Hydro with 35,000 employees with smelting plants, factories and offices in 40 countries – globally experienced a ransomware attack since Monday was forced to switch some systems to manual operation. The ransomware used might have been the relatively new and difficult-to-detect strain, dubbed LockerGoga, which criminals use to quickly encrypt computer files, before demanding payment … Read more
Group-IB said it discovered and reported to FILA UK malware known as GMO that was active on the fashion brand’s website for the past four months – and may have sniffed the payment card information of thousands of customers placing online orders through the tainted pages.“Cybercriminals might have injected a malicious code by either exploiting … Read more
Publisher Elsevier has leaked the unencrypted passwords and e-mail addresses of users via an unsecured server. The data was accessible to everyone on the internet. How long the data was online and how many users were affected is still unclear. Security investigator Mossab Hussein discovered Elsevier’s server. It contained unencrypted passwords of users and their … Read more
IMAP (Internet message access protocol) is an authentication protocol enabling an account to be accessed from multiple devices. This is often used by desktop and mobile phone email clients to retrieve email from the email server. No additonal layer of protection is possible with multi-factor authentication. IMAP support is “on” by default on Office 365 … Read more
In 2018, 25% of their parents said they were worried about children giving out details to inappropriate people online – a rise from 18% the previous year. Children aged four to seven are now being targeted in a new online video campaign from the National Crime Agency (NCA). The series of videos called Jessie & … Read more
ENISA launched a smartphone guidelines tool with the following subjects: – Ensure correct usage of biometric sensors and secure hardware; – Secure data integration with third party code; – Implement user authentication, authorization and session management correctly; – Ensure sensitive data is protected in transit; – Consent and privacy protection; – Protect paid resources; – … Read more
Digital billboards in shopping areas in Australia record customers’ reactions to advertisements tailored to them, but not in accordance with the GDPR. Who is safeguarding the Australians’ privacy? Face detection makes it possible to distuingish f.e. age, gender and mood. The French manufacturer emphasizes that all data collected remains anonymous and that they are using … Read more
The security of IoT devices is becoming a growing concern. ETSI has therefore created a “security baseline” for these IoT devices. ETSI: “People entrust their personal data to a growing number of online devices and services. In addition, traditionally offline products and appliances are now connected and must be designed to withstand cyber threats. To … Read more
Risk Based Security came out with their annual data breach report. Some highlights: – Compared to 2017, the number of reported breaches was down 3.2% and the number of exposed records was down approximately 35.9% from 7.9 billion. – The Business sector accounted for 65.8% of the records exposed followed by Unclassified at 31.8% and … Read more
In a letter to Director of the Department Cybersecurity and Infrastructure Security Agency, Department of Homeland Security, Christopher Krebs, the two senators Wyden and Rubio requested an investigation of possible risks stemming from VPN and data-saving apps based in unfriendly foreign nations. The growth of usage of mobile VPN and data-saving (proxying) apps of Russian … Read more