2013, Data, Information Security and Security - Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks City of Philadelphia discloses data breach after five months Date of breach: 24 May 2023 ( notice issued 20 October 2023).

Data Privacy

Data Privacy Privacy Security Data breaches

ISO 27001:2022 Has Been Released – What Does It Mean for Your Organisation?

IT Governance

OCTOBER 27, 2022

A new version of ISO 27001 was published this week, introducing several significant changes in the way organisations are expected to manage information security. Annex A of ISO 27001 now refers to the updated information security controls in ISO 27002:2022, and the Standard requires organisations to document and monitor objectives.

IT

IT Information Security Compliance Security

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

Until this month, I'd never heard of People Data Labs (PDL). I'd certainly heard of the sector they operate in - "Data Enrichment" - but I'd never heard of the company itself. i speak at conferences around the world and run workshops on how to build more secure software within organisations.

Data breaches

Data breaches e-Delivery Cloud Information Security

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

The news was reported by the South Korean police on Sunday, the law enforcement also added that the state-sponsored hackers did not steal any sensitive data. The military drill, the Ulchi Freedom Guardian summer exercises , will start on Monday, August 21, 2023 , and will last 11 days. Korean Kimsuky APT targets S.

Military

Military Phishing Government Security

North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Security Affairs

MAY 19, 2024

Kimsuky cyberespionage group (aka Springtail, ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. Troll Stealer supports multiple stealing capabilities, it allows operators to gather files, screenshots, browser data, and system information.

Communications

Communications Government Encryption IT

ISO 27001 training in Birmingham

IT Governance

MARCH 2, 2018

Achieving certification to ISO 27001 demonstrates to existing and potential customers that your organisation has defined and put in place best-practice information security processes. ISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS).

Data breaches

Data breaches GDPR Information Security Compliance

FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships

Hunton Privacy

JUNE 13, 2023

The new Guidance replaces each agency’s existing guidance regarding risk management practices for third-party relationships, including the FRB’s 2013 guidance, the FDIC’s 2008 guidance, and the OCC’s 2013 guidance and 2020 frequently asked questions.

Risk

Risk Insurance Compliance Information Security

StrongPity APT spreads backdoored Android Telegram app via fake Shagle site

Security Affairs

JANUARY 10, 2023

StrongPity APT group has been active since at least 2013, it’s responsible for cyberespionage campaigns against Turkish targets. This is the first time that cybersecurity researchers documented the 11 modules used by the backdoor. ” continues the report. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

Data collection

Data collection Access Communications IT

Average cost of cyber crime rises to £10.3 million

IT Governance

JUNE 3, 2020

There has been a similar jump in the number of incidents organisations experience, with an 11% increase year-on-year and a 67% increase between 2013 and 2018. Besides staff awareness training, you must rely on strict information security policies and hope that employees follow them. Are your employees prepared?

Ransomware

Ransomware Personal data Phishing Risk

Senate Commerce Committee Broadens Data Broker Investigation

Hunton Privacy

SEPTEMBER 27, 2013

On September 25, 2013, Senator Jay Rockefeller (D-WV), Chair of the Senate Committee on Commerce, Science and Transportation, expanded his investigation of the data broker industry by asking twelve popular health and personal finance websites to answer questions about their data collection and sharing practices.

Privacy

Privacy Data collection Sales Personal data

HHS Announces 1.7 Million Dollar Settlement with WellPoint for Potential HIPAA Privacy and Security Rule Violations

Hunton Privacy

JULY 12, 2013

On July 11, 2013, the Department of Health and Human Services (“HHS”) announced a resolution agreement and $1.7 following a security breach that affected over 600,000 individuals. million settlement with WellPoint Inc. In a not-so-subtle hint of OCR’s future intentions, the press release also mentioned that “Beginning Sept.

Privacy

Privacy Security Insurance Access

Hunton Launches Global Privacy Update Webcast Series

Hunton Privacy

AUGUST 27, 2013

As always, the privacy team at Hunton & Williams continues to closely monitor the latest global developments in data protection, privacy and cybersecurity, including progress on the proposed EU General Data Protection Regulation. Please join us on September 19, 2013, at 11:00 a.m.

