Phishers Leveraging GDPR-Themed Scam Emails to Steal Users’ Information

Phishers Leveraging GDPR-Themed Scam Emails to Steal Users’ Information

Phishers are using scam emails that leverage the European Union’s General Data Protection Regulation (GDPR) as a theme in an attempt to steal users’ information, a security firm found. Researchers at managed threat detection solutions provider RedScan came across one such phishing message that appeared to originate from Airbnb. The ... Read More

The FBI’s 10 Most-Wanted Black-Hat Hackers – #7 and #6

The FBI’s 10 most-wanted black-hat hackers countdown continues this week with No. 7 and No. 6: the co-conspirators Bjorn Daniel Sundin and Shaileshkumar “Sam” P. Jain. On 26 May 2010, the U.S. District Court of Northern Illinois indicted Sundin, Jain and a third suspect for one count of conspiracy to ... Read More
Man Pleads Guilty to Sicking Army of Spambots on Twitch

Man Pleads Guilty to Sicking Army of Spambots on Twitch

A 20-year-old man has pleaded guilty to targeting more than a thousand members of streaming video platform Twitch with an army of spambots. On 1 May, Brandan Lukas Apple confessed to a charge of “mischief in relation to computer data” before a Port Coquitlam provincial court judge. The court responded ... Read More

Integrity Management: What It Is and How It Can Protect Your Data

In a previous article, I noted that organizations are witnessing a surge in integrity-based attacks targeting their networks. Enterprises can defend themselves against these types of threats by turning to the National Institute of Standards and Technology (NIST) Cybersecurity Framework. They can then pair the risk-based approach with NIST SP ... Read More
Massachusetts School District Pays $10K to Ransomware Attackers

Massachusetts School District Pays $10K to Ransomware Attackers

A school district located in Massachusetts paid attackers $10,000 after they infected its computer network with crypto-ransomware. Officials at Leominster Public Schools decided to meet the demand after the district suffered a ransomware attack on 14 April. It’s unclear what types of files the malware encrypted. According to CBS Boston, ... Read More
Lending Website Cites GDPR Concerns as Reason Why It Shut Down

Lending Website Cites GDPR Concerns as Reason Why It Shut Down

A lending website ceased all operations over concerns with the European Union’s General Data Protection Regulation (GDPR). Chris Beach, the founder of Streetlend.com, decided to shut down the service after five years of operation due to uncertainty and risk created by the GDPR. He explained in a message posted to ... Read More

Security Controls: The Key to Ensuring ‘Security in the Cloud’

Organizations face a number of security challenges when migrating to the cloud from on-premise data centers. Their work isn’t done once they’ve completed the move, either. At that stage, enterprises must decide on the best approach to fulfill their end of the Shared Responsibility Model and ensure “security in the ... Read More
Canadian Government Unveils New Data Breach Regulations

Canadian Government Unveils New Data Breach Regulations

The government of Canada has unveiled new regulations that specify how organizations must report and respond to a data breach. On 18 April, the Governor General of Canada released the Breach of Security Safeguards Regulations (SOR/2018-64). The rules require organizations to submit a comprehensive report to the Privacy Commissioner of ... Read More
New Gmail Confidential Mode Lets Businesses Set Expiration Dates for Emails

New Gmail Confidential Mode Lets Businesses Set Expiration Dates for Emails

Google has introduced a new confidential Gmail mode that allows businesses to set expiration dates for emails containing sensitive information. On 25 April, the Menlo Park tech giant announced a series of updates to its G Suite apps for its more than four million paying business users. Gmail confidential mode ... Read More
Privacy Breach Exposes 1,200 School Employees’ Partial Social Security Numbers

Privacy Breach Exposes 1,200 School Employees’ Partial Social Security Numbers

A privacy breach at a school district in New Jersey exposed portions of 1,200 employees’ Social Security Numbers. The breach occurred at Irvington Public Schools on 16 April when an “unknown source” sent out an email to an undetermined number of recipients. The email contained the names of current and ... Read More