Data Breach Today

GDPR: Europe Counts 65,000 Data Breach Notifications So Far

Data Breach Today

$63 Million in Fines Imposed Since Privacy Law Went Into Full Effect European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May 2018.

Google Stored Unhashed G Suite Passwords for Years

Data Breach Today

Passwords Remained Encrypted for Enterprise Users Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform.

Database May Have Exposed Instagram Data for 49 Million

Data Breach Today

Email Addresses, Phone Numbers Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.

Crime Gang Advertises Stolen 'Anti-Virus Source Code'

Data Breach Today

Researchers: 'Fxmsp' Russian Hacking Collective Exploits Victims Via RDP and Active Directory The "Fxmsp" hacker collective has been advertising source code that it claims to have stolen from three top U.S.

Access 285

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

After 2 Years, WannaCry Remains a Threat

Data Breach Today

Poorly Written Ransomware Still Infects Unpatched Systems Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all

Intel's 'ZombieLoad' Fixes May Slow Processors by 9 Percent

Data Breach Today

CPUs Shipped From 2011 Onward Have Flaws of the Meltdown and Spectre Variety Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments.

Cloud 253

Attackers Exploit WhatsApp Flaw to Auto-Install Spyware

Data Breach Today

Immediate App Updating Required to Protect Apple and Android Device Users Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group.

Groups 255

Equifax's Data Breach Costs Hit $1.4 Billion

Data Breach Today

Massive 2017 Breach Continues to Bite the Credit Reporting Giant's Bottom Line Equifax has reported a loss in its latest quarter due to ongoing incident response, legal, investigative and corporate information security overhaul costs resulting from its 2017 data breach.

DHS Reportedly Warns of Chinese-Made Drones Stealing Data

Data Breach Today

Drones May Be Sending Data Back to China, According to News Reports The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Is Healthcare Sector Better Prepared for Ransomware Attacks?

Data Breach Today

Security at the Speed of the Cloud

Data Breach Today

McKinsey CISO Dan Fitzgerald on DevSecOps and the Future of Cloud Security Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co.,

Cloud 208

FBI and Europol Disrupt GozNym Malware Attack Network

Data Breach Today

6 Suspects Arrested on Money Laundering, Malware-Writing or Fraud Charges Law enforcement agencies in the U.S. and Europe have disrupted a malware attack platform called GozNym.

243
243

Chinese Men Charged With Hacking Health Insurer Anthem

Data Breach Today

Data of 78.8 Million Individuals Was Encrypted, Sent to China, US Alleges Two Chinese men have been indicted on charges related to the breach of health insurer Anthem, which saw the personal information of 78.8 million individuals stolen, as well as attacks against three other large U.S. companies

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Mystery Database Exposed Info on 80 Million US Households

Data Breach Today

Researchers Locate an Unprotected 24GB Database With Names, Addresses and Incomes An unsecured database hosted on Microsoft's cloud platform contained personal information on nearly 80 million U.S. households, according to two researchers who found it.

Cloud 273

Feds Warn of 'Electricfish' Malware Linked to North Korea

Data Breach Today

CERT Says Hidden Cobra APT Group Developed Malware The FBI and the Department of Homeland Security have issued a joint warning about new malware called "Electricfish." Investigators suspect it was developed by the advanced persistent threat group Hidden Cobra, which has been linked to North Korea

Groups 251

Multilayered Security Gets Personal

Data Breach Today

First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption.

Nigerian BEC Scammers Use Malware to Up the Ante

Data Breach Today

Business Email Compromise Schemes Get More Sophisticated A growing area of concern for security researchers is a new crop of business email compromise schemes originating from Nigeria, with scammers upping their game by using new malware.

Malware Knocks Out Accounting Software Giant Wolters Kluwer

Data Breach Today

Cloud 244

Facebook Marketplace Flaw Revealed Seller's Exact Location

Data Breach Today

Privacy Peril: Thieves Use Location Data to 'Shop' for High-Value Items Facebook has fixed a security vulnerability in its digital marketplace that could have been abused to identify the precise location of a seller, and by extension, their goods.

Surge in JavaScript Sniffing Attacks Continues

Data Breach Today

Forbes Subscription Site, Picreel and CloudCMS All Hit This Week The magazine subscription page for Forbes magazine and two web service platforms were hit with separate skimming attacks this week, security researchers say.

Database May Have Exposed Instagram Personal Data

Data Breach Today

Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.

