -- leaving questions as to whether a lack of transparency is the new normal. | Data Breach | ★★★ | |
 |
2018-10-09 10:12:01 | RepKnight launches BreachMarkers for \'watermarking\' of corporate data (lien direct) | Cybersecurity firm RepKnight today extends the capabilities of its flagship dark web monitoring product BreachAlert with BreachMarkers™, a new feature enabling organisations to detect breach or misuse of their data by cybercriminals, staff and third parties. BreachAlert is a data breach detection application that continuously monitors the dark web for corporate data being leaked online. ... | Data Breach | ||
 |
2018-10-09 08:47:00 | Heathrow Airport fined £120,000 over USB data breach debacle (lien direct) | In a prime example of data protection failure, a USB containing sensitive information ended up in the hands of the public. | Data Breach | ||
 |
2018-10-09 01:37:00 | From Now On, Only Default Android Apps Can Access Call Log and SMS Data (lien direct) | A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident.
Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app.
The changes are part of
|
Data Breach | ||
|
2018-10-08 21:41:04 | Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it (lien direct) | This is a very bad news for Google that suffered a massive data breach that exposed the private data of over 500,000 of Google Plus users to third-party developers. As a consequence of the data exposure, the company is going to shut down the social media network Google+. The root cause of the data breach is a security […] | Data Breach | ||
 |
2018-10-08 15:30:00 | Google May Face £3.3bn For UK Customer Data Breach (lien direct) | News broke over the weekend that Google could face a bill of up to £3.3bn over claims it harvested personal data from over 4 million Brits without their permission. Commenting, Javid Malik, security advocate for AlienVault, an AT&T company commented below. Javid Malik, Security Advocate for AlienVault: “The amount and accuracy of personal information that devices … The ISBuzz Post: This Post Google May Face £3.3bn For UK Customer Data Breach | Data Breach | ||
 |
2018-10-08 14:55:01 | Check Point Named Leader in Gartner Magic Quadrant for Enterprise Network Firewalls (lien direct) | With the average data breach costing businesses $3.8 million, enterprises need to secure their network with nothing short of the best of the best. Check Point is proud to announce, that for the sixteenth time in the company's history, Gartner's Magic Quadrant has listed Check Point as a leader in the enterprise network firewall… | Data Breach Guideline | ||
 |
2018-10-08 14:28:00 | Heathrow fined for USB stick data breach (lien direct) | A worker lost a USB stick containing personal data which was later found by a member of the public. | Data Breach | ||
|
2018-10-08 12:31:00 | Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users\' Data (lien direct) | Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers.
According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their
|
Data Breach Vulnerability | ||
|
2018-10-05 23:15:03 | Sales intel firm Apollo data breach exposed more than 200 million contact records (lien direct) | The sales intelligence firm Apollo is the last victim of a massive data breach that exposed more than 200 million contact records. Apollo collects a lot of its information from public sources, including names, email addresses, and company contact information, it also gathers data by scraping Twitter and LinkedIn. The company already notified the security breach to […] | Data Breach | ||
 |
2018-10-05 13:00:00 | Things I Hearted this Week: 5th Oct 2018 (lien direct) |
There was no update last week because I was in Dallas for the AT&T Business Summit which was a great event. Chuck Brooks wrote a detailed post on his experience, while I made a couple of videos charting my time.
But enough of that, lets see what went down in the world of security over these last few days.
Facebook breach
One of the biggest stories in these past few days must be the Facebook breach. The company issues a security update on September 28th which led with the facts,
On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security.
At this stage, there are probably more questions than answers and it’s likely this is one story that will play out for a long time.
The ultimate fallout from the Facebook data breach could be massive | Help Net Security
Facebook faces $1.6 billion fine as top EU regulator officially opens probe into data breach | CNBC
What we still don’t know about the Facebook breach | The Verge
The Facebook security meltdown exposes way more sites than Facebook | Wired
Local file inclusion at IKEA.com
Flatpack vulnerabilities now available in this great writeup by Jonathan Bouman.
Local file inclusion at IKEA | Medium / Jonathan Bouman
Out of office notices for OSINT
A nice reminder by Stuart Coulson on the perils of out of office notifications, and how they can divulge a lot more than you’d want to anyone.
