IT Governance

FEBRUARY 21, 2019

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Each password manager also attempted to scrub secrets from memory.

Passwords 76

Passwords Data breaches Retail Government 76

Thales Cloud Protection & Licensing

NOVEMBER 22, 2017

This year is expected to see similarly high numbers which is paralleled by increasing retailer anxiety about the state of their cybersecurity. In fact, according to our recent survey of retailers , 88% feel vulnerable to data threats. Almost 1 million visited physical stores. Happy (and safe!) holiday shopping.

Risk 90

Risk Retail Digital transformation Authentication 90

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Security Affairs

NOVEMBER 15, 2020

Retail giant The North Face has reset the passwords for some of its customers in response to a successful credential stuffing attack. Outdoor retail giant The North Face has forced a password reset for a number of its customers following a successful credential stuffing attack that took place on October 8th and 9th.

Passwords 115

Passwords Retail Data breaches Access 115

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. In addition, 95 percent of survey respondents confirmed that they are extremely to moderately concerned about public cloud security. What is cloud security?

Cloud 129

Cloud Security Encryption Risk 129

IT Governance

JANUARY 9, 2020

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year. Our predictions. How should you prepare?

Security 98

Security IoT Phishing Ransomware 98

IT Governance

FEBRUARY 28, 2019

This week, we discuss ICANN’s warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers’ responses to recent research into security flaws, and the European Data Protection Supervisor’s annual report for 2018. We often talk about the perils of password reuse.

Passwords 73

Passwords GDPR Retail Government 73

Security Affairs

JUNE 17, 2021

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database. If you bought any Cosmolog Kozmetik or Marketlog products, you might be at risk.

Data breaches 105

Data breaches Retail Privacy Sales 105

IT Governance

OCTOBER 26, 2021

Welcome to our third quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. In this article, you’ll find an overview of the cyber security landscape from the past three months, including the latest statistics and our observations.

Data breaches 130

Data breaches Retail Government Ransomware 130

Krebs on Security

FEBRUARY 1, 2024

In a SIM-swapping attack, the crooks transfer the target’s phone number to a device they control, allowing them to intercept any text messages or phone calls sent to the victim, including one-time passcodes for authentication or password reset links sent via SMS. That group has been blamed for a string of cyber intrusions at major U.S.

Blockchain 233

Blockchain Ransomware Retail Analytics 233

The Last Watchdog

APRIL 10, 2019

I had the chance at RSA 2019 to discuss this war of attrition with Will LaSala, director of security services and security evangelist at OneSpan, a Chicago-based provider of anti-fraud, e-signature and digital identity solutions to 2,000 banks worldwide. Key takeaways: Shifting risks. That’s finally advanced.

Artificial Intelligence 147

Artificial Intelligence Risk Passwords Analytics 147

Data Matters

JUNE 3, 2019

The SEC’s Office of Compliance Inspections and Examinations (OCIE) released two Risk Alerts, on April 16, 2019 and May 23, 2019, highlighting the importance of privacy and cybersecurity compliance for SEC-registered investment advisors and broker-dealers under Regulation S-P. April 16 Risk Alert – Privacy Notices and Safeguard Policies.

Risk 68

Risk Privacy Cybersecurity Compliance 68

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Browse online using secure networks. Do your research.

Retail 97

Retail e-Delivery Passwords Phishing 97

Security Affairs

NOVEMBER 25, 2021

In this period netizens hope to take advantage of online bargains and are more active online, for this reason they are more exposed to the risk of scams. Be wary of online retailers who use a free email service instead of a company email address. Use safe passwords or pass phrases. Pierluigi Paganini.

e-Delivery 125

e-Delivery Passwords Retail Phishing 125

The Security Ledger

JANUARY 8, 2021

In this episode of the podcast (#199), sponsored by LastPass, we talk with Sareth Ben of Securonix about how massive layoffs that have resulted from the COVID pandemic put organizations at far greater risk of data theft. Also: COVID’s Lasting Security Lessons Episode 198: Must Hear Interviews from 2020. Read the whole entry. »

Passwords 52

Passwords Marketing Risk Retail 52

IT Governance

JANUARY 9, 2023

Welcome to our review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly lists of data breaches and cyber attacks. IT Governance discovered 1,063 security incidents in 2022, which accounted for 480,014,323 breached records. decrease in security incidents compared to 2021 (1,243).

Data breaches 126

Data breaches Ransomware Government Passwords 126

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing 73

Phishing Retail Financial Services Data breaches 73

The Security Ledger

SEPTEMBER 14, 2022

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.”. The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass appeared first on The Security Ledger with Paul F. Software is eating security, too!

Cloud 52

Cloud Passwords Retail Business Services 52

IT Governance

MAY 7, 2024

This week, it turns out at least 191 further Australian organisations, including government entities, were affected by this breach, highlighting the risks of supply chain attacks. Source (New) Construction USA Yes 489 ClearVision Optical Source (New) Retail USA Yes 261 Symphony Financial, LLC. Data breached: 395 GB.

Data breaches 59

Data breaches Education Manufacturing Retail 59

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. Passwords can be found in p roduct documentation and compiled lists available on the Internet.”

