2009, Data, Information Security and Security - Information Management Today

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

The Last Watchdog

AUGUST 1, 2023

1, 2023– AppViewX , a leader in automated machine identity management (MIM) and application infrastructure security, today announced the results of a research study conducted by Enterprise Management Associates (EMA) on SSL/TLS Certificate Security. New York, NY, Aug.

Risk

Risk Compliance Security Information Security

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. The Moody’s report also warned that there are security and privacy vulnerabilities in Aadhaar’s centralized system.

Sales

Sales e-Discovery Data breaches Risk

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

North Korea-linked APT Lazarus targets security researchers using a trojanized pirated version of the popular IDA Pro reverse engineering software. ESET researchers reported that the North Korea-linked Lazarus APT group is targeting cyber security community with a trojanized pirated version of the popular IDA Pro reverse engineering software.

Cybersecurity

Cybersecurity Ransomware Security IT

Sophie Sayer on the IT Governance Partner Programme

IT Governance

FEBRUARY 14, 2024

Tell us a bit about what you do for IT Governance I’ve been head of channel since December 2019, though have worked for the Group since October 2009. In more recent months, we launched the channel partner programme in Europe and America, with training and security testing proving especially popular.

Government

Government IT Sales Data Privacy

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Security Affairs

AUGUST 4, 2022

The presidential office said it would up its monitoring in the face of “hybrid information warfare by external forces” In August 2020, Chinese hackers gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. Follow me on Twitter: @securityaffairs and Facebook.

Government

Government Cloud Cybersecurity Security

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. The report says that hackers stole roughly 500 MB of data related to Mars missions from NASA’s Jet Propulsion Laboratory in Southern California.

IT

IT Data breaches Archiving Education

Weekly podcast: Dixons Carphone, Fashion Nexus, Yale and Alaska

IT Governance

AUGUST 3, 2018

This week, we discuss the 10 million affected by Dixons Carphone’s 2017 data breach, the exposure of hundreds of thousands of clothes shoppers’ details, Yale University’s ten-year old data breach, and a return to typewriters for government workers in Matanuska-Susitna Borough in Anchorage.

Data breaches

Data breaches GDPR Passwords Government

French DPA Releases New Guidance on Personal Data Security

Hunton Privacy

OCTOBER 11, 2010

On October 7, 2010, the French Data Protection Authority (the “CNIL”) released its first comprehensive handbook on the security of personal data (the “Guidance”). The Guidance provides general recommendations and best practices aimed at assisting data controllers with the implementation of appropriate security measures.

Personal data

Personal data Security Encryption Archiving

Security in the finance sector: Whose role is it anyway?

CGI

OCTOBER 25, 2015

Security in the finance sector: Whose role is it anyway? Mon, 10/26/2015 - 01:33. All of this leads one to ask: In the midst of these heightened risks, increasing regulations and digital innovation, whose role is it to make sure that financial and personal data is kept safe? Finance service providers.

IT

IT Security Digital transformation Compliance

Germany Adopts Stricter Data Protection Law – Serious Impact on Business Compliance

Hunton Privacy

JULY 24, 2009

On July 3, 2009, the German Federal Parliament passed comprehensive amendments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009.

Compliance

Compliance Marketing Security Encryption

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. As is now traditional, I’ve installed myself in the porter’s chair next to the fire in the library, ready to recap some of the year’s more newsworthy information security events.

Data breaches

Data breaches Personal data Access GDPR

Vladeck’s Legacy at the FTC

Hunton Privacy

DECEMBER 20, 2012

The news did not come as a surprise — Vladeck had been on leave from Georgetown since 2009. But it does mark a significant milestone in the Commission’s consumer protection work, especially in the area of information privacy and security. He arrived at the Commission saying that he was not afraid to litigate.

Privacy

Privacy Information Security Security IT

EU: New FAQs on Binding Corporate Rules

Hunton Privacy

JUNE 4, 2009

On April 27, 2009, the Article 29 Working Party issued a new working document (WP 155 rev.04) Two new FAQs were adopted: (1) FAQ 10 deals with the relationship between EEA data protection laws and BCRs; and (2) FAQ 11 relates to the reversal of the burden of proof in the context of BCRs.

Personal data

Personal data Compliance Information Security Security

Class Action Lawsuit Against Heartland Dismissed

Hunton Privacy

DECEMBER 14, 2009

Securities Litigation , Civ. 12, 2009) recently dismissed a class action lawsuit brought by investors in Heartland, a processor of payment card transactions whose stock value dropped significantly after it suffered a data security breach in which hackers allegedly stole 130 million payment card numbers. 09-1043 (D.

Security

Security Access IT Information Security

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security enthusiast and Linux evangelist Binni Shah consistently offers valuable tutorials, guides, and insights for the cybersecurity community. Binni Shah | @binitamshah.

Cybersecurity

Cybersecurity e-Discovery Passwords Information Security

Identity-based Cryptography

Thales Cloud Protection & Licensing

SEPTEMBER 26, 2019

out of 5 stars on Chrome web store, 9 out of 10 pairs of participants failed to complete the assigned task of exchanging encrypted emails, i.e. 90% failure rate. 8,9]) combines signature and encryption in a secure way, providing efficient joint authentication and encryption. Suppose a user Alice works at Thales e-Security in Cambridge.

e-Delivery

e-Delivery Encryption Authentication Government

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

For example, in 2009, the Obama administration provided financial incentives to utilities in the United States. Smart Meters provide the data to support a cleaner future, showing how much energy is being used and how much this will cost you. And on the other hand, we're saying security, that's a secondary concern.

Energy and Utilities

Energy and Utilities Computer and Electronics IT Communications

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

and Israel get Stuxnet onto the highly secured Natanz plant? The Dutch intelligence agency AIVD received critical data on the plant by an Iranian engineer that it recruited. “An Iranian engineer recruited by the Dutch intelligence agency AIVD provided critical data that helped the U.S. Security Affairs – Stuxnet, ICS).

Military

Military Manufacturing Access Security

Information Management Today

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Trending Sources

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Sophie Sayer on the IT Governance Partner Programme

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Weekly podcast: Dixons Carphone, Fashion Nexus, Yale and Alaska

French DPA Releases New Guidance on Personal Data Security

Security in the finance sector: Whose role is it anyway?

Germany Adopts Stricter Data Protection Law – Serious Impact on Business Compliance

Weekly podcast: 2018 end-of-year roundup

Vladeck’s Legacy at the FTC

EU: New FAQs on Binding Corporate Rules

Class Action Lawsuit Against Heartland Dismissed

Top Cybersecurity Accounts to Follow on Twitter

Identity-based Cryptography

The Hacker Mind Podcast: Reverse Engineering Smart Meters

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Stay Connected