Mon.Jul 27, 2020

Garmin Confirms Hackers Encrypted Several Systems

Data Breach Today

Navigation and Smartwatch Company Stops Short of Using Term 'Ransomware' Garmin acknowledged Monday that a "cyberattack" that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline.

Business ID Theft Soars Amid COVID Closures

Krebs on Security

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Dave: Mobile Banking App Breach Exposes 3 Million Accounts

Data Breach Today

Hack Blamed on Credentials Stolen via Breach of Third-Party Service Provider Waydev Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud.

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

It took a global pandemic and the death of George Floyd to put deep-seated social inequities, especially systemic racism, front and center for intense public debate. Related: Will ‘blockchain’ lead to more equitable wealth distribution?

IT 198

The Hacker Battle for Home Routers

Data Breach Today

Trend Micro Says Botnet Families Fight for Control of Vulnerable Routers Trend Micro says it has seen increasing attempts to infect home routers for use as proxies and for DDoS attacks.

IT 217

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks.

IoT 95

More Trending

Source code of Cerberus Android Trojan offered for sale for $100,000

Security Affairs

The authors of the Android Cerberus banking trojan are auctioning the project for a price starting at $50,000, with $100K the deal could be immediately closed.

Sales 88

Detecting Payroll Fraud With Data Analytics

Data Breach Today

Data analytics can play a critical role in detecting payroll fraud, says Kelly Paxton, a fraud examiner and private investigator

A Cyberattack on Garmin Disrupted More Than Workouts

WIRED Threat Level

A ransomware hit and subsequent outage caused problems in the company's aviation services, including flight planning and mapping. Security Security / Cyberattacks and Hacks

LifeSpan Health System Hit With $1 Million HIPAA Fine

Data Breach Today

Hefty Penalty After Theft of Unencrypted Laptop Federal regulators have slapped the Rhode Island-based health system LifeSpan with a $1 million HIPAA settlement tied to a 2017 data breach involving the theft of an unencrypted laptop that potentially exposed the data of 20,000 individuals.

Images in Eye Reflections

Schneier on Security

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye , and using that information to establish a location. Reminds me of the image enhancement scene in Blade Runner. That was science fiction, but now image resolution is so good that we have to worry about it

IT 80

CISA: Attackers Are Exploiting F5 BIG-IP Vulnerability

Data Breach Today

Update Follows Warnings About Urgency of Patching CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues.

Stephanie Wagenaar, the problem-solver: Using AI-infused analytics to establish trust

IBM Big Data Hub

Follow @IBMDat a. This story is part of Analytics Heroes, a series of profiles on leaders transforming the future of business analytics

FBI Warns US Firms About Malware in Chinese Tax Software

Data Breach Today

Alert Follows Trustwave Reports on Hidden Backdoors In a private industry alert, the FBI warns U.S. firms of possible malware hidden in tax software the Chinese government requires companies doing business in the nation to use. The warning follows reports by Trustwave about backdoors that can give hackers access to entire networks

Ratings for Open Source Projects Aim to Make Software More Secure

Dark Reading

Two companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source

How to Approach an Office Records Management Overhaul

The Texas Record

Overhauling a records management system can be a daunting task. Understanding what worked previously, what didn’t work, and what new programs to implement are all elements in an office records management overhaul.

Block/Allow: The Changing Face of Hacker Linguistics

Dark Reading

Terms such as "whitelist," "blacklist," "master," and "slave" are being scrutinized again and by a wider range of tech companies than ever before

69

Upgraded agility for the modern enterprise with IBM Cloud Pak for Data

IBM Big Data Hub

Cloud 67

ShinyHunters Offers Stolen Data on Dark Web

Dark Reading

The threat actor offers more than 26 million records from a series of data breaches

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

Threatpost

Attackers are exploiting a high-severity vulnerability in Cisco's network security software products, which is used by Fortune 500 companies. Vulnerabilities Web Security Adaptive Security Appliance (ASA) software Cisco Firepower Threat Defense (FTD) software Network security patch

Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job

Dark Reading

How stolen credentials for services like Zoom and password reuse practices threaten to compromise other accounts and applications

Legendary Help: Modernizing the retail customer experience

Rocket Software

Online shopping has taken off across all industries, and has only been amplified by the recent pandemic. Groceries, clothes, pre-made meals or household supplies—everything you could imagine is accessible now through the click of a button on your computer or phone.

