This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T19:40:44+00:00 www.secnews.physaphae.fr CSO - CSO Daily Dashboard notice of the data breach with the Attorney General of Montana on February 10 after discovering that a threat actor had accessed confidential information of certain current and former employees. “As a precautionary measure, we are writing to make you aware of an incident that may affect the security of some of your personal information,” the company wrote in its incident report. It said that as of now it is not aware of any kind of identity theft or fraud involving the leaked personal data. To read this article in full, please click here]]> 2023-02-14T04:04:00+00:00 https://www.csoonline.com/article/3687741/pepsi-bottling-ventures-suffers-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8310003 False Data Breach,Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard filing to the US Securities and Exchange Commission on Thursday. Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed, the company revealed. However, T-Mobile in a statement insisted that customer payment card information (PCI), social security numbers/tax IDs, driver's license or other government ID numbers, passwords/PINs or other financial account information were not exposed, it . To read this article in full, please click here]]> 2023-01-20T02:11:00+00:00 https://www.csoonline.com/article/3686053/t-mobile-suffers-8th-data-breach-in-less-than-5-years.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302776 False Data Breach None 1.00000000000000000000 CSO - CSO Daily Dashboard Verizon 2022 Data Breach Investigations Report, 82% of breaches involved a human element, the bulk of them involving phishing, business email compromise (BEC), and stolen credentials.To read this article in full, please click here]]> 2023-01-19T02:00:00+00:00 https://www.csoonline.com/article/3685415/how-cisos-can-manage-the-security-of-high-level-executives.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302492 False Data Breach None 2.0000000000000000 CSO - CSO Daily Dashboard GDPR and Data Breach survey from international law firm DLA Piper, which covers all 27 Member States of the European Union, plus the UK, Norway, Iceland, and Liechtenstein. This year's biggest fine of €405 million was imposed by the Irish Data Protection Commissioner (DPC) against Meta Platforms Ireland Limited relating to Instagram for alleged failures to protect children's personal data. The Irish DPC also fined Meta €265 million for failing to comply with the GDPR obligation for Data Protection by Design and Default. Both fines are currently under appeal.To read this article in full, please click here]]> 2023-01-17T04:47:00+00:00 https://www.csoonline.com/article/3685789/european-data-protection-authorities-issue-record-2-92-billion-in-gdpr-fines.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8301836 False Data Breach None 3.0000000000000000 CSO - CSO Daily Dashboard 2022 IBM Cost of a Data Breach Report, the global average cost of a data breach is $4.35 million. Data breaches in the US are even more costly, averaging over $9 million. However, it isn't just the big players caught in the line of fire. IBM's report also found that 83% of companies will experience a data breach soon, meaning financial institutions of all sizes - from local credit unions to Fortune 500s - are at risk. While ransomware attacks get the most time in the financial headlines, most breaches aren't caused by external factors or threat actors. The majority of system availability problems actually occur due to a lack of staff knowledge and protective protocols, software issues and limited security visibility across the institution. However, “more visibility” is not synonymous with “seeing more alerts.” In fact, the opposite is true. Keep reading to see how Devo SOAR helped a leading US bank streamline its SOC.To read this article in full, please click here]]> 2023-01-12T10:00:00+00:00 https://www.csoonline.com/article/3685191/how-financial-institutions-can-soar-to-success-with-devo-soar.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8300630 False Ransomware,Data Breach,Threat,Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-01-06T04:22:00+00:00 https://www.csoonline.com/article/3684771/twitters-mushrooming-data-breach-crisis-could-prove-costly.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8298511 False Data Breach None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-01-04T15:19:00+00:00 https://www.csoonline.com/article/3684769/attackers-use-stolen-banking-data-as-phishing-lure-to-deploy-bitrat.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8297971 False Data Breach,Tool None 1.00000000000000000000 CSO - CSO Daily Dashboard Optus breach, which impacted a third of the Australian population.To read this article in full, please click here]]> 2022-11-11T01:54:00+00:00 https://www.csoonline.com/article/3679630/medibank-hackers-revealed-to-be-in-russia.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7944597 False Data Breach None None CSO - CSO Daily Dashboard recent survey found that while most responding organizations said they had implemented or were implementing a zero trust strategy, more than half of them didn't have the ability to authenticate users and devices on an ongoing basis. Giving too much trust could have disastrous – and costly – results. IBM estimates that the worldwide average cost of a data breach is currently a staggering $4.24 million.To read this article in full, please click here]]> 2022-10-24T11:01:00+00:00 https://www.csoonline.com/article/3677852/how-a-zero-trust-platform-approach-takes-security-to-the-next-level.