Access 78

Access Passwords Risk Retail 78

Troy Hunt

MARCH 27, 2018

Recently, I've witnessed a couple of incidents which have caused me to question some pretty fundamental security basics with our local Aussie telcos, specifically Telstra and Optus. You know, the same password people give their bank.) pic.twitter.com/KiaGNKhaig — Troy Hunt (@troyhunt) March 1, 2018.

Security 62

Security Passwords Authentication Mining 62

IT Governance

JUNE 21, 2023

According to a Digital Guardian report , 90% of data breaches are caused by phishing, while Venari Security found that organisations lose approximately $181 (£150) for each piece of personal information stolen in online scams. In this example, seen by MailGuard , the message appears to be a security alert from Netflix.

Phishing 52

Phishing Passwords Authentication Data breaches 52

IT Governance

OCTOBER 19, 2022

Welcome to our third quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. In this article, you’ll find an overview of the cyber security landscape from the past three months, including the latest statistics and our observations.

Data breaches 116

Data breaches Ransomware Phishing Government 116

Hunton Privacy

OCTOBER 13, 2016

A recent study from the National Institute of Standards and Technology (“NIST”) warns that an overabundance of computer security measures might actually lead users to engage in “risky computing behavior at work and in their personal lives.”. design for consistent decision making whenever possible.

Security 40

Security Passwords Retail Risk 40

IT Governance

APRIL 12, 2022

Welcome to our first quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. In this article, you’ll find an overview of the cyber security landscape from the past three months, including the latest statistics and our observations.

Data breaches 115

Data breaches Ransomware Government Retail 115

IT Governance

JULY 11, 2022

Welcome to our second quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. In this article, you’ll find an overview of the cyber security landscape from the past three months, including the latest statistics and our observations.

Data breaches 105

Data breaches Ransomware Phishing Government 105

IT Governance

JULY 13, 2021

Welcome to our second quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. In this blog, we provide an overview of the security landscape in the past three months, and look at key statistics and observations.

Data breaches 98

Data breaches Retail Ransomware Government 98

Security Affairs

OCTOBER 9, 2020

Leaked data included names, e-mail addresses, passwords, locations and phone numbers of 1,351 U.S. The KHS breached a database of a US retailer was able to identify the records belonging to military and government personnel. The post Hacker who helped the ISIS will remain in US prison appeared first on Security Affairs.

Military 88

Military Government Retail Risk 88

KnowBe4

DECEMBER 6, 2022

Live Demo] Ridiculously Easy Security Awareness Training and Phishing. Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET) , for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Vet, manage and monitor your third-party vendors' security risk requirements.

Security awareness 88

Security awareness Phishing Risk Insurance 88

IT Governance

NOVEMBER 22, 2018

According to The Register , the online retail giant emailed affected customers on Tuesday, unapologetically saying: Hello, We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. If successful this could have put thousands of people at risk of fraud.”.

Data breaches 96

Data breaches Personal data Passwords Encryption 96

IT Governance

DECEMBER 1, 2017

Retailers are the most affected , but lax security over Christmas is a problem for all organisations. Inexperienced or underfunded organisations often install routers, switches and other networking gear without involving anyone who understands the security ramifications of each device. Weak passwords.

Passwords 63

Passwords Phishing Data breaches Retail 63

Adam Levin

NOVEMBER 25, 2020

This presents a set of challenges for IT professionals, with 36.6% of those surveyed listing poorly secured personal and network devices as being their primary concern with a remote workforce. Follow these tips to keep your online holiday shopping secure: Avoid clicking on links in marketing emails and social media posts.

Cybersecurity 76

Cybersecurity Retail Phishing Sales 76

DLA Piper Privacy Matters

AUGUST 12, 2020

On 28 July 2020, the French Supervisory Authority (the “CNIL”) sanctioned the online shoes retail company, SPARTOO SAS, by a €250,000 fine and an injunction to comply with GDPR within 3 months under penalty for various non-compliances with the GDPR of the personal data processing related to clients, prospects and employees [1].

GDPR 93

GDPR Personal data Compliance Passwords 93

The Security Ledger

JULY 26, 2018

In this Spotlight Podcast, sponsored by Trusted Computing Group*, Dennis Mattoon of Microsoft Research gives us the low-down on DICE: the Device Identifier Composition Engine Architectures, which provides a means of solving a range of security and identity problems on low cost, low power IoT endpoints. Among them: establishing strong device.

IoT 40

IoT Security Military Retail 40

IT Governance

APRIL 12, 2023

Welcome to our first quarterly review of security incidents for 2023, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. In this article, you’ll find an overview of the cyber security landscape from the past three months, including the latest statistics and our observations.

Data breaches 59

Data breaches Ransomware Government Encryption 59

IT Governance

OCTOBER 26, 2018

No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised”. Cathay took action by involving the relevant authorities, bringing in external expertise from a cyber security company and strengthening its IT security measures. Containing the breach. Win the war against data breaches.

Data breaches 81

Data breaches Personal data Passwords GDPR 81

Hunton Privacy

JUNE 4, 2019

Section 10 of PIPA requires any government agency, public and private university, publicly or privately held corporation, financial institution or retail operator that handles, collects, disseminates, or otherwise deals with non-public personal information to notify affected Illinois residents following a data breach.

Retail 52

Retail Data breaches Passwords Risk 52