Misconfigured IT (Again) Leads to Big Health Data Breach

Data Breach Today

Did Company Also Bungle Notification for Some Victims Impacted? A misconfigured IT setting has landed a Puerto Rico-based clearinghouse and cloud software services vendor at the top of federal regulators' list of largest health data breaches so far this year.

E-Commerce Skimming Attacks Evolve Into iFrame Injection

Data Breach Today

Finding Shows Risk To Sites That Use External Payment Processors Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details.

Risk 198

Despite Doxing, OilRig APT Group Remains a Threat

Data Breach Today

Researchers Describe What They've Learned From Data Dump Despite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to governments and businesses, researchers at Palo Alto Network's Unit 42 report

Groups 241

Assange Now Faces 18 US Charges

Data Breach Today

WikiLeaks Founder Faces Indicted Under Espionage Act A federal grand jury has indicted WikiLeaks founder Julian Assange on 18 counts under the U.S. Espionage Act for his role in publishing classified material, the Justice Department announced Thursday.

192
192

Citrix Hackers Camped in Tech Giant's Network for 6 Months

Data Breach Today

FBI Tipoff Led to Discovery; Citrix Blames Poor Password Security Citrix says the data breach it first disclosed in early March appears to have persisted for six months before being discovered and hackers ejected.

Assange Indicted in US Under Espionage Act

Data Breach Today

Case May Prove to be One of the Most Significant First Amendment Challenges A federal grand jury has indicted WikiLeaks founder Julian Assange on 18 counts under the U.S. Espionage Act for his role in publishing classified material, the Justice Department announced Thursday.

190
190

Australian Child-Tracking Smartwatch Vulnerable to Hackers

Data Breach Today

Report: Hacker Could Spoof Child's Location, View Personal Information An Australian company that markets a smartwatch designed to let parents monitor their child has taken its service offline after researchers revealed hackers could listen in on and spy on a child's location.

WannaCry Stopper Pleads Guilty to Writing Banking Malware

Data Breach Today

Marcus Hutchins, aka MalwareTech, Says He Regrets Coding, Distributing 'Kronos' Marcus Hutchins, the British security researcher who helped stop the massive WannaCry ransomware outbreak in mid-2017, has pleaded guilty to developing and distributing "Kronos" banking malware when he was younger

WhatsApp's Spyware Problem

Data Breach Today

The latest edition of the ISMG Security Report digs into the WhatsApp flaw that paved the way for spyware installation. Also: Microsoft patches old operating systems and a 'virtual CISO' sizes up security challenges

Cybersecurity's Week From Hell

Data Breach Today

Fix WhatsApp, Windows, Cisco and CPUs From Intel - Pending Patch Availability Multiple flaws - all serious, exploitable and some already being actively exploited - came to light this week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk.

Researchers: Aircraft Landing Systems Vulnerable

Data Breach Today

Study Finds Bogus Instrument Landing System Signals Could Send Planes Off Course The majority of aircraft accidents occur during landing. And during bad weather or low-visibility, pilots are trained to entirely trust their instruments.

Study 207

New Skimmer Attack Steals Data From Over 100 Ecommerce Sites

Data Breach Today

Malicious JavaScript Steals Credit Card Data A new skimmer attack that has injected malicious JavaScript into the payment sections of 105 ecommerce websites is stealing credit card and other customer data, security researchers warn.

Data 226

2 Million IoT Devices Have P2P Software Flaw: Researcher

Data Breach Today

Vulnerabilities Found in Security Cameras, Baby Monitors and More An independent security researcher is warning about a vulnerability in peer-to-peer software used in millions of IoT devices that could allow a hacker to eavesdrop on conversations or turn these items into a botnet

IoT 243

ScarCruft APT Group Targets Bluetooth With Malware: Report

Data Breach Today

Kaspersky Lab Says Korean-Speaking Group Expanding Its Arsenal ScarCruft, a Korean-speaking APT group that has been targeting organizations mainly in Southeast Asia over the past three years, is developing new malware that targets Bluetooth-enabled devices, according to Kaspersky Lab

Groups 212

Regulator to Facebook: Move Fast But Stop Breaking Things

Data Breach Today

FTC Reportedly Eyes Holding Mark Zuckberberg Personally Accountable for Privacy "Move fast and break things," Facebook CEO Mark Zuckerberg once said of his company's internal motto.

Attackers Shift to Malware-Based Cryptominers

Data Breach Today

Cryptocurrency Market Slide Makes In-Browser Mining Less Appealing Browser-based cryptocurrency miners are falling out of favor as virtual currency prices remain low, IBM says. But the company says malware-based miners are coming back, including fileless ones that rely on Powershell.

Mining 265