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7668059 False Data Breach None None CSO - CSO Daily Dashboard a notice published by the Department of Justice (DOJ).US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”To read this article in full, please click here]]> 2022-10-06T13:16:00+00:00 https://www.csoonline.com/article/3676148/guilty-verdict-in-the-uber-breach-case-makes-personal-liability-real-for-cisos.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7323153 False Data Breach,Hack Uber,Uber None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-28T13:00:00+00:00 https://www.csoonline.com/article/3675288/moving-security-technologies-to-the-cloud-4-tips-for-cisos.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7185965 False Data Breach None None CSO - CSO Daily Dashboard In a statement on Twitter, Uber wrote “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company are currently sparse, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee's Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.To read this article in full, please click here]]> 2022-09-16T03:46:00+00:00 https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6927552 False Data Breach Uber,Uber None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-05T05:04:00+00:00 https://www.csoonline.com/article/3672211/samsung-reports-second-data-breach-in-6-months.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6739846 False Data Breach None None CSO - CSO Daily Dashboard 2022 Verizon Data Breach Investigation Report (DBIR) found that cloud misconfigurations pose an ongoing threat to organizations. Error, especially misconfigured cloud storage, factored in 13% of data breaches analyzed by Verizon this year.To read this article in full, please click here]]> 2022-09-01T06:14:00+00:00 https://www.csoonline.com/article/3671354/how-to-avoid-cloud-misconfigurations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6665010 False Data Breach,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-29T04:19:00+00:00 https://www.csoonline.com/article/3671333/facebook-agrees-to-settle-class-action-lawsuit-related-to-cambridge-analytica-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6612015 False Data Breach None None CSO - CSO Daily Dashboard data breaches since 2019 suggest that regulators are getting more serious about organizations that don't properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. Now, the Equifax fine has been eclipsed by the $1.19 billion fine levied against the Chinese firm Didi Global for violating that nation's data protection laws, and by the $877 million fine against Amazon last year for running afoul of the General Data Protection Regulation (GDPR) in Europe.To read this article in full, please click here]]> 2022-08-16T02:00:00+00:00 https://www.csoonline.com/article/3410278/the-biggest-data-breach-fines-penalties-and-settlements-so-far.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6349701 False Data Breach Equifax,Equifax None CSO - CSO Daily Dashboard Politico ran a story detailing how the U.S. Department of Justice was investigating a recent data breach of the federal court system, which dated back to early 2020. The chair of the House Judiciary Committee, Jerrold Nadler (D-NY), described the breach as a “system security failure of the U.S. Courts' document management system.”On the same day, July 28, 2022, the U.S. Government Accountability Office (GAO) published the report GAO-22-105068 “U.S. Courts: Action Needed to Improve IT Management and Establish a Chief Information Officer.” The GAO report described systemic shortcomings in the administration of the U.S. court system, including the lack of a CIO, to oversee the substantive infrastructure.To read this article in full, please click here]]> 2022-08-10T02:00:00+00:00 https://www.csoonline.com/article/3669390/u-s-federal-court-breach-reveals-it-and-security-maturation-issues.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6226210 False Data Breach None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T07:44:00+00:00 https://www.csoonline.com/article/3668655/global-cost-of-data-breach-reaches-record-high-of-435-million-ibm.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6079444 False Data Breach None None CSO - CSO Daily Dashboard CIS Critical Security Controls (CIS Controls) are a prioritized set of actions that mitigate the most common cyber attacks. They translate cyber threat information into action. The CIS Benchmarks are secure configuration recommendations designed to safeguard systems against today's evolving cyber threats. Both CIS best practices provide organizations of all sizes with specific and actionable recommendations to enhance cyber defenses. Both are also mapped to or referenced by a number of industry standards and frameworks like NIST, HIPAA, PCI DSS, and more.To read this article in full, please click here]]> 2022-08-01T05:07:00+00:00 https://www.csoonline.com/article/3668529/solving-the-challenges-of-remediating-configuration-settings.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078545 False Data Breach,Threat None None CSO - CSO Daily Dashboard personally identifiable information (PII) manages to get a look at it, that can have dire consequences both for the individual and for the organization that stored the data and was supposed to keep it safe. To read this article in full, please click here]]> 2022-07-14T16:00:00+00:00 https://www.csoonline.com/article/3666958/data-breaches-explained-types-examples-and-impact.