Mon.Jul 08, 2019

British Airways Faces Record-Setting $230 Million GDPR Fine

Data Breach Today

GDPR 242

Who’s Behind the GandCrab Ransomware?

Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims.

IAM's Role in the Pharmaceutical Sector

Data Breach Today

Sandy Dalal of Allergan on Achieving Security Stability Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how identity and access management, along with zero trust, are bringing security stability

Pwned Passwords, Version 5

Troy Hunt

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. This wasn't so much an original work on my behalf as it was a consolidation of advice from the likes of NIST, the NCSC and Microsoft about how we should be doing authentication today.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Canonical Investigating Hack of Its GitHub Page

Data Breach Today

Company Says Ubuntu Linux Source Code Remains Safe Canonical Ltd., a British company that offers commercial support and services for the popular Ubuntu Linux open source operating system, is investigating a hack of its GitHub page over the weekend.

IT 200

More Trending

Breach Impact on the CISO

Data Breach Today

Attorney Aravind Swaminathan on Executives Being Held Personally Accountable for Breaches Increasingly, regulators are looking to hold individual executives accountable for data breaches. This is where attorney Aravind Swaminathan steps in to represent security leaders in legal actions.

Cyberattack shuts down La Porte County government systems

Security Affairs

Government computer systems at La Porte County, Indiana, were shut down after a cyber attack hit them on July 6. Experts believe it was a ransomware attack. On July 6, a cyber attack brought down government computer systems atLa Porte County, Indiana.

Open Source Genomic Analysis Software Flaw Patched

Data Breach Today

Do Data Integrity Security Concerns Pose Potential Patient Safety Worries? A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions.

Backdoor mechanism found in Ruby strong_password library

Security Affairs

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Blockchain Revisited: How Can It Reduce Fraud?

Data Breach Today

Microsoft's David Houlding on Use Cases and Lessons Learned Critics say blockchain is a technology looking for a purpose, but Microsoft's David Houlding says organizations are using blockchain today to validate identities and to help prevent fraud. He shares use cases and emerging best practices

Most databases will have moved to the cloud by 2022, says Gartner

Information Management Resources

By 2022, 75 percent of all databases will be deployed or migrated to a cloud platform, with only 5 percent ever considered for repatriation to on-premises, the research firm says. Cloud computing Database management Data management

Cloud 123

Securing Connected Medical Devices

Data Breach Today

Safi Oranski of CyberMDX Says to Secure Them, First You Have to Find Them A major challenge in ensuring medical device security is tracking all of these devices, says Safi Oranski of CyberMDX, who offers a review of other critical issues

UK ICO fines British Airways £183 Million under GDPR over 2018 security breach

Security Affairs

The UK Information Commissioner’s Office (ICO) fined British Airways with £183 million for failing to protect its customers’ data during last year’s security breach.

GDPR 83

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

HSBC Whistleblower on 'Too Big to Jail'

Data Breach Today

Everett Stern Reflects on Fallout From Money Laundering Case HSBC paid a record $1.92 billion fine for money laundering violations in 2012. But no one ever went to jail for the crimes. Whistleblower Everett Stern discusses lessons learned from the case and the concept of "too big to jail

159
159

Cardiac Biometric

Schneier on Security

IT 83

CISO Tackles the Accidental Insider Threat

Data Breach Today

Anne-Marie Scollay of Axiom Law Focuses on the Human Factor For years, security leaders focused primarily on malicious insiders - those who intend to do harm to an organization. But CISOs are increasingly concerned about the accidental insider.

Experts uncovered a new Magecart campaign that hacked over 960 stores

Security Affairs

Security experts have uncovered a Magecart large-scale payment card skimming campaign that compromised 962 online stores based on Magento.

CMS 80

CISO Notebook: Third-Party Risk

Data Breach Today

Cris Ewell of UW Medicine on Managing Vendor Risks Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk

Risk 154

Spotting RATs: Delphi wrapper makes the analysis harder

Security Affairs

Experts observed an increase of the malware spreading using less-known archive types as dropper,in particular ISO image.Delphi wrapper makes analysis harder. Introduction.

GE Aviation Passwords, Source Code Exposed in Open Jenkins Server

Threatpost

A DNS misconfiguration resulted in an open Jenkins server being available to all. Critical Infrastructure Web Security data exposure DNS dns misconfiguration GE ge aviation Jenkins server open server

Ransomware Recovery Firms Who Secretly Pay Hackers

Schneier on Security

ProPublica is reporting on companies that pretend to recover data locked up by ransomware, but just secretly pay the hackers and then mark up the cost to the victims. fraud hacking ransomware

Australian federal police accessed journalists' metadata 58 times in a year

The Guardian Data Protection

MPs are examining impact of national security laws on freedom of the press The Australian federal police has revealed it accessed the metadata of journalists 58 times in the 2017-18 financial year.

Android App Publishers Won't Take 'No' for an Answer on Personal Data

Dark Reading

Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission

Data 104

Post-Data Breach, British Airways Slapped With Record $230M Fine

Threatpost

A proposed $230 million fine on British Airways after a data breach would be the biggest GDPR penalty yet. Breach Privacy British Airways data breach data breach fine Data Privacy GDPR general data protection restrictions

7 Hot Cybersecurity Trends to Be Highlighted at Black Hat

Dark Reading

Just some of the research and ideas worth checking out at this year's 'security summer camp

Trends 104

How to unlock enterprise-wide value from data and analytics

Information Management Resources

Organizations need to organize data and analytics teams to reflect their big-picture goals. Data management Analytics Data science

Britain Looks to Levy Record GDPR Fine Against British Airways

Dark Reading

The penalty is a sign of things to come, say experts

GDPR 101

Documentation required by ISO 27001

IT Governance

Organisations seeking ISO 27001 compliance must prove their compliance with the Standard by completing appropriate documents. List of documents required for ISO 27001 compliance. The scope of the ISMS. Information security policy. Information security risk assessment process.

Smash-and-Grab Crime Threatens Enterprise Security

Dark Reading

Getting your company smartphone or laptop stolen from your car isn't just a hassle; it can have large regulatory ramifications, too. Visibility is the answer

BA faces £183m fine over passenger data breach

The Guardian Data Protection

ICO says personal data of 500,000 customers was stolen from website and mobile app British Airways is to be fined more than £183m by the Information Commissioner’s Office after hackers stole the personal data of half a million of the airline’s customers.

Declare Your Independence From Spreadsheets

Perficient Data & Analytics

What is important to you? That is an important question and your answer(s) to it usually defines how you live your life. But what about “What is important to you professionally in your career?” Do the answers to that question define how you work, where you work, and what you do with your work?