Facebook: Developers Wrongfully Accessed User Data - Again

Data Breach Today

Company Acknowledges 100 Third-Party Developers Had Unauthorized Access Facebook has revealed that, once again, it allowed third-party app developers to wrongfully gain access to its customers' private data.

Access 158

Texas Ransomware Responders Urge Remote Access Lockdown

Data Breach Today

Lessons Learned From Crypto-Locking Malware Attack That Hit 22 Municipalities Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration.

Access 214

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Digital Transformation: The Privileged Access Imperative

Data Breach Today

And a good start is by ensuring privileged access management is a key component of transformation As a security leaders, too often you are brought to the table after a digital transformation project has been initiated, so you are forced to take a reactive position. But Adam Bosnian of CyberArk sees an important, proactive role for security.

'Virus Infection' Prohibits Access to Patient Records

Data Breach Today

Attack on a California Medical Group Affects Nearly 198,000 Individuals A recent cyberattack on a California medical imaging and oncology services provider, which prohibited access to patient data, is one of the largest health data breaches reported so far this year

Access 209

Remote Desktop Protocol: Securing Access

Data Breach Today

Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra

Access 144



Think instead about who can deny a single individual access to information, while providing access to 190 other people. Who is entitled to access information in your company? What controls are in place to make sure that people who shouldn’t have access don’t get access? Access Compliance (General) Controls Culture Duty Governance Government Internal controls Policy Third parties Uncategorized

Cybercrime Black Markets: RDP Access Remains Cheap and Easy

Data Breach Today

Also Hot: Payment Card Numbers, Identity Packets, DDoS Attacks, Shell Companies Cybercrime is surging, thanks in no small part due to the easy availability of inexpensive hacking tools and services.

Hackers Sell Access to Bait-and-Switch Empire

Krebs on Security

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S.

Access 274

Google Restricts Huawei's Access to Android

Data Breach Today

As US/China Trade Tensions Escalate, Experts Warn of 'Unintended Consequences' After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license.

Access 191



Isn’t it good that airlines are competing based on providing better access to your information? “Firms Push Better In-Flight Web Access,” The Wall Street Journal , February 26, 2018 B4. But it’s a good thing to have better access to information when you are in the air, right? Access Information ValueCompetition is a good thing. Airlines and satellite providers team up to give passengers faster in-flight web service.

Privacy Analysis: Google Accesses Patient Data on Millions

Data Breach Today

Massive Research Project With Ascension Health System Raises Concerns A newly disclosed collaboration between Google and the massive Ascension healthcare system that the partners say is designed to improve patient care is raising serious privacy concerns.

Access 194

Healthcare Case Study: Identity and Access Management

Data Breach Today

How can a large healthcare delivery system efficiently handle identity and access management for thousands of clinicians and other users of patient data? Robert Siebenthaler of PeaceHealth explains how his organization, which operates 10 medical centers, has developed a fine-tuned, role-based approach

Access 164

Case Study: Improving ID and Access Management

Data Breach Today

What are some of moves that organizations can make to improve their identity and access management? Veda Sankepally, an IT security manager at managed care company Molina Healthcare, describes critical steps in this case study interview

Access 127

Zero Trust: Secure Access in Complex Environments

Data Breach Today

With mobile apps and cloud computing, enterprises are facing challenges creating secure, trusted access paths The zero trust model has been around for a decade, and the ideas around it have evolved as applications have left the enterprise perimeter, says Lisa Lorenzin of Zscaler.

Access 141

Cybercrime Markets Sell Access to Hacked Sites, Databases

Data Breach Today

Payment Card Theft, Ransomware Facilitated by Cybercrime-as-a-Service Offerings One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks.

Access and Identity: With 'Zero Trust,' Less Is More

Data Breach Today

Marku Rossi of SSH Communications Security on Delivering Right Access Privileges at Right Time More organizations are applying a highly automated "zero trust" model to ensure that they only give the right amount of privilege to the right user for the right amount of time, says Markku Rossi, CTO of SSH Communications Security.

Access 172

Cloud Provides Efficient Access to Healthcare Data

Perficient Data & Analytics

My next blog in this series examines how cloud provides efficient access to your healthcare data. My last blog outlines cloud as a secure and central hub for all of your data.

Hard-Coded Credentials Found in ID, Access Control Software

Data Breach Today

Researchers Say Other Flaws Also Remain Unpatched Researchers from Tenable Security claim they have found what is essentially a skeleton key for an ID and access control system that could open the doors for anyone, plus other less severe but nonetheless zero-day vulnerabilities

Access 198

FBI: Encryption Blocked Access to 7,800 Devices

Data Breach Today

Director Calls For 'Responsible' Solution That's Not a Backdoor FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement.