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5729781 False Data Breach None None CSO - CSO Daily Dashboard identity and access management (IAM) strategies for decades. "It started with mainframe time sharing, so nothing is new," says Jay Bretzmann, program director for security products at IDC. Despite that long experience, there are still opportunities for mistakes, especially when companies are upgrading their IAM platforms to those that can better deal with modern IT deployments.Here are six ways to tell that a company's IAM strategy is failing.1. Users can't access their applications, but criminals can The primary goal of an IAM platform is to allow legitimate users to access the resources that they need, while keeping out the bad guys. If the opposite is happening, then something is wrong. According to the latest Verizon Data Breach Incident Report, stolen credentials were the most common attack method last year, involved in half of all breaches and in over 80% of web application breaches.To read this article in full, please click here]]> 2022-07-05T02:00:00+00:00 https://www.csoonline.com/article/3665234/6-signs-your-iam-strategy-is-failing-and-how-to-fix-it.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5559108 False Data Breach None None CSO - CSO Daily Dashboard Top Threats to Cloud Computing: The Pandemic 11 report released earlier this month. "Data breaches and data loss were the top concerns last year," says CSA Global Vice President of Research John Yeoh. "This year, they weren't even in the top 11.""What that tells me is the cloud customer is getting a lot smarter," Yeoh continues. "They're getting away from worrying about end results-a data breach or loss is an end result-and looking at the causes of those results (data access, misconfigurations, insecure applications) and taking control of them."To read this article in full, please click here]]> 2022-07-04T02:00:00+00:00 https://www.csoonline.com/article/3043030/top-cloud-security-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5548896 False Data Breach,Threat None None CSO - CSO Daily Dashboard the massive 2017 data breach at the credit reporting agency Equifax, have been traced back to unpatched vulnerabilities-a 2019 Tripwire study found that 27% of all breaches were caused by unpatched vulnerabilities, while a 2018 Ponemon study put the number at a jaw-dropping 60%.To read this article in full, please click here]]> 2022-06-14T02:00:00+00:00 https://www.csoonline.com/article/3663493/vulnerability-management-mistakes-cisos-still-make.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5141340 False Data Breach Equifax None CSO - CSO Daily Dashboard ransomware schemes are planning to take any time to rest. Ransomware was all over the infosec news headlines in the past week, with one new report revealing that its presence has grown more in the last year than in the past several years combined.Here's roundup of noteworthy ransomware stories you might have missed.DBIR finds ransomware increased by double digits Verizon Business' annual Data Breach Investigations Report (DBIR) is out and confirms what many CISOs already know: ransomware continues to plague business. Ransomware-related breach instances rose 13%, an increase larger than in the past 5 years combined.To read this article in full, please click here]]> 2022-06-02T02:00:00+00:00 https://www.csoonline.com/article/3662038/ransomware-roundup-system-locking-malware-dominates-headlines.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4930072 False Ransomware,Data Breach,Malware None None CSO - CSO Daily Dashboard both of whom were later indicted for their breach of Lynda (a company acquired by Linkedin).To read this article in full, please click here]]> 2022-05-19T02:00:00+00:00 https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4704406 False Data Breach,Hack Uber,Uber None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2020-12-10T08:03:00+00:00 https://www.csoonline.com/article/3600893/fireeye-breach-explained-how-worried-should-you-be.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2089461 False Data Breach,Tool None None CSO - CSO Daily Dashboard 2020 Data Breach Investigations Report finds that phishing is the top threat action associated with breaches.Enterprises regularly remind users to beware of phishing attacks, but many users don't really know how to recognize them. And humans tend to be bad at recognizing scams.]]> 2020-11-24T03:00:00+00:00 https://www.csoonline.com/article/3234716/8-types-of-phishing-attacks-and-how-to-identify-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2054806 True Data Breach,Threat None None CSO - CSO Daily Dashboard 2020 Data Breach Investigations Report finds that phishing is the top threat action associated with breaches.Enterprises regularly remind users to beware of phishing attacks, but many users don't really know how to recognize them. And humans tend to be bad at recognizing scams.]]> 2020-11-24T03:00:00+00:00 https://www.csoonline.com/article/3234716/8-types-of-phishing-attack-and-how-to-identify-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2053000 False Data Breach,Threat None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2020-10-29T03:00:00+00:00 https://www.csoonline.com/article/3191947/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2011738 False Data Breach None None CSO - CSO Daily Dashboard 2020-10-20T03:00:00+00:00 https://www.csoonline.com/article/3584783/avoiding-the-snags-and-snares-in-data-breach-reporting-what-cisos-need-to-know.