Out Of Office notices for OSINT | HiddenText
While you’re on the HiddenText site, check out, Seven types of cyber criminals : 2018 version
Put ads down your Pi-Hole
Nobody really likes ads when they’re browsing online. So, they sometimes revert to using adblockers. But there are some issues with those as well.
Surely, in an industry full of clever tech people, hackers, and tinkerers, there is a better way - enter Pi-hole.
Self-described as a black hole for internet ads, it is basically a mini DNS server you run on a Raspberry Pi in your local network through which your traffic goes and then blacklists any malicious domains.
Both |
Data Breach | ||
|
2018-10-04 10:50:01 | Burgerville customer credit card info stolen in data breach laid at Fin7\'s feet (lien direct) | Despite the recent arrests of alleged Fin7 members, the threat group is actively targeting US companies. | Data Breach Threat | ||
|
2018-10-03 11:51:03 | Gwinnett Medical Center investigates possible data breach (lien direct) | Patient records may have been leaked online due to the alleged security incident. | Data Breach | ||
|
2018-10-03 03:01:03 | The Verizon PHIDBR: A Wake-Up Call for Healthcare Organizations (lien direct) | The healthcare industry continues to be challenged with securing patient health information. According to the Verizon Protected Health Information Data Breach Report (PHIDBR), 58 percent of all security incidents involved insiders, ransomware accounts for 70 percent of all malicious code and alarmingly basic security hygiene is still lacking at many healthcare organizations. The security challenge […]… Read More | Ransomware Data Breach | ||
|
2018-10-02 16:30:02 | 200M Contacts Affected In Sales Engagement Startup Data Breach (lien direct) | The story broke today that Apollo, a sales engagement startup boasting a database of over 200 million contact records from 10 million companies, has been hacked. Jacob Serpa, Product Marketing Manager at Bitglass: “For any company that boasts a database of 200 million contacts from 10 million companies, cybersecurity must be a top priority. If other organizations want … The ISBuzz Post: This Post 200M Contacts Affected In Sales Engagement Startup Data Breach | Data Breach | ||
 |
2018-10-02 14:18:00 | Gwinnett Medical Center investigating possible data breach (lien direct) | After being contacted by Salted Hash about a possible data breach, Gwinnett Medical Center(GMC), a not-for-profit network of healthcare providers in Gwinnett County, Georgia, has confirmed they're investigating what they're calling an IT incident.Salted Hash first became aware of a possible data breach at GMC late last week, but the exact details surrounding the incident were not immediately available.What we learned was that on Saturday (Sept. 29), IT staff at GMC Lawrenceville became aware of an incident involving several hundred patient records at the least. Immediately following the discovery, the alleged attackers sent threats.Sometime later, an agent from the local FBI field office arrived and offered to assist, but it isn't clear if the FBI knew something was wrong, or if the law enforcement agency was called in after the threats were made. | Data Breach | ||
|
2018-10-02 11:54:00 | Facebook could face $1.63bn fine under GDPR over latest data breach (lien direct) | Facebook was fined £500,000 under the Data Protection Act for the Cambridge Analytica scandal but may not get away so lightly this time. | Data Breach | ||
|
2018-10-01 20:00:01 | Facebook Could Face Billions In Fines (lien direct) | In response to the news that Facebook could face billions in fines for its recent data breach, please see below comments from Hitesh Kargathra, Lead Security Consultant at Falanx Group. Hitesh Kargathra, Lead Security Consultant at Falanx Group: “Organisations are being judged less on whether they have suffered a data breach and more on how these … The ISBuzz Post: This Post Facebook Could Face Billions In Fines | Data Breach Guideline | ||
 |
2018-10-01 15:45:00 | October Events at Dark Reading You Can\'t Miss (lien direct) | Cybersecurity Month at Dark Reading is packed with educational webinars, from data breach response to small business security. | Data Breach | ||
|
2018-09-28 19:37:00 | Facebook Discloses Data Breach, 50 Million User Accounts Affected (lien direct) | Facebook announced on Friday that it recently discovered a data breach affecting 50 million user accounts. The social media giant said the security issue was uncovered by its engineering team on Tuesday, Sept. 25. “Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted […]… Read More | Data Breach Vulnerability | ||
|
2018-09-28 18:32:02 | Facebook Data Breach Impacts Almost 50 Million Accounts (lien direct) | Hackers exploited a flaw in Facebook's code impacting its “View As” feature. | Data Breach | ||
|
2018-09-28 18:30:00 | Over Half Of SMBs Have Experienced A Data Breach (lien direct) | Following Cisco’s SMB Cybersecurity Report, which has revealed that 53% of midmarket companies have experienced a data breach, Todd Peterson, Product Manager at One Identity, discusses why they are such an attractive target to hackers and how they can protect against attack. Todd Peterson, Product Manager at One Identity: “There are so many more SMBs … The ISBuzz Post: This Post Over Half Of SMBs Have Experienced A Data Breach | Data Breach | ||
