Fri.Feb 08, 2019

Cottage Health Hit With $3 Million HIPAA Settlement

Data Breach Today

Latest in a Series of Substantial HHS Penalties for Violations Federal regulators have hit a California-based healthcare provider with a $3 million HIPAA settlement related to two breaches involving misconfigured IT. It's the latest in a recent series of hefty penalties issued in HIPAA cases

IT 247

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

Krebs on Security

A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week.

Apple Update: Drop Everything and Patch iOS

Data Breach Today

Zero Days Being Exploited; Apple Contributes to 'FacePalm' Bug Finder's Tuition Apple has issued an iOS update that patches two flaws being exploited in the wild by attackers as well as the "FalmPalm" bug in Group FaceTime.

Groups 218

Hackers broke into Australia’s Parliament Computer Network

Security Affairs

Australia’s parliament confirmed that is investigating a suspicious security incident that affected its computer network. Australia announced an ongoing investigation on unspecified ‘security incident’ in the federal parliament’s computer network.

Hack Attack Breaches Australian Parliament Network

Data Breach Today

No Signs of Data Theft; Password Resets Ordered Hackers have breached the Australian Parliament's network, although investigators say they have found no evidence that attackers stole any data.

Phishing campaign leverages Google Translate as camouflage

Security Affairs

Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials.

More Trending

Vulnerabilities in Kunbus Industrial Gateway allows to control the devices

Security Affairs

Security of Industrial system is a top priority, experts found multiple serious flaws in a gateway made by Kunbus that could allow to completely control a device.

GDPR: more popular than Beyoncé or Kim Kardashian

IT Governance

Fame is a fickle mistress. One minute your popularity seems insurmountable, you’re riding the crest of public opinion, you can gain the world’s attention with the slightest of efforts and everyone seems interested in your every utterance.

GDPR 78

NITEC19 – NATO Opens Defense Innovation Challenge calls for C4ISR solutions

Security Affairs

The NATO Communications and Information Agency (NCI) announced the opening of the fourth annual Defense Innovation Challenge (NITEC19) to start-ups, SMEs and academia.

Up to 4,000 affected by Mumsnet data breach

IT Governance

Mumsnet has disclosed a data breach that occurred during a software update between 5-7 February. A technical error meant that users who logged on simultaneously were directed to someone else’s account. .

Three out of the four flaws fixed with iOS 12.1.4 were exploited in the wild

Security Affairs

Security experts at Google discovered that two of the zero-day vulnerabilities patched by Apple with the release of iOS 12.1.4 were exploited in the wild. Security researchers at Google revealed that two of the zero-day flaws addressed by Apple with the release of iOS 12.1.4 were exploited in the wild. Apple iOS 12.1.4

Twitter Still Can't Keep Up With Its Flood of Junk Accounts, Study Finds

WIRED Threat Level

Meanwhile, two Iowa researchers built an AI engine they say can spot abusive apps on Twitter months before the service itself. Security

Study 68

Weekly Update 125

Troy Hunt

I'm back home! It was an amazing trip in many ways, not least of which was the time it gave both Scott and myself to reflect on workload and managing lives which can be a bit of a never-ending series of commitments.

Data security is everyone’s responsibility

Thales Data Security

This year, we’ve written about what the future holds in terms digital transformations and new and exciting technologies. We’ve also addressed what key executives, especially CISOs, should be thinking about as data moves and is accessed across their organizations.

Friday Squid Blogging: The Hawaiian Bobtail Squid Genome

Schneier on Security

The Hawaiian Bobtail Squid's genome is half again the size of a human's. Other facts: The Hawaiian bobtail squid has two different symbiotic organs, and researchers were able to show that each of these took different paths in their evolution.

Blog 61

China-Linked APT10 Attacks US, Western Companies

Adam Levin

The Chinese government-linked hacking group APT10 is continuing its campaign against US and European businesses with increasingly sophisticated tactics and strategies, warn officials from the Department of Homeland Security.

