The Wall Street Journal and other media reported late Friday that Facebook will be charged with a $5 billion fine for privacy lapses in conjunction with the company’s 2018 Cambridge Analytica scandal. The fine represents the largest ever imposed by the FTC against a tech company. The FTC began probing Facebook in March 2018 following reports that political consulting firm Cambridge Analytica had improperly accessed the data of 87 million Facebook users. https://twitter.com/nytimes/status/1149781234899251201 Experts Comments: Pravin Kothari, Founder and CEO at CipherCloud: “The situation with Facebook is an eye opener and has brought considerable attention to data privacy requirements. We’ll see more…
ISBuzz Team
78% of businesses cite cyber security as a high priority for their organisation’s senior management. Whilst it is encouraging that this figure has risen year on year, generating awareness of cyber security is only one part of the issue. The next step for organisations to take is not only understanding, but intelligently acting on the risks presented. Despite the heightened awareness, many organisations are still focusing on mitigating assumed risks, rather than real risks, without a robust security strategy in place. Whilst perimeter security is a key part of any organisation’s security posture, the fact is that it cannot work in isolation. Data breaches are now commonplace and largely…
According to this link, , La Porte County, Indiana, has paid $130,000 to recover data on computer systems impacted by ransomware. The attack occurred on Saturday, July 6 and was spotted before it propagated to all the computer on the network Despite this response, two domain controllers were impacted so network services became unavailable. Three days later, the government emails and the county website were still not working A forensic investigation firm and the FBI were involved but attempts to recover the data encrypted by the malware without paying the ransom were fruitless The news publication says that the ransomware affecting La…
Doxxing is revealing and publishing someone’s personal information. This information is collected through various means and is combined together to create a complete profile of personal data. Though this is a popular technique used by hackers for more than a decade but doxxing is not limited to hackers only. What is Doxxing? Doxxing is a research-based work where doxxers use different mediums to collect personal information of the target. The means of collecting information mostly include online sources. There is a lot of data stored on the internet about each person. This includes the information shared on social media platforms…
From rising identity theft and fraud to large-scale enterprise breaches, the news in 2018 was full of cybersecurity nightmares. With cyber incidents now commonplace, consumers have become fed up and are demanding business data privacy regulations. Governments have been responding with a wave of new legislation. In 2018, CyberScout received a record number of incident reports across growing business and consumer incident management services. We observed that financial fraud and account takeovers were the two most active forms of cyber events for individuals. For businesses, ransomware and phishing attacks remained the leading forms of attack, and non-targeted attacks are on…
It was reported today that security researchers hacked hair straighteners from Glamoriser, a U.K. firm that bills itself as the maker of the “world’s first Bluetooth hair straighteners,” allows users to link the device to an app, which lets the owner set certain heat and style settings. The app can also be used to remotely switch off the straighteners within Bluetooth range. The researchers found it was easy to send malicious Bluetooth commands within range to remotely control an owner’s straighteners. The researchers demonstrated that they could send one of several commands over Bluetooth, such as the upper and lower temperature…
Agent Smith is the name of a new Android Malware that replaces legitimate apps with clones infested with adware according to a report from Checkpoint who thinks the malware has already infected about 25 million Android users. https://twitter.com/BlackBerry10QNX/status/1149561866684776454 https://twitter.com/fs0c131y/status/1149681621320261632 Expert Comments: Usman Rahim, Digital Security and Operations Manager at The Media Trust: “Agent Smith taps into the growing convergence of adware and malware. Bad actors are using adware to commit various forms of fraud and identification theft. One thing is for sure, app providers should carefully vet the adware vendors they work with if they want to protect their brands and…
Earlier this year, Tesla filed suit against former engineering employee, Guangzhi Cao, accusing him of stealing trade secrets (Tesla’s Autopilot source code). In a court filing from Monday (July 8), Cao admitted to uploading .zip files containing the Autopilot source code to his personal iCloud account. Additionally, Cao is accused of bringing the code to Chinese competitor, Xiaopeng Motors (AKA Xmotors or XPeng), which is backed by industry-giant Alibaba. This is a prime example of the havoc insider threats can wreak on companies. https://twitter.com/ray4tesla/status/1149169483916836864 Experts Comments: Jeff Nathan, Principal Researcher at Exabeam: “Insiders with access to privileged information represent a greater risk to a company’s security. In this…
For the last few years, digital transformation within the tech sector has seemed akin to the opening of Pandora’s box: seemingly overnight firms have begun to be bombarded with AI driven solutions, the possibilities of commercial drones, edge computing, cloud storage, and of course the ubiquitous IoT software that can be found everywhere from a living room to a street lamp. Many forward-thinking firms are using new technologies to leverage greater efficiency, service and profitability. But are these firms exposing themselves to new threats in their desire to remain on the cutting edge? A fact of life is that with…
LastPass by LogMeIn today announced the results of a new study conducted by Vanson Bourne to offer businesses insights into the state of identity and access management (IAM) and actionable steps to improve their IAM programme. The study, The Guide to Modern Identity, surveyed 700 global IT and security professionals at organisations ranging from 250 to 2,999 employees and found 92 per cent are experiencing at least one challenge when it comes to identity management, with 47 per cent citing ease of use with security as the biggest challenge. This research comes on the heels of the general availability of the LastPass’ new comprehensive identity suite…