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1987328 False Data Breach,Guideline None None CSO - CSO Daily Dashboard 2020 Verizon Data Breach Investigations Report (DBIR), their backdoor and remote-control capabilities are still used by advanced threat actors to conduct sophisticated attacks.Staying ahead of evolving threats is a challenge that keeps many IT professionals awake at night. Understanding today's most important cyber threats is the first step toward protecting any organization from attack.]]> 2020-09-29T06:05:00+00:00 https://www.csoonline.com/article/3583953/how-to-defend-against-today-s-top-5-cyber-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1945865 False Data Breach,Malware,Threat None None CSO - CSO Daily Dashboard 5 tips for better cloud security. | Get the latest from CSO by signing up for our newsletters. ] Given the growing rush by organizations to move to the cloud, it's no surprise that some policymakers in Washington are calling for regulation of this disruptive technology. Last year, Representative Katie Porter (D-CA) and Nydia Velázquez (D-NY), urged the Financial Stability Oversight Council (FSOC) to consider cloud services as essential elements of the modern banking system and subject them to an enforced regulatory regime. Their calls for this kind of oversight came in the wake of a major data breach of Capital One in which an employee of the financial institution was able to steal more than 100 million customer credit applications by exploiting a misconfigured firewall in operations hosted on Amazon Web Services (AWS).]]> 2020-08-31T06:00:00+00:00 https://www.csoonline.com/article/3573371/cloud-technology-great-for-security-but-poses-systemic-risks-according-to-new-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1890745 False Data Breach None None CSO - CSO Daily Dashboard CIS Controls) are a set of more than 170 cybersecurity defensive measures, called safeguards, organized into a set of 20 Control activities. A community of security experts cooperate to keep this list of safeguards up-to-date based on vendor summaries of recent attack activity described in reports like the Verizon Data Breach Investigations Report (DBIR) and their experiences defending actual networks. Enterprises can select safeguards from the CIS Controls to create a robust cyber defense mission for their organization.]]> 2020-08-19T05:56:00+00:00 https://www.csoonline.com/article/3571798/center-for-internet-securitys-community-defense-model.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1870515 False Data Breach None None CSO - CSO Daily Dashboard the SHIELD Act, is a New York State bill signed into law last July. One key provision in the legislation that could significantly change security practices across the country is slated to go into effect March 21, possibly inducing companies big and small to change the way they secure and transmit not only New Yorkers' private data but all consumers' sensitive information.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Technically an amendment to the state's data breach notification law, the SHIELD Act could have as much of an impact on internet and tech companies' privacy and security practices as the more famous California Consumer Privacy Act (CCPA) or even the European Union's General Data Protection Regulation (GDPR) experts say.]]> 2020-03-23T03:00:00+00:00 https://www.csoonline.com/article/3533455/new-yorks-shield-act-could-change-companies-security-practices-nationwide.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1615354 False Data Breach None None CSO - CSO Daily Dashboard 2018 report by the Ponemon Institute. That's 6.4 percent more than the estimated cost just one year earlier.  [ Learn how SandBlast Mobile simplifies mobile security. | Get the latest from CSO by signing up for our newsletters. ]]]> 2020-02-25T03:00:00+00:00 https://www.csoonline.com/article/3241727/8-mobile-security-threats-you-should-take-seriously-in-2020.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1564484 False Data Breach None None CSO - CSO Daily Dashboard 2020-02-19T16:12:00+00:00 https://www.csoonline.com/article/3528290/how-to-maximize-resources-in-your-cybersecurity-workforce.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1563695 False Data Breach,Threat None None CSO - CSO Daily Dashboard 2020-01-29T11:53:00+00:00 https://www.csoonline.com/article/3516135/episode-2-three-things-that-keep-biogen-ciso-bob-litterer-up-at-night.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1517229 False Data Breach None None CSO - CSO Daily Dashboard supply chain attack. The idea behind these attacks is to compromise a third-party piece of software from a VAR or systems integrator or infect an industrial process unbeknownst to IT. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-12-26T03:00:00+00:00 https://www.csoonline.com/article/3400381/what-is-magecart-how-this-hacker-group-steals-payment-card-data.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1494525 False Data Breach None None CSO - CSO Daily Dashboard this $39 bundle will show you how.]]> 2019-12-19T07:05:00+00:00 https://www.csoonline.com/article/3505905/learn-how-to-be-an-ethical-hacker-with-this-39-in-depth-training-bundle.