2009, Data, Information Security and Security - Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. SocksEscort began in 2009 as “ super-socks[.]com Image: Lumen’s Black Lotus Labs.

Analytics

Analytics Passwords Systems administration Retail

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

The Last Watchdog

AUGUST 1, 2023

1, 2023– AppViewX , a leader in automated machine identity management (MIM) and application infrastructure security, today announced the results of a research study conducted by Enterprise Management Associates (EMA) on SSL/TLS Certificate Security. New York, NY, Aug.

Risk

Risk Compliance Security Information Security

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web In early October, Resecurity’s HUNTER (HUMINT) unit identified hundreds of millions of personally identifiable information (PII) records belonging to Indian residents, including Aadhaar cards, being offered for sale on the Dark Web. With roughly 1.4

Sales

Sales e-Discovery Data breaches Risk

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

billion entries of passwords, which have presumably been combined from previous data leaks and breaches. To check whether your password is part of this gigantic leak, head over to the CyberNews personal data leak checker or our leaked password checker , where we are currently uploading the password entries from the RockYou2021 compilation.

Passwords

Passwords Data breaches Personal data Phishing

French DPA Releases New Guidance on Personal Data Security

Hunton Privacy

OCTOBER 11, 2010

On October 7, 2010, the French Data Protection Authority (the “CNIL”) released its first comprehensive handbook on the security of personal data (the “Guidance”). The Guidance provides general recommendations and best practices aimed at assisting data controllers with the implementation of appropriate security measures.

Personal data

Personal data Security Encryption Archiving

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. com /cms/ wp -content/uploads/2015/12/. The RAT leverages a reverse P2P plug-in as a C2 Connection Proxy. Pierluigi Paganini.

CMS

CMS File names Encryption Access

Third Circuit Holds Data Breach Plaintiffs Lack Standing

Hunton Privacy

JANUARY 20, 2012

On December 12, 2011, the United States Court of Appeals for the Third Circuit affirmed a decision that employees of Ceridian Corporation’s (“Ceridian’s”) customers did not have standing to sue Ceridian after the payroll processing firm suffered a data breach.

Data breaches

Data breaches Privacy Information Security Risk

White House Releases Cybersecurity Legislative Proposal

Hunton Privacy

MAY 13, 2011

On May 12, 2011, the White House released the long-expected cybersecurity legislative proposal in response to the need to protect Americans from cyber threats. Data Breach Notification – These provisions would establish a national data breach reporting system.

Cybersecurity

Cybersecurity Data breaches Information Security Financial Services

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. As is now traditional, I’ve installed myself in the porter’s chair next to the fire in the library, ready to recap some of the year’s more newsworthy information security events.

Data breaches

Data breaches Personal data Access GDPR

New EU Fundamental Rights Commissioner Reveals Privacy and Data Protection Priorities in the European Union

Hunton Privacy

JANUARY 14, 2010

On January 12, 2010, Ms. Reding revealed her priorities in the field of privacy and data protection. Fundamental rights and data protection will be top of the line” said Ms. Reding, who explained that she intends to incorporate the EU’s data protection rules into a modern and comprehensive legal instrument.

Privacy

Privacy Personal data Access Security

European Parliament Adopts Position on Data Breach Notification Requirement for Telecoms and ISPs

Hunton Privacy

MAY 12, 2009

On May 6, 2009, the proposed amendments to the e-Privacy Directive received a second reading in the European Parliament. In addition to other measures, it will include a definition of “personal data breach” and will introduce a data breach notification requirement.

Data breaches

Data breaches Personal data Privacy Communications

Data Breach: Identity Theft Risk Insufficient to Support Claims

Hunton Privacy

APRIL 13, 2009

The mere increased risk of identity theft following a data breach is sufficient to give the data subjects standing to bring a lawsuit in federal court but, absent actual identity theft or other actual harm, claims against the data owner and its service provider for negligence and breach of contract cannot survive, a federal judge ruled this month.

Data breaches

Data breaches Risk Security IT

EU Commission Issues Recommendation on RFID, Privacy and Data Protection

Hunton Privacy

MAY 13, 2009

On May 12, 2009, the European Commission issued a long-awaited recommendation on the implementation of privacy and data protection principles in applications supported by radio-frequency identification (“RFID”). This principle is, however, subject to exceptions.

Privacy

Privacy Data collection Sales Personal data

Class Action Lawsuit Against Heartland Dismissed

Hunton Privacy

DECEMBER 14, 2009

Securities Litigation , Civ. 12, 2009) recently dismissed a class action lawsuit brought by investors in Heartland, a processor of payment card transactions whose stock value dropped significantly after it suffered a data security breach in which hackers allegedly stole 130 million payment card numbers.

Security

Security Access IT Information Security

Court Finds Allegations of Harm Sufficient to Allow Breach-Related Class Action Suit to Proceed

Hunton Privacy

APRIL 22, 2011

The suit stems from a December 2009 security breach caused by an SQL injection flaw that resulted in the exposure of unencrypted user names and passwords of approximately 32 million RockYou users. RockYou”), a publisher and developer of applications used on popular social media sites.

e-Discovery

e-Discovery Privacy Passwords Security

Maine Enacts Comprehensive New Law Restricting Marketing to Minors

Hunton Privacy

AUGUST 14, 2009

On September 12, 2009, Maine’s Act to Prevent Predatory Marketing Practices Against Minors (the “Act”) will take effect. The Act prohibits businesses from knowingly collecting or receiving a minor’s health-related information or personal information for marketing purposes without first obtaining verifiable parental consent.

Marketing

Marketing Data collection Information Security Privacy

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security enthusiast and Linux evangelist Binni Shah consistently offers valuable tutorials, guides, and insights for the cybersecurity community. Binni Shah | @binitamshah.

Cybersecurity

Cybersecurity e-Discovery Passwords Information Security

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Beazley also reported that SMBs, which tend to spend less on information security, were at a higher risk of being hit by ransomware than larger firms, and that the healthcare sector was hardest hit by ransomware attacks, followed by financial institutions and professional services. Best security practices are a must.

Ransomware

Ransomware Access Cybersecurity Insurance

Identity-based Cryptography

Thales Cloud Protection & Licensing

SEPTEMBER 26, 2019

8,9]) combines signature and encryption in a secure way, providing efficient joint authentication and encryption. Revocable IBE [12] provides a scalable revocation method. Suppose a user Alice works at Thales e-Security in Cambridge. Thales can serve as a root PKG and generate low-level private keys for Thales e-Security.

e-Delivery

e-Delivery Encryption Authentication Government

Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Who and What is Behind the Malware Proxy Service SocksEscort?

Trending Sources

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

French DPA Releases New Guidance on Personal Data Security

Dacls RAT, the first Lazarus malware that targets Linux devices

Third Circuit Holds Data Breach Plaintiffs Lack Standing

White House Releases Cybersecurity Legislative Proposal

Weekly podcast: 2018 end-of-year roundup

New EU Fundamental Rights Commissioner Reveals Privacy and Data Protection Priorities in the European Union

European Parliament Adopts Position on Data Breach Notification Requirement for Telecoms and ISPs

Data Breach: Identity Theft Risk Insufficient to Support Claims

EU Commission Issues Recommendation on RFID, Privacy and Data Protection

Class Action Lawsuit Against Heartland Dismissed

Court Finds Allegations of Harm Sufficient to Allow Breach-Related Class Action Suit to Proceed

Maine Enacts Comprehensive New Law Restricting Marketing to Minors

Top Cybersecurity Accounts to Follow on Twitter

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

Identity-based Cryptography

Stay Connected