|
2018-09-27 10:24:03 | Uber pays $148m over data breach cover-up (lien direct) | The 2016 breach involved hackers grabbing data on millions of Uber customers and drivers. | Data Breach | Uber | |
|
2018-09-26 19:36:04 | Newsnow Suffers Data Breach (lien direct) | In response to the news that Newsnow, a popular news aggregator service, has suffered a data breach, please see below comments from Jake Moore, security specialist at ESET. Jake Moore, Security Specialist at ESET: “Hackers are far too keen to attempt using stolen passwords across other online accounts which will soon become compromised as well. … The ISBuzz Post: This Post Newsnow Suffers Data Breach | Data Breach | ||
|
2018-09-26 12:00:02 | SMBs face costs of up to $2.5 million after a data breach (lien direct) | Over half of SMBs have now had a taste of how disastrous the consequences of a data breach can be. | Data Breach | ||
 |
2018-09-26 02:11:04 | Variations in State Data Breach Disclosure Laws Complicate Compliance (lien direct) | New data breach notification laws are good news for consumers, better news for attorneys, but not very good news for businesses already struggling to stay on top of a constantly evolving regulatory landscape. | Data Breach | ||
|
2018-09-25 19:33:02 | Malware on SHEIN Servers Compromises Data of 6.4M Customers (lien direct) | A data breach targeting women's apparel giant SHEIN occurred between June and August 2018. | Data Breach Malware | ||
|
2018-09-25 17:58:05 | Mozilla Launches Firefox Monitor Data Breach Notification Service (lien direct) | Mozilla has announced today the release of Firefox Monitor, a free service to help users find out whether or not their accounts have been part of a breach. This new service was created in partnership with Troy Hunt's Have I been Pwned, whose data is being supplied to Mozilla to power the Firefox Monitor service. [...] | Data Breach | ||
|
2018-09-25 08:09:04 | SHEIN-Fashion Shopping Site Suffers Data Breach Affecting 6.5 Million Users (lien direct) | U.S. online fashion retailer SHEIN has admitted that the company has suffered a significant data breach after unknown hackers stole personally identifiable information (PII) of almost 6.5 million customers.
Based in North Brunswick and founded in 2008, SHEIN has become one of the largest online fashion retailers that ships to more than 80 countries worldwide. The site has been initially
|
Data Breach | ||
|
2018-09-24 03:01:00 | 5 Notable Security Incidents that Recently Affected Federal Entities (lien direct) | Digital attackers have a history of targeting public sector organizations. For its 2018 Data Breach Investigations Report (DBIR), Verizon Enterprise tracked 22,788 security incidents that affected the public sector. Data disclosure occurred in 304 of those events; digital espionage via phishing or the use of a backdoor served as the most common pattern. Those techniques […]… Read More | Data Breach | ||
|
2018-09-20 23:21:02 | State Department Data Breach (lien direct) | Rich Campagna, CMO at Bitglass: “All organizations have a responsibility to keep their employee data safe – there is no room for error. This is particularly true of governmental groups that are supposed to be serving citizens and protecting their personal information. Unfortunately, despite the amount and type of data that these organizations handle, many are unprepared when it … The ISBuzz Post: This Post State Department Data Breach | Data Breach | ||
|
2018-09-20 11:09:03 | ICO to Fine Equifax £500,000 for 2017 Data Breach (lien direct) | The Information Commissioner’s Office (ICO) of the United Kingdom announced it will fine Equifax £500,000 for a data breach that occurred in 2017. In a monetary penalty notice filed on 19 September, the ICO revealed its decision to impose the maximum fine specified in section 55A of the Data Protection Act 1998 on Equifax. The […]… Read More | Data Breach | Equifax | |
|
2018-09-20 10:44:02 | US State Department confirms data breach to unclassified email system (lien direct) | The US State Department confirmed that hackers breached one of its email systems, the attack potentially exposed personal information of some of its employees. The incident seems to have affected less than 1% of employee inboxes, 600-700 employees out of 69,000 people. “The Department recently detected activity of concern in its unclassified email system, affecting less […] | Data Breach | ||
|
2018-09-20 07:25:00 | Equifax fined £500,000 over customer data breach (lien direct) | If the security incident had taken place after GDPR came into play, the fine may have been far higher. | Data Breach | Equifax | |
|
2018-09-20 06:54:05 | UK Regulator Fines Equifax £500,000 Over 2017 Data Breach (lien direct) | Atlanta-based consumer credit reporting agency Equifax has been issued a £500,000 fine by the UK's privacy watchdog for its last year's massive data breach that exposed personal and financial data of hundreds of millions of its customers.
