Orange Business Services hit by Nefilim ransomware operators

Security Affairs

Security researchers at Cyble reported that Nefilim ransomware operators allegedly targeted the mobile network operator Orange. According to Cyble, the hackers claim to have compromised the Orange Business Solutions , a subsidiary of Orange S.A,

GE Employees Lit Up with Sensitive Doc Breach

Threatpost

Breach Hacks Web Security beneficiary info canon business services compromise data breach death certificates disclosure notice divorce email account employees Fraud GE general electric hr documents idnetity theft marriage passports Phishing PIIMarriage, divorce and death certificates, beneficiary info, passports and more were all caught up in an email takeover hack.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Enterprise Cloud Use Continues to Outpace Security

Dark Reading

Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them

CompuCom Expects $28 Million Loss From Cyber Incident

Data Breach Today

reports in a Securities and Exchange Commission 8-K filing that it has suffered a loss of about $28 million due to a March 1 cyber incident at its business services and supplies subsidiary, CompuCom, that forced the company to shut down some of its operations

4 Risk Mitigation Principles for the Remote Workforce

Data Breach Today

Jeff Schilling of Teleperformance on Risk Management During COVID-19 Pandemic Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.

Risk 158

10 things you must do to become cyber secure

IT Governance

One of the most trusted resources is the NCSC’s (National Cyber Security Centre) ten-step guide. For any cyber security strategy to be effective, it needs to be supported by senior managers and applied across the whole organisation. After all, it’s no use having the IT department securing systems if no one else in the organisation does their part. A risk management regime is a top-level framework for addressing security issues. Secure your configurations.

Risk 64

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows PetitPotam vulnerabilities to take over Windows domains.

Security Affairs newsletter Round 273

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 273 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

Sales 76

China issues Personal Information Security Specification

Data Protection Report

On 29 December 2017 the Standardization Administration of China issued an Information Security Technology – Personal Information Security Specification ?GB/T Although the Specification is not a mandatory regulation, it nonetheless has a key implementing role in relation to China’s Cyber Security Law (“Cyber Security Law”) in respect of protecting personal information in China.

Vera to Power Canon Solutions America’s New Security Solutions and Services Strategy

Document Imaging Report

– Canon Solutions America’s Enterprise Services and Solutions group will leverage Vera’s advanced data protection and rights management platform for secure data capture, detailed auditing, and data privacy. — Vera’s data-centric security technology is designed to encrypt customer data in transit, at rest, and in use , helping to protect sensitive information from data loss and damaging breaches. Press Releases Security MFPs MPS

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

Systems at Xchanging, a subsidiary of Global IT services and solutions provider DXC Technology was hit by ransomware over the weekend. Global IT services and solutions provider DXC Technology disclosed a ransomware attack that infected systems at its Xchanging subsidiary.

Port of San Diego hit by a cyber attack a few days after the attack on the Port of Barcelona

Security Affairs

“Additionally, we have reported this disruption to the California Office of Emergency Services (Cal OES) and the County of San Diego Office of Emergency Services. Port employees are currently at work but have limited functionality, which may have temporary impacts on service to the public, especially in the areas of park permits, public records requests, and business services. Security Affairs – Pangu iOS 12 jailbreak, hacking).

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries. orgs with 3 malware appeared first on Security Affairs.

Yahoo! Agrees to Settle Data Breach Class Actions with $50 Million Fund and Credit Monitoring

Hunton Privacy

Customer Data Security Breach Litigation pending in the Northern District of California and the parties in the related litigation pending in California state court filed a motion seeking preliminary approval of a settlement related to breaches of the company’s data. s previously operating business became Oath Holdings Inc. has agreed to enhance its business practices to improve the security of its users’ personal information stored on its databases.

Sales 42

Weekly podcast: banks, Thomas Cook, London cyber court and Facebook

IT Governance

The Bank of England, the PRA (Prudential Regulation Authority) and the FCA (Financial Conduct Authority) have asked the UK’s banks and financial services firms to report on their exposure to operational risks, such as cyber attacks, and explain how they would respond to system failures, such as those recently faced by Visa and TSB. Until next time you can keep up with the latest information security news on our blog. Cyber Security Other Blogs Podcast

FCA Publishes Wholesale Banks and Asset Management Cyber Multi-Firm Review Findings

Data Matters

The review aimed to look more closely at how wholesale banking and asset management firms oversee and manage their cybersecurity, including the extent to which firms identify and mitigate relevant cyber risks and their current capability to respond to and recover from data security incidents. Effectiveness of second line functions in overseeing and managing cyber risks – all relevant areas of the business must have the relevant expertise.