Privacy

Privacy Cybersecurity Information Security Security

Puerto Rico Health Insurer Reports Record Fine Following PHI Breach Incident

Hunton Privacy

FEBRUARY 24, 2014

Securities and Exchange Commission that its health insurance subsidiary, Triple-S Salud, Inc. million for a data breach that occurred in September 2013. According to the 8-K, Triple S was notified of the pending sanctions on February 11, 2014. Triple S”), which is Puerto Rico’s largest health insurer, will be fined $6.8

Insurance

Insurance Data breaches IT Security

In a Surprising Move, Congress Passes Four Cybersecurity Bills

Hunton Privacy

DECEMBER 12, 2014

On December 11, the House passed Senate legislation codifying DHS’s National Cybersecurity and Communications Integration Center (“NCCIC”) making it the central hub for public-private information sharing. DHS has been increasingly performing this role already and similar legislation passed the House of Representatives in April 2013.

Cybersecurity

Cybersecurity Information Security Government Data breaches

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. As is now traditional, I’ve installed myself in the porter’s chair next to the fire in the library, ready to recap some of the year’s more newsworthy information security events.

Data breaches

Data breaches Personal data Access GDPR

Anti-Debugging Techniques from a Complex Visual Basic Packer

Security Affairs

JULY 17, 2019

It has been in continuous development at least since 2013 and the malware authors behind Hawkeye have improved the malware service adding new capabilities and techniques. Figure 11: Malicious resource retrieving routine. This is only the starting point: it retrieves all sensitive data and login data from a large list of browsers.

Passwords

Passwords Encryption IT Sales

South Africa’s Protection of Personal Information Act, 2013, Goes into Effect July 1

Hunton Privacy

JUNE 29, 2020

Zeyn Bhyat of ENSafrica reports that on June 22, 2020, it was announced that South Africa’s comprehensive privacy law known as the Protection of Personal Information Act, 2013 (the “POPIA”) will become effective on July 1, 2020. Accountability: This condition requires that all processing of data occurs in compliance with POPIA.

Compliance

Compliance Privacy GDPR Personal data

Supreme Court Finds Lack of Standing to Challenge Foreign Intelligence Surveillance Act

Hunton Privacy

MARCH 1, 2013

On February 26, 2013, the United States Supreme Court decided in Clapper v. Following the attacks on 9/11, President George W. Bush authorized the National Security Agency (“NSA”) to conduct warrantless wiretapping in cases where one party to a telephone or electronic communication was located outside the U.S.

Communications

Communications Data breaches Privacy Government

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security enthusiast and Linux evangelist Binni Shah consistently offers valuable tutorials, guides, and insights for the cybersecurity community. Binni Shah | @binitamshah.

Cybersecurity

Cybersecurity e-Discovery Passwords Information Security

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

Security Affairs

MARCH 6, 2019

On April 7th, 2013, for instance, the most successful attack executed by Anonymous group using data leakage and DoS conditions against a huge number of Israeli websites was noted. According to media (see this link ), since the attack in 2013, the number of participants and supporters is decreasing. An Israeli website nagish[.]co[.]il

Ransomware

Ransomware Encryption Archiving Access

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

Security Affairs

MARCH 6, 2019

On April 7th, 2013, for instance, the most successful attack executed by Anonymous group using data leakage and DoS conditions against a huge number of Israeli websites was noted. According to media (see this link ), since the attack in 2013, the number of participants and supporters is decreasing. An Israeli website nagish[.]co[.]il

Ransomware

Ransomware Encryption Archiving Access

Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

The Week in Cyber Security and Data Privacy: 16–22 October 2023

Trending Sources

ISO 27001:2022 Has Been Released – What Does It Mean for Your Organisation?

Data Enrichment, People Data Labs and Another 622M Email Addresses

N. Korean Kimsuky APT targets S. Korea-US military exercises

North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

ISO 27001 training in Birmingham

FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships

StrongPity APT spreads backdoored Android Telegram app via fake Shagle site

Average cost of cyber crime rises to £10.3 million

Senate Commerce Committee Broadens Data Broker Investigation

HHS Announces 1.7 Million Dollar Settlement with WellPoint for Potential HIPAA Privacy and Security Rule Violations

Hunton Launches Global Privacy Update Webcast Series

Puerto Rico Health Insurer Reports Record Fine Following PHI Breach Incident

In a Surprising Move, Congress Passes Four Cybersecurity Bills

Weekly podcast: 2018 end-of-year roundup

Anti-Debugging Techniques from a Complex Visual Basic Packer

South Africa’s Protection of Personal Information Act, 2013, Goes into Effect July 1

Supreme Court Finds Lack of Standing to Challenge Foreign Intelligence Surveillance Act

Top Cybersecurity Accounts to Follow on Twitter

Top Cybersecurity Startups to Watch in 2022

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

Stay Connected