Krebs on Security

SEPTEMBER 11, 2018

The zero-day flaw, CVE-2018-8440 , affects Microsoft operating systems from Windows 7 through Windows 10 and allows a program launched by a restricted Windows user to gain more powerful administrative access on the system. The sole non-Microsoft update pushed by Redmond today fixes a single vulnerability in Adobe Flash Player, CVE-2018-15967.

Security 121

Security Access IT 121

IT Governance

MAY 25, 2023

As Andrea Jelenik, the chair of the EDPB, told a recent panel discussion at the IAPP 2023 Global Privacy Summit : When we started from scratch we had to give guidance because everyone wanted to have guidance because the elephant in the room in 2018 was the GDPR. We’ve been analysing GDPR fines since the Regulation took effect in May 2018.

GDPR 91

GDPR Compliance Data Privacy Privacy 91

Krebs on Security

JULY 10, 2018

According to SANS, at least three of the flaws — CVE-2018-8278 , CVE-2018-8313 , and CVE-2018-8314 — were previously disclosed publicly, meaning that attackers may have had a head start figuring out how to exploit these flaws for criminal gain.

Security 136

Security IT 136

Data Breach Today

FEBRUARY 5, 2019

Business and Healthcare Sectors Suffered Most US Breaches, ITRC Finds In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.

Data breaches 178

Data breaches Security 178

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government 123

Government Security Passwords Access 123

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. ” concludes the ICO. Pierluigi Paganini.

GDPR 112

GDPR Data breaches Personal data Security 112

Data Breach Today

SEPTEMBER 26, 2018

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2018 Asia Pacific & Japan, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.

Information Security 136

Information Security Security 136

Krebs on Security

AUGUST 15, 2018

According to security firm Ivanti , the first of the two zero-day flaws ( CVE-2018-8373 ) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. One nifty little bug fixed in this patch batch is CVE-2018-8345. Microsoft’s analysis is here.

Security 117

Security Paper IT 117

Data Breach Today

NOVEMBER 17, 2023

Atlanta Man Pleads Guilty, Is Ordered to Pay $818,000 Restitution, May Avoid Prison The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his (..)

Security 291

Security Cybersecurity 291

Data Breach Today

AUGUST 21, 2019

White House Report: No 'Major' Breaches Reported; Incidents Down 12 Percent Federal government agencies experienced 12 percent fewer cyber incidents in 2018, when there were no "major" data breaches, according to a new White House report. But the report notes there's still plenty of risk mitigation work to be done.

Data breaches 133

Data breaches Government Risk 133

Data Breach Today

NOVEMBER 4, 2019

Patient Portal Incident Involved Third-Party Vendor A Utah eye clinic began notifying thousands of patients last week about a 2018 breach involving a third-party portal provider. What should other healthcare organizations learn from this incident?

101

101

Troy Hunt

JANUARY 3, 2019

Here's my 2018 highlights, starting with travel: Travel "Oh yeah, I'm totally gonna travel less this year" - me every single year In reality, my travel ended up looking like this: That's the same number as last year, 4 more days and another 8,000km. Probably with my 2018 events page which lists everything I did of a public nature.

Passwords 79

Passwords Security Information Security Government 79

Data Breach Today

JULY 24, 2018

A Guide to Video Interviews With Thought Leaders at This Year's Event At Infosecurity Europe 2018, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.

Information Security 101

Information Security Security 101

IBM Big Data Hub

AUGUST 24, 2023

Formed in 2018 to compete in the inaugural Call for Code Global Challenge — which it won — Project OWL is a global team of entrepreneurs focused on creating radically cost-effective and easy to use aerospace technologies. This is where Project OWL comes into play: developing new technologies to help address these challenges.

Communications 72

Communications IT Libraries Cloud 72

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. “As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.” ” reads a post published by MikroTik in a forum post.

Passwords 77

Passwords Security Access Information Security 77

Data Breach Today

JANUARY 4, 2018

Why Making a Prediction Is So Difficult So what actions can we expect in 2018 from the Department of Health and Human Services' Office for Civil Rights as it enforces the HIPAA privacy, security and breach notification rules? Making a prediction is difficult, given all the changes at HHS.

Privacy 101

Privacy Security IT 101

IT Governance

MARCH 8, 2019

2018 saw some of the biggest data breaches yet , with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. Using our monthly ‘ List of data breaches and cyber attacks ’ blog posts, we’ve created an infographic to sum up the reported data breaches of 2018.

Data breaches 107

Data breaches GDPR Compliance Personal data 107

Data Breach Today

MAY 24, 2018

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2018 in San Francisco, Information Security Media Group's editorial team conducted more than 100 video interviews with industry thought leaders. Here are the highlights.

