Dating App for Trump Supporters Exposed Members’ Information

A dating app geared towards connecting supporters of U.S. President Donald Trump exposed members’ personal and account information. On 15 October, security researcher Baptiste Robert (who also goes by the name “Elliot Alderson”) discovered security weaknesses in the Donald Daters dating app that exposed several pieces of users’ information. Hi ... Read More
Scottish Ambulance Service Exposed Employees’ Data Online

Scottish Ambulance Service Exposed Employees’ Data Online

The Scottish Ambulance Service suffered a data breach in which it exposed its staff members’ personal information online. On 12 October, the NHS Ambulance Services Trust, which is part of NHS Scotland, sent an email to its staff in which it disclosed the data breach. As quoted by BBC News: ... Read More
New Sextortionist Scam Uses Email Spoofing Attack to Trick Users

New Sextortionist Scam Uses Email Spoofing Attack to Trick Users

A new sextortionist scam is using spoofing techniques to trick users into thinking that digital attackers have compromised their email accounts. As reported by Bleeping Computer, an attack email belonging to this ploy attempts to lure in a user with the subject line “[email address] + 48 hours to pay,” ... Read More

Clarifying the Misconceptions: Monitoring and Auditing for Container Security

An effective container security strategy consists of many parts. Organizations should first secure the build environment using secure code control along with build tools and controllers. Next, they should secure the contents of their containers using container validation, code analysis and security unit tests. Finally, they should develop a plan ... Read More
Chinese Intelligence Officer Extradited to the United States for Espionage Charges

Chinese Intelligence Officer Extradited to the United States for Espionage Charges

A Chinese intelligence officer has been extradited to the United States after being charged with conspiracy to commit economic espionage against certain U.S. firms. On 10 October, the U.S. government unsealed an indictment filed by a federal grand jury in the Southern District of Ohio against Yanjun Xu, aka Qu ... Read More
Washington Orthopedic Practice Confirms Data Security Event

Washington Orthopedic Practice Confirms Data Security Event

A Washington medical group practice specializing in orthopedics has notified individuals of a data security event that might have exposed some of their personal information. On 5 October, Rebound Orthopedics & Neurosurgery (“Rebound”) of Vancouver, Washington published a statement publicly disclosing an incident that it detected earlier in the year: ... Read More
Heathrow Airport Fined £120,000 Following Data Security Incident

Heathrow Airport Fined £120,000 Following Data Security Incident

The Information Commissioner’s Office (ICO) issued a fine of £120,000 to Heathrow Airport Limited (HAL) following a data security incident that occurred in 2017. On 8 October, ICO announced the penalty under section 55A of the 1998 Data Protection Act (DPA). Under that piece of legislation, the ICO is empowered ... Read More
Over 4.5 Billion Records Breached in H1 2018, Finds Report

Over 4.5 Billion Records Breached in H1 2018, Finds Report

A recent report found that data breaches compromised a total of more than 4.5 billion records in the first half of 2018. In its report “2018: Data Privacy and New Regulations Take Center Stage,” Gemalto wrote that its Breach Level Index (BLI) system tracked 4,553,172,708 breached data records during the ... Read More
Connected Device Security Bill Becomes Law in California

Connected Device Security Bill Becomes Law in California

The State of California enacted a law requiring manufacturers of connected devices to equip their products with “reasonable” security features. On 28 September, California Governor Jerry Brown approved SB-327. The law, which is entitled “Security of Connected Devices,” stipulates that manufacturers of web-connected devices implement security measures that are suitable ... Read More
Criminals Holding Hijacked Instagram Influencers’ Accounts for Ransom

Criminals Holding Hijacked Instagram Influencers’ Accounts for Ransom

Criminals are hijacking Instagram influencers’ accounts and demanding that victims pay a ransom in bitcoin to regain access. Kevin Kreider, a Los Angeles-based Instagrammer who’s known for his following around fitness-related topics, told Motherboard that extortionists first targeted him when someone named Lana reached out with a fake business opportunity ... Read More
Loading...