Yes, £500,000-that's the maximum fine allowed by the UK's Data Protection Act 1998, though the penalty is apparently a small figure for a $16 billion
|
Data Breach | Equifax | |
|
2018-09-19 23:12:00 | Equifax fined by ICO over data breach that hit Britons (lien direct) | The UK's Information Commissioner's Office imposes a fine of £500,000 over the 2017 breach. | Data Breach | Equifax | |
|
2018-09-19 18:40:05 | Independence Blue Cross Data Breach (lien direct) | Philadelphia-based insurer Independence Blue Cross confirmed about 17,000 people have been affected by a data breach when an employee uploaded member information including names, birth dates and diagnosis codes to a public website. Zohar Alon, Co-founder and CEO at Dome9 Security: “The Independence Blue Cross data breach represents yet another example of an exposure of sensitive information … The ISBuzz Post: This Post Independence Blue Cross Data Breach | Data Breach | ||
|
2018-09-19 08:02:05 | State Department reveals data breach, employee information exposed (lien direct) | The data breach took place due to a compromised email system belonging to the department. | Data Breach | ||
|
2018-09-19 06:14:00 | (Déjà vu) State Department confirms breach of unclassified email system (lien direct) | The U.S. State Department confirmed it suffered a data breach that exposed employee data; the breach affected the State Department's unclassified email system.It's not like the agency suddenly decided to tell the public about the breach, though. The incident came to light only after Politico got hold of a Sept. 7, 2018, “Sensitive but Unclassified” notice about the breach.After a State Department spokesperson confirmed the compromise of its email system, Politico was told, “This is an ongoing investigation, and we are working with partner agencies, as well as the private sector service provider, to conduct a full assessment.” | Data Breach | ||
|
2018-09-19 06:14:00 | (Déjà vu) State Department confirms breach of unclassified email system, employee data exposed (lien direct) | The U.S. State Department confirmed it suffered a data breach that exposed employee data; the breach affected the State Department's unclassified email system.It's not like the agency suddenly decided to tell the public about the breach; the incident only came to light after Politico got hold of a Sept. 7 “Sensitive but Unclassified” notice about the breach.After a State Department spokesperson confirmed the compromise of its email system, Politico was told, “This is an ongoing investigation and we are working with partner agencies, as well as the private sector service provider, to conduct a full assessment.” | Data Breach | ||
|
2018-09-18 23:34:05 | US Dept of State says attack on email system exposed employees\' personal data (lien direct) |  The US Department of State has confirmed that it has suffered a data breach which exposed the personally identifiable information of some employees.
|
Data Breach | ||
|
2018-09-18 19:51:01 | Altaba To Settle Lawsuits Relating To Yahoo Data Breach For $47 Million – Victory For Yahoo Legal Team (lien direct) | Following the news about the Yahoo data breach for $47 million, Ilia Kolochenko, CEO of web security company at High-Tech Bridge commented below. Ilia Kolochenko, CEO at High-Tech Bridge: “Class actions are known to provide their members with very modest compensation compared to individual lawsuits. The settlement (subject to approval by court) makes slightly above … The ISBuzz Post: This Post Altaba To Settle Lawsuits Relating To Yahoo Data Breach For $47 Million – Victory For Yahoo Legal Team | Data Breach | Yahoo |
To see everything:
Our RSS (filtrered)
