Following on a “pre-determined” plan for cyber-attacks, Ministers met Tuesday to discuss the ongoing efforts to restore the country’s health care system according to Ireland’s RTE public network. The Government continues to push back against the ransomware attack on the HSE, refusing to meet payment demands and condemning any release of patient data as “utterly contemptible.
ISBuzz Team
DCMS has announced new plans to enhance the security of the UK’s critical supply chains. The proposal could require Managed Service Providers to meet the current Cyber Assessment Framework – a set of 14 cyber security principles designed for organisations that play a vital role in the day-to-day life of the UK. This includes: Having policies to protect devices and prevent unauthorised accessEnsuring data is protected at rest and in transitKeeping secure and accessible backups of dataTraining staff and pursuing a positive cyber security cultureProtecting the network from cyber-attacks
The student health insurance carrier guard.me has taken their website offline after a vulnerability allowed a threat actor to access policyholders’ personal information. The website is one of the largest insurance providers specializing in providing health insurance to students while traveling or studying abroad in another country. The website Guard.me was taken down after suspicious activities found on the website and visitors are automatically diverted to the maintenance page.
As reported by Digital Trends, IoT company Eufy showed users the wrong video footage on Monday. Users from around the world reported they could see other peoples’ feeds and even control their cameras. All of their contact details could also be accessed. Anker, the parent company of Eufy, confirmed the issue took place in numerous countries and was due to a software bug during a server update. The issue was reportedly corrected within an hour of being discovered at 5:30 a.m. ET today, but Eufy has been light on details regarding exactly how the breach happened.
Trūata’s Global Consumer State of Mind Report 2021 finds nearly half (48%) of consumers have lost control over how much data is stored about them, with 49% feeling that COVID-19 restrictions forced them into expanding their digital footprint this year Consumers across the globe are expressing a heightened sense of fear over their online privacy and personal data. With nearly half of global consumers (48%) admitting they have lost control over how much data is stored about them and 49% feeling that COVID-19 restrictions forced them into expanding their digital footprints, a new wave of concerns are coming to the…
The government has unveiled new proposals to help UK businesses manage cybersecurity in their digital and third-party IT services supply chains, as a growing body of evidence suggests that the risks to business continuity are hitting unprecedented heights. With supply chains demonstrably threatened through high-profile cyber attacks – a recent spate of incidents sparked through breaches of Accellion and Codecov products and, arguably, the SolarWinds incident – the Department for Digital, Culture, Media and Sport (DCMS) is calling for views on several measures to enhance supply chain security.
BACKGROUND: Cybersecurity company Rapid7 acknowledged that due to a breach of software supplier Codecov, its source code was accessed by attackers. Hashicorp, Confluent, and Twilio have previously confirmed their code was similarly impacted by the Codecov breach.
Following the news that Ireland’s health service has closed down its computer systems after a ‘significant ransomware attack’, please see below for comment from security experts.
From today, WhatsApp users will begin to receive persistent notifications to accept their disputed terms and conditions for sharing their data with the centralised messaging platform. After the controversial policy announcement in January 2021, WhatsApp has now said users’ accounts will not be deleted if they do not accept the terms and conditions but they will start to lose functionality, such as not receiving calls and messages and not being able to access their chat lists.
An activist short seller has written a letter to the chief executive of insurance giant Lemonade with details of an “accidentally discovered” security flaw that exposes customers’ account data. Carson Block, the founder of investment research firm Muddy Waters Research, sent the letter to Lemonade co-founder and chief executive Daniel Schreiber on Thursday, describing the bug that allowed anyone to inadvertently access personally identifiable data from customers’ accounts as “unforgivably negligent.” Block’s letter said: “By clicking on search results from public search engines, we shockingly found ourselves logged in to and able to edit Lemonade customers’ accounts without having to…