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1494527 True Data Breach None None CSO - CSO Daily Dashboard Recent data from Centrify and the Ponemon Institute suggest that customers are becoming increasingly sensitive to the impact of a data breach and how a company manages the response, with 65% saying a data breach had caused them to lose trust in the organization, and 27% discontinuing their relationship with that company. The 2019 Cost of Data Breach Report from IBM Security and the Ponemon Institute found that 36% of the cost of an average data breach was due to business disruption, a category that includes lost customers. The report also found that the average cost of a data breach was nearly $1 million lower when a company lost less than 1 percent of their customers. For those losing over 4 percent of their customers, the cost was roughly $1.8 million more. The report concluded that “the loss of customer trust had serious financial consequences,” on businesses experiencing a data breach.  ]]> 2019-11-19T07:21:00+00:00 https://www.csoonline.com/article/3454597/3-keys-to-preserving-customer-relationships-in-the-wake-of-a-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1476007 False Data Breach None None CSO - CSO Daily Dashboard Cost of a Data Breach Report, the average total cost of a data breach is now $3.92 million, with an average of 25,575 records being stolen or compromised. But recovering lost data is only part of the equation. Extended downtime can quickly compound costs on an hour-by-hour basis. And more difficult to quantify is regaining lost consumer confidence and damage to an organization's brand, which can take months or years to repair.]]> 2019-11-15T07:48:00+00:00 https://www.csoonline.com/article/3453731/5-recommendations-for-preparing-for-and-responding-to-a-network-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1469254 False Data Breach None None CSO - CSO Daily Dashboard this $39 bundle will show you how.]]> 2019-11-04T07:05:00+00:00 https://www.csoonline.com/article/3448405/this-12-course-bundle-will-teach-you-how-to-be-an-ethical-hacker-for-39.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1444545 False Data Breach None None CSO - CSO Daily Dashboard Capital One breach is the most prominent recent example. The breach resulted from a misconfigured open-source web application firewall (WAF), which the financial services company used in its operations that are hosted on Amazon Web Services (AWS). [ Follow these 5 tips for better cloud security. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-10-21T03:00:00+00:00 https://www.csoonline.com/article/3208905/top-cloud-security-controls-you-should-be-using.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1417375 False Data Breach None None CSO - CSO Daily Dashboard 2019-10-17T05:36:00+00:00 https://www.csoonline.com/article/3446521/privacy-legislation-the-road-ahead.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1409022 False Data Breach None None CSO - CSO Daily Dashboard 2019-10-14T03:00:00+00:00 https://www.csoonline.com/article/3444488/equifax-data-breach-faq-what-happened-who-was-affected-what-was-the-impact.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1402160 False Data Breach Equifax None CSO - CSO Daily Dashboard one of its reservation systems had been compromised, with hundreds of millions of customer records, including credit card and passport numbers, being exfiltrated by the attackers. While Marriott has not disclosed the full timeline or technical details of the assault, what we do know tells us quite a bit about the current threat landscape - and offers lessons for other enterprises on how to protect themselves.We answer 10 frequently asked questions.When was the Marriott breach? On September 8, 2018, an internal security tool flagged as suspicious an attempt to access the internal guest reservation database for Marriott's Starwood brands, which include the Westin, Sheraton, St. Regis, and W hotels. This prompted an internal investigation that determined, through a forensics process that Marriott has not discussed in detail, that the Starwood network had been compromised sometime in 2014 - back when Starwood had been a separate company. Marriott purchased Starwood in 2016, but nearly two years later, the former Starwood hotels hadn't been migrated to Marriott's own reservation system and were still using IT infrastructure inherited from Starwood, an important factor that we'll revisit in more detail later.]]> 2019-09-30T03:00:00+00:00 https://www.csoonline.com/article/3441220/marriott-data-breach-faq-how-did-it-happen-and-what-was-the-impact.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1370596 False Data Breach,Tool,Threat None None CSO - CSO Daily Dashboard CapitalOne breach has certainly made lots of headlines in less than a day since the story broke out. And sadly, it has already thrust the $700M settlement that was reached from the largest ever data breach – the Equifax one – onto the sidelines just days after the news of that settlement broke out.But going back to CapitalOne, there are lots of lessons to be learned there certainly. I want to focus on where CapitalOne's data centers were and what that means for the rest of the planet from a security perspective. CapitalOne has been one of the most vocal AWS customers. They have appeared at numerous AWS events and touted how they have completely shuttered all their data centers and run exclusively on Amazon. And to be fair, they have also shared their best practices and use of AWS services.]]> 2019-07-31T05:55:00+00:00 https://www.csoonline.com/article/3412006/is-the-cloud-lulling-us-into-security-complacency.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1235036 False Data Breach Equifax None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-07-26T03:00:00+00:00 https://www.csoonline.com/article/3410278/the-biggest-data-breach-fines-penalties-and-settlements-so-far.