FRANCE: CNIL publishes initial analysis on Blockchain and GDPR

DLA Piper Privacy Matters

Encrypted data. This is why the CNIL strongly recommends the use of encryption in order to come as close as possible to ensuring an effective exercise of the data subjects’ rights. Although this is a preliminary analysis of the CNIL, it is certainly interesting to know its position on this topic, and to see that its approach is rather pragmatic and takes into account the constraints imposed by the Blockchain technology. By Denise Lebeau-Marianna and Caroline Chancé.

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. ” continues the analysis.

Mining 110

The Long Run of Shade Ransomware

Security Affairs

Technical analysis. This file acts as downloader in the infection chain, using a series of hard-coded server addresses, It heavily rely on obfuscation and encryption to avoid the antimalware detection. Shade encrypts all the user files using an AES encryption scheme.

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

The Last Watchdog

One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. The main difference between the two is organization and analysis. For structured data, users can run simple analysis tools, i.e., content searches, to find what they need. But with no orderly internal framework, unstructured data defies data mining tools. Ransomware “is encrypting files, unstructured data.”

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. ” reads the analysis published by Trend Micro.

Mining 112

Ransomware, Trojan and Miner together against “PIK-Group”

Security Affairs

For example, after encryption, the file “1.jpg” might have an appearance similar to this example: “hmv8IGQE5oYCLEd2IS3wZQ==.135DB21A6CE65DAEFE26.crypted000007”. According to zcashnetwork the attacker’s wallet received from mining activity 4.89

Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer

Security Affairs

” reads the analysis published by Kaspersky. ” continues the analysis. “Even the data with the encrypted payload is stored inside this code section.

Mining 111

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

Security Affairs

DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns). We named this botnet “Black” due to the RC4 key value, “black”, that is used for traffic encryption in this botnet.” ” reads the analysis published by Checkpoint security.

Underminer Exploit Kit spreading Bootkits and cryptocurrency miners

Security Affairs

” reads the analysis published by TrendMicro. “Underminer delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency-mining malware named Hidden Mellifera.”

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

” reads the analysis published by Avast. “Unlike the aforementioned IoT botnets, this one tries to be more stealthy and persistent once the device is compromised, and it does not (yet) do the usual stuff a botnet does like DDOS , attacking all the devices connected to the internet, or, of course, mining cryptocurrencies.” ” continues the analysis. At the time of the analysis, Telnet is the only vector used by the bot to compromise other devices.

IoT 86

Forget C-I-A, Availability Is King

The Falcon's View

In the first case you quickly go down the data governance path (inclusive of data security), which must factor in requirements for control, retention, protection (including encryption), and masking/redaction, to name a few things. Consider, if you will, a cloud resource being compromised in order to run cryptocurrency mining.

What Is Our Professional Future?

Brandeis Records Manager

Massive information analysis, tagging, metadata assignment, and classification are a few of those roles that smart machines, once trained, may cover completely: many on the legal side of our profession have already experienced this through technology-assisted review. The “public ledger” role and “smart contract” applications of blockchain already in existence sound suspiciously familiar to our turf, and they’re handled by encryption keys and code, not by people. George Despres, CRM.

10 Personal Finance Lessons for Technology Professionals

Troy Hunt

Number 1 is "Mining, Resources & Energy" which had a local boom here but is now rapidly declining (down 14% on the previous year). Take mining out of the picture and the top industry ("Consulting & Strategy"), pays only 5% more than tech. Patience. Frugality. Sacrifice.