Everything you need to know about DPOs under the GDPR

IT Governance

We recently claimed that DPOs (data protection officers) are “ the key to data breach response ”, but you could argue that they are the key to GDPR (General Data Protection Regulation) compliance in general.

GDPR 58

New Zombie 'POODLE' Attack Bred From TLS Flaw

Dark Reading

Citrix issues update for encryption weakness dogging the popular security protocol

Meet Perficient’s Chief Strategists: Christine Livingston

Perficient Data & Analytics

Thrilling our clients with innovation and impact – it’s not just rhetoric. This belief is instrumental for our clients’ success. Earlier this year we announced the first class of Chief Strategists , who provide vision and leadership to help our clients remain competitive.

Cyberattack Hits Australian Parliament

Dark Reading

Officials believe a nation-state is to blame for the incident, which took place Thursday night into Friday morning

78

AI can boost employee productivity, while souring workplace behavior

Information Management Resources

For all of its hyped benefits, could artificial intelligence bring a toxic atmosphere into the workplace? To some degree, the answer is ‘yes,’ says research firm Gartner. Artificial intelligence Employee relations Machine learning

IT 78

We Need More Transparency in Cybersecurity

Dark Reading

Security has become a stand-alone part of the corporate IT organization. That must stop, and transparency is the way forward

Digital Imaging and Resolution Recommendations

IG Guru

Digital imaging captures all the information in photographic originals. Read on for some guidelines on making the best digitization choices, always with the ultimate usage of the images in mind.

52

Cybersecurity Simulation Tools Don't Inspire Confidence: eSecurity Planet Survey

eSecurity Planet

Organizations are most confident in network-level security tools, while newer technologies have been met with mixed acceptance

Malware Campaign Hides Ransomware in Super Mario Wrapper

Dark Reading

A newly discovered malware campaign uses steganography to hide GandCrab in a seemingly innocent Mario image

Your Next Move: Security operations center analyst

Information Management Resources

If you are good in a crisis and have the drive to scope out technological crimes and cyber incidents, then being a security operations center analyst could be the right job for you. Data security Career moves Cyber security Career advancement Career planning

6 Reasons to Be Wary of Encryption in Your Enterprise

Dark Reading

Encryption can be critical to data security, but it's not a universal panacea

Best practices for thwarting DNS hijacking attacks

Information Management Resources

The use of multifactor authentication and ongoing monitoring of DNS records are basic security measures all businesses should be taking to protect their data. Data security Cyber security Cyber attacks

A Dog's Life: Dark Reading Caption Contest Winners

Dark Reading

What do a telephony protocol, butt-sniffing, and multifactor authentication have in common? A John Klossner cartoon! And the winners are

Theory: ‘Simple Hack’ Behind Bezos’ Alleged Compromising Images

Threatpost

Researchers theorize how Bezos’ very personal pictures may have been allegedly hacked. Hacks Mobile Security Privacy amazon Gmail HaveIBeenPwned.com Jeff Bezos password reuse

Machine learning could bring big tech to insurance

Information Management Resources

Companies that have vast amounts of data can easily step into the space and start competing with insurers. Here's how to dodge the threat. Machine learning

FireOS Flaw Allowed Limited Content Injection in Amazon Tablets

Threatpost

A vulnerability in FireOS, the Amazon Fire Tablet's operating system, has been patched. Vulnerabilities fireOS kindle kindle fire kindle vulnerability security flaw

Draft CCPA Regulations Expected Fall 2019

Hunton Privacy

As we previously reported , the California Consumer Privacy Act of 2018 (“CCPA”) delays the California Attorney General’s enforcement of the CCPA until six months after publication of the Attorney General’s implementing regulations, or July 1, 2020, whichever comes first. The California Department of Justice anticipates publishing a Notice of Proposed Regulatory Action concerning the CCPA in Fall 2019.

Sales 59

How Apple and Jamf are changing retail

Jamf

Read how GOAT, the world's largest digital platform for rare and classic sneakers, streamlines the shopping experience and eliminates 10-15 IT help tickets a day in the process