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1224662 False Data Breach Equifax None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-07-24T04:38:00+00:00 https://www.csoonline.com/article/3411139/equifax-s-billion-dollar-data-breach-disaster-will-it-change-executive-attitudes-toward-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1221143 False Data Breach Equifax None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-06-20T03:00:00+00:00 https://www.csoonline.com/article/3402985/a-new-website-explains-data-breach-risk.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1165070 False Data Breach None None CSO - CSO Daily Dashboard cybercriminal groups that use manual hacking and stealthy techniques to remain hidden. Now, researchers from Bitdefender have released a report on an intrusion they investigated at an unnamed bank that documents in detail how these attackers operate and shows how fast they can gain control over a network. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-06-06T08:40:00+00:00 https://www.csoonline.com/article/3400861/from-phish-to-network-compromise-in-two-hours-how-carbanak-operates.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1142892 False Data Breach None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-05-14T03:00:00+00:00 https://www.csoonline.com/article/3394048/200-million-record-breach-why-collecting-too-much-data-raises-risk.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1106456 False Data Breach None None CSO - CSO Daily Dashboard 2018 Ponemon Cost of a Data Breach study ($408, nearly double the next-highest industry), but research published last year suggested healthcare data breaches may cause as many as 2,100 deaths per year in the United States.]]> 2019-04-29T03:00:00+00:00 https://www.csoonline.com/article/3390683/how-a-data-driven-approach-to-security-helps-a-small-healthcare-team-embrace-automation.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1096379 False Data Breach,Threat None None CSO - CSO Daily Dashboard 2019-04-16T03:00:00+00:00 https://www.csoonline.com/article/3389138/how-onelogin-responded-to-its-breach-and-regained-customer-trust.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1093931 False Data Breach None None CSO - CSO Daily Dashboard Image by NicoElNino / Getty ImagesIDC estimates that worldwide Spending on Security Solutions will reach $103.1 Billion in 2019. Security budgets average around $9 million per year per enterprise, according to Kaspersky. While the average cost of a data breach according to IBM and Ponemon is $3.86 million.]]> 2019-04-04T03:00:00+00:00 https://www.csoonline.com/article/3386377/security-technologies-that-provide-the-most-savings.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1088527 False Data Breach None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-03-28T09:11:00+00:00 https://www.csoonline.com/article/3385126/apt-group-elfin-switches-from-data-destruction-to-data-stealing-via-winrar-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1085514 False Data Breach,Vulnerability APT33,APT 33 None CSO - CSO Daily Dashboard GDPR) is a broad set of regulations that dictate how a company handles the personal data of citizens within the European Union. Articles 33 and 34 of the GDPR outlines the requirements to notify both a supervisory authority and affected data subjects in the event of a data breach.]]> 2019-03-26T03:00:00+00:00 https://www.csoonline.com/article/3383244/how-to-report-a-data-breach-under-gdpr.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1081592 False Data Breach None None CSO - CSO Daily Dashboard 2018 report by the Ponemon Institute. That's 6.4 percent more than the estimated cost just one year earlier.  [ Learn how SandBlast Mobile simplifies mobile security. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-02-21T12:01:00+00:00 https://www.csoonline.com/article/3241727/mobile-security/7-mobile-security-threats-you-should-take-seriously-in-2019.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1035842 True Data Breach None None CSO - CSO Daily Dashboard social engineering in conjunction with malicious program delivery, a technique known as phishing, remains one of the biggest threats to the cybersecurity landscape. If human users can be tricked into taking an action such as downloading malware, connecting with a compromised website, or even providing their credentials directly to criminals, it often overrides many of the automatic protections that cyber defenses offer. It's become so popular and so successful that the most recent Verizon Data Breach Investigations Report puts phishing and social engineering attacks at the center of 93 percent of breaches in 2018.]]> 2019-02-19T03:00:00+00:00 https://www.csoonline.com/article/3339700/phishing/review-slashnext-is-like-shooting-phish-in-a-barrel.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1032268 False Data Breach None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] According to a new report from security intelligence vendor Risk Based Security (RBS), over 6,500 incidents that resulted in compromised data have been publicly disclosed last year, two-thirds of them originating in the business sector. The government sector accounted for 13.9 percent, the medical sector for 13.4 percent and education for 6.5 percent.]]> 2019-02-15T06:17:00+00:00 https://www.csoonline.com/article/3341317/data-breach/data-breaches-exposed-5-billion-records-in-2018.