Facebook Privacy Breach: 100 Developers Improperly Accessed Data


Facebook said that 100+ third-party app developers had access to restricted data for members of Groups, in its latest privacy snafu.

HIPAA Case: Hospital Fined for Ex-Employee's Access to PHI

Data Breach Today

Enforcement Action is the Third in Recent Weeks, Eighth This Year In its third enforcement action in recent weeks, federal regulators have hit a Colorado medical center with a HIPAA fine in a case involving failure to terminate a former employee's remote access to patient data.

Access 198

For Sale: Admin Access Credentials to Healthcare Systems

Data Breach Today

Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay Maor of IntSights

Sales 140

Sudo Bug Opens Root Access on Linux Systems


Vulnerabilities all keyword bypass CVE-2019-14287 flaw Linux privilege restrictions root access runas sudo vulnerabilityThe bug allows users to bypass privilege restrictions to execute commands as root.

Access 108

Scrutiny of Google's Access to Patient Data Intensifies

Data Breach Today

Congress Demands Answers; Advocacy Group Raises Concerns Ascension healthcare system's sharing of data with Google on millions of patients is drawing increased scrutiny from members of Congress as well as privacy advocates. What are the major areas of concern

Access 141

The 4 Pitfalls of Privileged Access Management

Data Breach Today

Bomgar's Sam Elliott on Overlooked Areas of Security Overlooked areas of security and defense include four pitfalls of privileged access management, says Sam Elliott of Bomgar, who offers insights on taking the right steps

Access 149

Before Elections, US Cut Russian Trolls' Internet Access

Data Breach Today

military curtailed the internet access of an infamous Russian trolling operation around the mid-term elections in November 2018 to stem the spread of noxious disinformation, and also directly contacted some of the troll-factory employees by name, the Washington Post reports Mindful of Escalation, American Spies Cautiously Spar with Russia The U.S.

Access 166

GDPR Data Subject Access Requests: How to Respond

IT Governance

The EU GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. This is known as a DSAR (data subject access request). What is the right of access? .

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges


Vulnerabilities BIOS Update CVE-2019-18579 Dell direct memory access dma eclypsium firmware HP kernel privileges vulnerabilitiesThe manufacturers have issued BIOS updates to address the issues, but researchers warn DMA attacks are likely possible against a range of laptops and desktops.

With GDPR's 'Right of Access,' Who Really Has Access?

Dark Reading

How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification

Experts found undocumented access feature in Siemens SIMATIC PLCs

Security Affairs

Researchers discovered an undocumented access feature in Siemens SIMATIC S7-1200 programmable logic controller (PLC) that could be exploited by attackers to execute arbitrary code on affected devices. Using this functionality requires physical access to the UART interface during boot process.”

Access 113

Report: Remote Access Is No. 1 Healthcare Tech Hazard

Data Breach Today

ECRI Institute Calls Attention to Cyber Risks for Second Consecutive Year Hackers remotely accessing medical devices and systems - potentially disrupting care and putting patients at risk - is the No.

Access 177

Why Is Providing Patients Access to Records So Challenging?

Data Breach Today

Study Shows Hospitals Inconsistent in Presenting Access Options Although HIPAA gives patients the right to access their health records in their preferred format - on paper or electronically - a new study finds discrepancies in the information hospitals provide to patients regarding the release of their records, pointing to the need for better training.

Access 165

How 'Zero Trust' Better Secures Applications and Access

Data Breach Today

Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint

Access 141

9 Top Network Access Control (NAC) Solutions

eSecurity Planet

Network access control is critical for controlling the security of devices that attach to your network. We review nine NAC solutions

Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws


Cisco has issued patches for critical and high-severity vulnerabilities in its Aironet access point devices. IoT Vulnerabilities Web Security access point Aironet Series Cisco Cisco patch controller critical vulnerability Denial of Service remote code execution software flaw Wi-Fi WLAN

What are Identity and Access Management (IAM) solutions?

OpenText Information Management

When it comes to cybersecurity, Identity and Access Management is one of the most important tools available. It’s responsible for delivering exactly the right balance between keeping your data secure and providing access to those who need it.

Modern Identity and Access Management

Data Breach Today

What are the critical questions that need to be addressed by anyone managing identity and access management in a modern enterprise? How do we establish and maintain digital trust without burdening our users? David Duncan of CA Technologies offers answers to these questions

Access 100