Information Security 100

Information Security Security 100

Data Breach Today

MAY 3, 2018

At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Artificial Intelligence, Bug Squashing, Secure DevOps and More What matters most, right now, to the information security community? Other experts see artificial intelligence, machine learning and secure coding as hot trends.

Artificial Intelligence 110

Artificial Intelligence Cybersecurity Information Security Security 110

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. 2018 was characterized by significant changes in the cyber threat landscape especially for TTPs associated with threat agent groups. .

IoT 81

IoT Cybersecurity Phishing Security 81

Security Affairs

DECEMBER 5, 2018

Adobe released security updates for Flash Player that address two vulnerabilities, including a critical flaw, tracked as CVE-2018-15982, exploited in targeted attacks. Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.” Securi ty Affairs – Flash zero-day, CVE-2018-15982). Pierluigi Paganini.

Security 102

Security Archiving Access IT 102

Security Affairs

DECEMBER 21, 2019

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. SecurityAffairs – Cisco ASA, CVE-2018-0296). Pierluigi Paganini.

Security 63

Security Authentication Risk Cloud 63

Security Affairs

OCTOBER 26, 2018

Security researcher discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions. Xorg published a security advisory on the CVE-2018-14665 flaw. OpenBSD #0day Xorg LPE via CVE-2018-14665 can be triggered from a remote SSH session, does not need to be on a local console.

Security 97

Security IT 97

Security Affairs

APRIL 28, 2021

” The RotaJakiro backdoor was first spotted in 2018 when a sample was uploaded on VirusTotal’s anti-malware service. Since 2018, the researchers spotted four distinct samples of the malware that were uploaded between May 2018 and January 2021. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Encryption 72

Encryption Cybersecurity IoT Security 72

Security Affairs

MAY 13, 2019

Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. Yoroi Cyber Security Annual Report 2018 analyzes the evolution of the threat landscape observed between January 2018 and December 2018.

Security 77

Security Communications Data breaches Information Security 77

Security Affairs

SEPTEMBER 23, 2021

BulletProofLink has been active since 2018, it was used by multiple threat actors in either one-off or monthly subscription-based business models. The post BulletProofLink, a large-scale phishing-as-a-service active since 2018 appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Phishing 86

Phishing Ransomware Security Access 86

Security Affairs

SEPTEMBER 28, 2018

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. ships a kernel that was last updated 2018-08-27.” of the Linux kernel.

Security 97

Security IT 97

Security Affairs

OCTOBER 6, 2018

Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update. Other users discovered that some files on their machines were deleted after the Windows 10 October 2018 Update was installed. Security Affairs – Windows 10 October 2018 Update ).

Security 87

Security IT 87

Security Affairs

SEPTEMBER 18, 2021

” Our research shows that this actor has been targeting the aviation industry since at least 2018, with files mentioning both “Trip Itinerary Details” and “Bombardier” at the time using the URL akconsult[.]linkpc[.]net.” ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Phishing 95

Phishing Security Risk Access 95

OpenText Information Management

JANUARY 2, 2018

Over the next 10 years, there will be five billion … The post 2018 top tech predictions appeared first on OpenText Blogs. Software is powering digital transformations and will enable the Intelligent Enterprise—and a new way to work.

Digital transformation 75

Digital transformation Big data Artificial Intelligence Encryption 75

PerezBox

OCTOBER 20, 2018

On September 28th, 2018, Facebook announced it’s biggest data breach to date. The post The 2018 Facebook Data Breach appeared first on PerezBox. They estimated 50 million accounts were affected at the time of the disclosure. Subsequent to the disclosure, security.

Data breaches 69

Data breaches Security Information Security IT 69

OpenText Information Management

JANUARY 29, 2018

Digital transformation continues to progress in the government sector and this is unlikely to change in 2018. Instead, they cover areas where government agencies are likely to begin to realize … The post Top 2018 tech trends for Government appeared first on OpenText Blogs.

Government 87

Government Digital transformation 87

IT Governance

NOVEMBER 15, 2017

With the cyber threat landscape only set to grow in 2018, we spoke to a number of industry experts for an insight into the challenges and innovations IT professionals can expect to face in 2018. We expect to see 2018 security budgets increase after some high profile 2017 attacks. Healthcare will become an increasing target.

Security 93

Security GDPR Passwords Compliance 93

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Security 93

Security IT 93

IT Governance

MARCH 11, 2019

But that was somewhat misleading, because the same day the GDPR came into force, the UK adopted the DPA 2018. The DPA 2018 is essentially a UK-specific complement to the GDPR, and was created for three reasons. The DPA 2018 is essentially a UK-specific complement to the GDPR, and was created for three reasons. Wait… what?

GDPR 67

GDPR Personal data Compliance Government 67

Threatpost

MARCH 12, 2019

Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report.

Phishing 78

Phishing Security 78