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1028171 True Data Breach None None CSO - CSO Daily Dashboard General Data Protection Regulation (GDPR) came into effect in May last year, EU organizations have reported almost 60,000 data breaches, but so far fewer than 100 fines have been issued by regulators. [ Learn how to protect personally identifiable information (PII) under GDPR. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-02-06T10:43:00+00:00 https://www.csoonline.com/article/3336043/compliance/report-over-59-000-gdpr-data-breach-notifications-but-only-91-fines.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1019984 False Data Breach None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-01-25T10:21:00+00:00 https://www.csoonline.com/article/3191947/data-breach/what-is-a-supply-chain-attack-why-you-should-be-wary-of-third-party-providers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1009230 False Data Breach None None CSO - CSO Daily Dashboard longest government shutdown on record. Marriott International's Starwood reservation system was hacked exposing the personal data of up to 500 million guests. Quora's data breach exposed up to 100 million users' names, email addresses, IP addresses, and more…Apple, Facebook and Google stocks took heavy hits in December 2018 as the global economy and privacy concerns took their toll, and investors worried about a looming bear market. And then came the government shutdown. For cybersecurity professionals looking ahead at the rest of 2019, these events present a trifecta of challenges.]]> 2019-01-15T09:57:00+00:00 https://www.csoonline.com/article/3331935/data-breach/breaches-market-volatility-and-the-government-shutdown-security-in-the-crosshairs.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=993880 False Data Breach None None CSO - CSO Daily Dashboard 2019-01-07T06:05:00+00:00 https://www.csoonline.com/article/3331598/identity-management/managing-identity-and-access-management-in-uncertain-times.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=978974 False Data Breach Equifax,Yahoo,Deloitte None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2018-12-20T05:01:00+00:00 https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=956567 False Data Breach None None CSO - CSO Daily Dashboard 2018-12-18T03:00:00+00:00 https://www.csoonline.com/article/3328396/data-breach/13-data-breach-predictions-for-2019.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=952110 False Data Breach None None CSO - CSO Daily Dashboard 2018 report by the Ponemon Institute. That's 6.4 percent more than the estimated cost just one year earlier.  [ Learn how SandBlast Mobile simplifies mobile security. | Get the latest from CSO by signing up for our newsletters. ]]]> 2018-11-20T04:04:00+00:00 https://www.csoonline.com/article/3241727/mobile-security/6-mobile-security-threats-you-should-take-seriously-in-2019.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=908364 False Data Breach None None CSO - CSO Daily Dashboard 2018 Verizon Data Breach Investigations Report says most hacks still happen through breaches of web applications. For this reason, testing and securing applications has become a priority for many organizations. That job is made easier by a growing selection of application security tools. Below is a list of some of the best application security tools available, with descriptions of the situations where they can be most effective.]]> 2018-11-08T03:00:00+00:00 https://www.csoonline.com/article/3317523/application-security/top-application-security-tools-for-2019.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=886403 False Data Breach None None CSO - CSO Daily Dashboard Image by Getty/UberIn 2016 ride-hailing app Uber had 600,000 driver and 57 million user accounts were breached. Instead of reporting the incident the company paid the perpetrator $100,000 to keep the hack under wraps. Those actions, however, cost the company dearly. The company was fined $148 million -- the biggest data-breach payout in history – for violation of state data breach notification laws.]]> 2018-10-30T03:00:00+00:00 https://www.csoonline.com/article/3316569/data-breach/biggest-data-breach-penalties-for-2018.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=870239 False Data Breach,Hack Uber None CSO - CSO Daily Dashboard 2018-10-22T14:00:00+00:00 https://www.csoonline.com/article/3315100/security/know-the-facts-today-s-cyberthreat-landscape.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=860970 False Data Breach None None CSO - CSO Daily Dashboard 2018-10-22T03:06:00+00:00 https://www.csoonline.com/article/3313110/cloud-security/3-top-multi-cloud-security-challenges-and-how-to-build-a-strategy.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=856063 False Data Breach None None CSO - CSO Daily Dashboard 2018-10-02T14:18:00+00:00 https://www.csoonline.com/article/3309953/security/gwinnett-medical-center-investigating-possible-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=829095 False Data Breach None None CSO - CSO Daily Dashboard “Sensitive but Unclassified” notice about the breach.After a State Department spokesperson confirmed the compromise of its email system, Politico was told, “This is an ongoing investigation and we are working with partner agencies, as well as the private sector service provider, to conduct a full assessment.”]]> 2018-09-19T06:14:00+00:00 https://www.csoonline.com/article/3305067/security/state-department-confirms-breach-of-unclassified-email-system-employee-data-exposed.