Risk 65

Draft E-Commerce Standards Published for Comment in China

Hunton Privacy

On March 22, 2016, the Ministry of Commerce of the People’s Republic of China published drafts of its proposed (1) Specifications for Business Services in Mobile E-commerce (“Mobile E-commerce Specifications”) and (2) Specifications for Business Services in Cross-border E-commerce (“Cross-border E-commerce Specifications”). Platform service providers also would be responsible for the management of the platform’s data security.

Sales 40

KMIP: The Cure for the Common Key Management Headache

Thales Cloud Protection & Licensing

KMIP provides a standard means of communications between encryption systems and key management services. are taking shape and future releases are expected to deliver expanded security functions. Vormetric Data Security Manager Leverages KMIP. The Vormetric Data Security Manager (DSM) from Thales is a leading solution for centralizing key management. In addition, the DSM is starting to support a number of new business services as well. Data security

Podcast Episode 123: HaveIBeenPwned’s Troy Hunt on Marriott’s Big Mess and GreatHorn on the Asymmetric Threat of Email

The Security Ledger

And: you’ve heard of Business Email Compromise attacks but what about Business Service Impersonation scams? Marriott International acquired more than a chain of hotels when it bought Starwood three years ago: it acquired a whopper of a security compromise. business email compromise email Podcasts APT crime data privacy Government patchingThanks to our friends at GreatHorn for sponsoring this week's podcast.

Improve your data relationships with third parties

Collibra

Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. Data – especially personal data – must be kept safe and secure and be able to be used operationally after an incident.

ALL Data as a Service (DaaS/BDaaS) - EAs in a New Role, as DaaS Enablers

Interactive Information Management

That's where we're headed, inexorably - you'd like to know what's going on with your systems, what your customers or constituents need, or perhaps the latest metrics concerning device utilization trends during business events. Secure & compliant, fast, portable, standardized if necessary, high quality. But most of all, you'd like to pay only for the data and the way it's delivered to you - not for a bunch of information technology products and services, hardware and software.

Digital leaders: Driving pace and scale in a dynamic market, part 5 (technology)

CGI

One of the biggest challenges to becoming a digital business is transitioning from legacy processes and systems to new ways of adopting and managing modern technologies. In our blog series on digital leaders, we’ve been exploring the various areas impacted by digitalization, including the market environment, organizational structures, innovation and business models, and what digital leaders are doing in response. 67% of organizations are applying analytics to optimize the business.

SER’s growth double that of ECM market competition

Document Imaging Report

One reason for the very positive development is SER’s licensing business, which increased by 25% compared to the previous year. Well over half of the customers have had a successful business relationship with the SER Group for 10 or more years now. Leader in development and service. Coinciding with the growth in licensing business, service business has also jumped by over 11%. Pioneer in security.

ECM 40

KnowledgeLake Launches Cloud Capture Service

Document Imaging Report

The capture service has the same features and functions as our on premises software, it’s just running in an Azure data center that we manage. For people who have security questions, we can tell them that Microsoft spends more on security than anybody in the world. We also do our own testing and security audits. The KLake cloud capture service can also release into file shares.

ECM 40

Hunton & Williams and Acxiom to Facilitate Response to UK Government’s Call for Evidence on Current Data Protection Legislation

Hunton Privacy

I believe we have everything to gain from a sensible, proportionate and rights-based data protection framework, and one that works for you as businesses, service-providers and citizens,” said Minister of State for Justice, Lord McNally. Centre for Information Policy Leadership Enforcement European Union International Security Breach Bridget Treacy Information Commissioners Office Richard Thomas United Kingdom

Datacenter Colocation in Northern Virginia for Small, Medium Businesses - Business Requirements and Reasons for Local IT Outsourcing

Interactive Information Management

Colocation of business IT assets (servers, storage, networking) at Washington DC regional and local Datacenters in the Northern Virginia area is big business – and entirely appropriate to consider for small to mid-sized businesses of all shapes and sizes. Your Business Depends on IT You’re a small to medium-sized business in Northern Virginia, the Washington DC metro region – maybe even a larger, regional business, nonprofit or government entity.

Don’t blame ‘The Things’

CGI

The Dedicated Denial of Service (DDoS) attack on a number of popular websites that made the news recently was attributed to hackers utilising the vulnerabilities of home automation products such as sensors, TVs and webcams. In the headlines the event is cited as a further example of the threats posed by the Internet of Things (IoT), a world of interconnected devices capable of sharing data and promising a wealth of new services and products. Don’t blame ‘The Things’.

Open APIs: A coming of age

CGI

Regulations, such as Europe’s revised Payment Services Directive (PSD2) and others, is driving the move toward open APIs in financial services, and this blog explores some of the key technical issues discussed at Sibos. Balancing ease of use versus security. Balancing ease of use versus security is another key technical issue. In addition, as cyber threats continue to increase, the new open API economy needs to be made more secure. Open APIs: A coming of age.