Garmin says many of the systems are returning to operation

Security Affairs

Smartwatch and wearable device maker Garmin announced that its computer networks were coming back after the ransomware attack that took place last week.

Encryption Under ‘Full-Frontal Nuclear Assault’ By U.S. Bills

Threatpost

The U.S. government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement. Government Newsmaker Interviews Videos apple backdoor EARN IT Encryption FBI government Lawful Access to Encrypted Data Act

AN INTERNET ARCHIVE LAWSUIT THREATENS GAMING HISTORY via COG Connected

IG Guru

Check out the post here. The post AN INTERNET ARCHIVE LAWSUIT THREATENS GAMING HISTORY via COG Connected appeared first on IG GURU. Archives Business Information Governance Records Management COG Connected Gaming History

Microsoft Revamps Windows Insider Preview Bug Bounty Program

Threatpost

Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program. Vulnerabilities Web Security bug bounty bug bounty program flaw Microsoft vulnerability Windows windows insider preview

The Best Google Drive Alternatives for Secure Cloud Storage.

OneHub

Google Drive has over one billion users and houses more than two trillion files. While the system proves to be popular, there are certain caveats current and potential users should be aware of.

Cloud 77

Privacy Law Continues to Evolve Down Under: Australia Privacy Act & New South Wales GIPA Act

InfoGoTo

by Cameron Alexander, Consultant, Iron Mountain Professional Services. Following the recently enacted Consumer Data Right law, the landscape of privacy legislation continues to evolve in Australia.

Europe: EDBP issues FAQs on Schrems II – No Grace Period for Privacy Shield Transfers; Case-by-Case Assessments Required to Continue with SCCs

DLA Piper Privacy Matters

On 23 July, the European Data Protection Board issued a set of Frequently Asked Questions with regard to the Schrems II decision of the Court of Justice of the European Union. More information on the Schrems II decision can be found in our Privacy Matters blogpost of 16 July 2020.

EDPB Adopts Information Note on BCRs in Preparation for Brexit

Hunton Privacy

On July 22, 2020, the European Data Protection Board (the “EDPB”) adopted an information note (the “Note”) to assist organizations relying on Binding Corporate Rules (“BCRs”) for international personal data transfers, as well as supervisory authorities, in preparing for the end of the Brexit implementation period on December 31, 2020.

SAMHSA Releases Final 42 CFR Part 2 Revised Rule

Data Matters

On July 13, the Department of Health and Human Services’ Substance Abuse and Mental Health Services (“SAMHSA”) announced final revisions to the Confidentiality of Substance Use Disorder Patient Records regulation codified at 42 CFR Part 2 (so-called “Part 2” regulations).

Schrems II landmark ruling: our recommendations

Data Protection Report

On 16 July 2020, the Court of Justice of the European Union ( CJEU ) published its decision in the landmark case Data Protection Commissioner v Facebook Ireland Ltd, Maximilian Schrems and intervening parties, Case C-311/18 (known as the Schrems II case).

Establishing a solid data foundation to solve the hardest aspects of privacy management

Collibra

In a joint webinar hosted by the International Association of Privacy Professionals (IAPP), Meredith Williams-Range, Chief Knowledge & Client Value Officer at Shearman & Sterling, and Bart Vandekerckhove, Product Manager of Data Privacy at Collibra, spoke about “Using Data Intelligence to Solve the Hardest Aspects of Privacy Management.”

Examining the future of retail bank branches post pandemic

CGI

Examining the future of retail bank branches post pandemic. This CGI blog post discusses the future of the traditional retail bank branch once the COVID 19 pandemic ends. shobana.lv@cgi.com. Mon, 07/27/2020 - 02:20