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=815460 True Data Breach None None CSO - CSO Daily Dashboard “Sensitive but Unclassified” notice about the breach.After a State Department spokesperson confirmed the compromise of its email system, Politico was told, “This is an ongoing investigation, and we are working with partner agencies, as well as the private sector service provider, to conduct a full assessment.”]]> 2018-09-19T06:14:00+00:00 https://www.csoonline.com/article/3305067/security/state-department-confirms-breach-of-unclassified-email-system.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=815605 True Data Breach None None CSO - CSO Daily Dashboard data breach by the Privacy Rights Clearinghouse, which has been the most thorough and stalwart public recorder of data breaches in the United States for over two decades. The data file contained just over 8,600 data breaches. I found a few dupes and some missing or erroneous information, but overall, it's the best public, non-profit, and free source you're going to find.]]> 2018-09-13T03:00:00+00:00 https://www.csoonline.com/article/3304286/data-breach/data-risk-ratings-because-not-all-data-breaches-are-equal.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=805932 False Data Breach None None CSO - CSO Daily Dashboard Image by Getty ImagesThe average cost of a data breach has risen to $3.86 million, according to a new report from IBM. The latest version of its annual report shows a 6.6 percent increase in costs; including direct losses, indirect costs related to time and effort in dealing with a breach, and lost opportunities such as customer churn as result of bad publicity.]]> 2018-09-10T03:00:00+00:00 https://www.csoonline.com/article/3304358/data-breach/what-is-the-cost-of-a-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=801279 False Data Breach None None CSO - CSO Daily Dashboard Augusta University Health Reports Major Data Breach Superdrug denies data breach Health Data Breach Victim Tally for 2018 Soars Judge approves Anthem's $115M data breach settlement Indeed, big data breach stories and other major security incidents that keep offering large doses of fear, uncertainty and doubt (FUD) to the world, just keep drawing me back.]]> 2018-09-06T03:00:00+00:00 https://www.csoonline.com/article/3302849/security/why-security-pros-are-addicted-to-fud-and-what-you-can-do-about-it.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=794976 False Data Breach None None CSO - CSO Daily Dashboard 2018-08-17T08:40:00+00:00 https://www.csoonline.com/article/3298523/critical-infrastructure/balancing-cybersecurity-and-regulatory-compliance.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=779670 False Data Breach None 4.0000000000000000 CSO - CSO Daily Dashboard 2018-08-13T03:00:00+00:00 https://www.csoonline.com/article/3296377/data-breach/3-reasons-companies-fail-to-assess-the-scope-of-a-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=779678 False Data Breach None None CSO - CSO Daily Dashboard sequence of events, we see that a trusted insider placed the company's data at risk when their employee credentials were used by a third-party to log into TimeHop's Cloud Computing Environment. How the intruder obtained the employee's log-in credentials is unknown.]]> 2018-08-10T06:40:00+00:00 https://www.csoonline.com/article/3296486/loss-prevention/how-did-the-timehop-data-breach-happen.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=775077 False Data Breach None None CSO - CSO Daily Dashboard 2018-08-01T04:15:00+00:00 https://www.csoonline.com/article/3294297/regulation/is-californias-consumer-privacy-act-of-2018-going-to-be-gdpr-version-2.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=761644 False Data Breach None None CSO - CSO Daily Dashboard security blind spot is ripe for exploitation by cybercriminals probing your network for weaknesses. Despite 97 percent of risk professionals admitting that a data breach or cyber-attack caused by unsecure IoT devices could be catastrophic for their organization, according to a survey by the Ponemon Institute and Shared Assessments, just 15 percent have an inventory of most of their IoT and only 46 percent have a policy in place to disable devices that pose a risk.]]> 2018-07-17T08:33:00+00:00 https://www.csoonline.com/article/3290425/internet-of-things/8-steps-to-secure-unmanaged-devices-in-the-enterprise.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=747613 False Data Breach None None CSO - CSO Daily Dashboard led to calls to regulate the legal profession, and today ethics is a mandatory part of law school training and bar association rules of conduct. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2018-07-10T03:00:00+00:00 https://www.csoonline.com/article/3287864/legal/duty-of-care-why-and-how-law-firms-should-up-their-security-game.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=738383 False Data Breach None None CSO - CSO Daily Dashboard The Patreon letter recaps the Typeform data breach, and then informs the recipient that "as a result, we are reaching out to you as the data that was potentially impacted includes your [name and email address]."]]> 2018-07-02T18:55:00+00:00 https://www.csoonline.com/article/3286625/security/no-data-breach-at-patreon-but-proactive-notice-caused-some-concern.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=731095 False Data Breach None None CSO - CSO Daily Dashboard 81 percent of hacking-related data breaches involve weak or stolen passwords.]]> 2018-06-29T08:50:00+00:00 https://www.csoonline.com/article/3286207/identity-management/3-musts-for-vpn-multi-factor-authentication.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=728927 False Data Breach None None