Archive for the ‘data security’ Category

How Virtualization Helps Secure Connected Cars

Connected cars create opportunities to deliver enhanced customer experiences. At the same time, they also have the potential to provide high cost and revenue benefits. This is true for connected car companies, OEMs, suppliers and insurers (and much, much more). However, car companies haven’t really explored the opportunities to monetize customer data adequately. We can […]

Leave a Comment

China-linked LightBasin group accessed calling records from telcos worldwide

A China-linked hacking group, tracked as LightBasin (aka UNC1945), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. The cyberespionage group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. CrowdStrike researchers reported that […]

Leave a Comment

Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach

WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. Original post at https://www.wizcase.com/blog/us-municipality-breach-report/ What’s Happening? Over a 100 US cities appeared to be using the same product, mapsonline.net, provided by an American company named PeopleGIS. […]

Leave a Comment

Threat actors scrape 600 million LinkedIn profiles and are selling the data online

Researchers from Cyber News Team have spotted threat actors offering for sale 600 million LinkedIn profiles scraped from the platform, again. Original post: https://cybernews.com/news/threat-actors-scrape-600-million-linkedin-profiles-and-are-selling-the-data-online-again/ For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from hundreds of millions of LinkedIn user […]

Leave a Comment

3 tips for balancing data security and usability

So, how do organizations find the right balance when it comes to data security? Here are three tips to help organizations navigate this challenge: Security and Usability: Designing Secure Systems that People Can Use

Leave a Comment

Why Data Protection Cloud Strategies Are Now Mission-Critical

The growing reliance on public cloud services as both a source and repository of mission-critical information means data owners are under pressure to deliver effective protection for cloud-resident applications and data. Indeed, cloud is now front of mind for many IT organisations. According to recent research by Enterprise Strategy Group (ESG) cloud is “very well-perceived by data […]

Leave a Comment

Records and Information Management: Fundamentals of Professional Practice

Records and Information Management: Fundamentals of Professional Practice, Fourth Edition presents principles and practices for systematic management of recorded information. It is an authoritative resource for newly appointed records managers and information governance specialists as well as for experienced records management and information governance professionals who want a review of specific topics. It is also a […]

Leave a Comment

How to Become a Data Protection Officer

How to Become a Data Protection Officer The role of a Data Protection Officer (DPO) is a fairly new one in many companies. What’s more, the need to hire a DPO often comes as a response to the General Data Protection Regulations (GDPR) which were implemented back in 2018.As such, the responsibilities, reporting and structure […]

Leave a Comment

TikTok sued over its use of children’s personal data

TikTok is again being accused of illegally processing children’s personal data. The latest claim has been brought by Anne Longfield, the former children’s commissioner for England, who is suing the video-sharing app on behalf of 3.5 million children in the UK. She alleges that TikTok is violating the GDPR (General Data Protection Regulation) by collecting excessive data […]

Leave a Comment

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’ websites. The data from FBS.com and FBS.eu comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more. Were such detailed personally identifiable information (PII) to […]

Leave a Comment

Best Practices for Data Hygiene

Data hygiene consists of actions that organizations can, and should, take as a matter of following not only compliance requirements, but also as part of basic risk management program practices. Consistent, risk-specific data hygiene practices supports not only a very wide range and number of data protection compliance requirements, but performing data hygiene activities also […]

Leave a Comment

With data volumes and velocity multiplying, how do you choose the right data security solution?

Choosing the right data security solution Jean Le Bouthillier, CEO of Canadian data security startup Q​ohash​, says that organizations have had many issues with solutions that generate large volumes of (often) not relevant and not actionable data. “My first piece of advice for organizations looking for the right data security solutions would be to consider whether […]

Leave a Comment

Developing a Strong Security Posture in the Era of Remote Work

Leave a Comment

The fire in the OVH datacenter also impacted APTs and cybercrime groups

OVH, one of the largest hosting providers in the world, has suffered this week a terrible fire that destroyed its data centers located in Strasbourg. The French plant in Strasbourg includes 4 data centers, SBG1, SBG2, SBG3, and SBG4 that were shut down due to the incident, and the fire started in SBG2 one. The fire impacted the services […]

Leave a Comment

Data Obfuscation: An Image Is Worth a Thousand Lines of Malware

In this post, we are going to talk about MITRE ATT&CK® technique T1001 – Data Obfuscation. As the name indicates, this technique consists in making data, usually sent over Command and Control (C&C) communications, more difficult to detect and decode. There are countless ways to do that, but here we are going to focus on disguising […]

Leave a Comment

Hackers accessed Stormshield data, including source code of ANSSI certified products

Leave a Comment

Making a Success of Managing and Working Remotely

Leave a Comment

Google Mending Another Crack in Widevine

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management (DRM) technology used by online streaming sites like Disney, Hulu and Netflix to prevent their content from being pirated. The latest cracks in Widevine concern the encryption technology’s protection for L3 streams, which is used for […]

Leave a Comment

Hackers use e-skimmer that exfiltrates payment data via Telegram

Experts observed a new tactic adopted by Magecart groups, they used Telegram to exfiltrate stolen payment details from compromised websites Source: Hackers use e-skimmer that exfiltrates payment data via Telegram CISA Webinar: E-Skimming This Is How Easy It Is To Get Hacked | VICE on HBO Download a Security Risk Assessment Steps paper! Security Risk […]

Leave a Comment

Safari Bug That Allows Stealing Data Disclosed After Apple Delays A Patch

Apple planned to release a fix for the Safari bug by Spring 2021, delaying it for one year. The bug allows stealing local data files. Source: Safari Bug That Allows Stealing Data Disclosed After Apple Delays A Patch Data Loss/Leak Prevention | Security Basics

Leave a Comment