An Illinois Supreme Court decided that consumers can sue for violations of their privacy under the state’s biometric privacy law, even if there was no actual injury or adverse effect. https://twitter.com/shah_sheikh/status/1089985617381908480 Chris Olson, CEO at The Media Trust: “Privacy has become a hot-button issue from Main Street to Wall Street. In the recent Davos meeting, political and business leaders all agreed to push for a new international system for oversight of data processing. US policy and lawmakers are just as keen to deliver a federal bill to protect consumers. Companies should therefore be responsive to and anticipate the changes these…
ISBuzz Team
It has been reported by The Times of Israel that Iranian hackers target Israel every day, Prime Minister Benjamin Netanyahu charged at a cybersecurity conference in Tel Aviv yesterday. “Iran attacks Israel on a daily basis,” he told a gathering of government officials, cybersecurity experts and entrepreneurs at the CyberTech conference. “We monitor these attacks, we see these attacks and we foil these attacks all the time.” In his Tuesday speech, Netanyahu also hailed Israel’s cybersecurity experience and general technology prowess, saying they created diplomatic inroads for the nation. https://twitter.com/fiedler_irene/status/1025064519142400004 Similarly, Iran also blamed Israel for Cyberattacks: https://twitter.com/TheIsraelink/status/1059495059102621697 Israel Barak, Chief Information Security Officer…
Cyber threats consolidated their position as a high impact and high likelihood risk in this years World Economic Forum Global Risk Report and securing critical Infrastructure featured as a major discussion point. As a result, protecting critical infrastructure from cyber attacks is increasingly becoming a nation security concern and it is essential to put effective plans in place to address the problem. Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks: “The World Economic Forum Global Risks Report 2019 saw cyber risks consolidating their position in the global risk landscape as a high impact and high likelihood risk. Attacks against critical infrastructure…
It has been reported that Europol and its many law enforcement partners have obtained a list of the 151,000 register users of webstresser.org, one of the most notorious ‘booter’ sites for launching distributed denial of service attacks, which was taken down and seized last year. According to the law enforcement body, more than 250 users of the seized DDoS services will soon face action for the damage they have caused and in the United Kingdom a number of webstresser.org users have recently been visited by the police, who have seized over 60 personal electronic devices from them for analysis as part of Operation Power OFF. The countries to join the fight…
A server security lapse has exposed a massive database of customer information belonging to Rubrik, an IT security and cloud data management giant. The exposed server wasn’t protected with a password, allowing access to anyone who knew where to find the server. The database itself, running on a hosted Amazon Elasticsearch server, was storing tens of gigabytes of data, including customer names, contact information and case work for each corporate customer. https://twitter.com/StackTime/status/1090553398431223808 Expert Comments below: Rich Campagna, CMO at Bitglass: “It does not take much effort for outsiders to find unsecured databases and access sensitive information these days. This breach is…
Lloyds of London and Aon have today released a report suggesting that a coordinated global cyber attack, spread through malicious email, could cause economic damages anywhere between $85 billion and $193bn. https://twitter.com/LloydsofLondon/status/1090179876878012417 Expert Comments below: Ed Macnair, CEO at CensorNet: “There’s no doubt that the cost of cyber-attacks is going up and that, should an event like this occur it would be devastating, but this seems like the very worst-case scenario. This research has been based on a phishing attack and the kind of spread they are talking about would be prevented if just a couple of companies had email security in…
Following the news that a phishing campaign has been targeting Netflix users across Australia, with users reporting having been sent an email from an address posing as the legitimate support team for the streaming service asking them to enter their account information and payment details, security experts commented below. https://twitter.com/HRMS_news/status/1090546780729757697 Dean Ferrando, System Engineer Manager (EMEA) at Tripwire: “This is just the latest of a series of phishing campaigns that posed as Netflix, which because of its popularity allows criminals to cast a wide net of potential victims. This kind of attacks exploit customer’s trust in brands they can recognise, and are becoming increasingly sophisticated, adding…
Following the news of the LocalBitcoin hack that happened over the weekend and resulted in a total of BTC7.9 stolen from six different accounts, Lamar Bailey, Director of Security research and development at Tripwire, explains the risks of using a third-party software and how companies should protect themselves from this type of attacks. Lamar Bailey, Director of Security Research and Development at Tripwire: “Third-party software can be a blessing or a curse. Using a third-party application or service can greatly increase your time to market for a product but you must do your due diligence and validate the security of the code you are…
In response to DailyMotion’s disclosure on Friday that it’s suffered a credential stuffing attack (which it’s reported to France’s Commission nationale de l’informatique et des libertés [CNIL] complying with GDPR requirements), four experts with OneSpan and STEALTHbits offer perspective. https://twitter.com/ZDNet/status/1089987765478006785 Scott Clements, CEO at OneSpan: “Passwords and personal identifiable information are almost guaranteed to be exposed in ever increasingly sophisticated and frequent data breaches. It’s more important than ever to secure and protect the entire digital customer journey, and the data captured within, by taking a layered approach to security. This helps capture and analyze multiple complementary authentication factors and correlational data to establish trusted…
It has been revealed LocalBitcoins, a cryptocurrency exchange portal suffered a security breach that lasted for five hours. The hackers, who had created a fake LocalBitcoins login page, where able to collect the login credentials from users including the two-factor authentication details. LocalBictoins stopped the attack by taking down its forum and temporarily disabling transactions on its platform to prevent hackers from stealing money from any other accounts they had managed to compromise. https://twitter.com/CoinJam_co/status/1090147669119389696 Javvad Malik, Security Advocate at AlienVault: “This attack illustrates how companies need to take every aspect of their digital footprint seriously. Often, companies will not test or validate sites that…