dcsimg

A week in security (July 16 – July 22)

Last week on Labs, we looked at a Magniber expansion, explored open source vulnerabilities, and checked out the boons and drawbacks of smart assistants. We also continued our ad blocking article extravaganza, gave a whistlestop tour of third-party problems, and published our Q2 Cybercrime tactics & techniques report. Other news: Huge data breach in Singapore (Source: Straights Times) Venmo … [Read more...]

Major data breaches at Adidas, Ticketmaster pummel web users

There’s been a number of data breaches and accidental data exposures coming to light in the last few days, and no matter where in the world you happen to be located, you’ll want to do some due diligence and see if you’ve been affected. These aren’t small fishes being preyed upon by black hats; we’re talking Adidas, Ticketmaster, and Exactis, the last one being a … [Read more...]

What am I supposed to do with all these privacy policy emails?

Society doesn’t tend to agree on much, but late last week hundreds of millions of people were united by the question: “What’s with all these emails about updated privacy policies?” The flurry of messages led to many jokes and memes, but lost among the humour was the reason for this torrent of emails. It wasn’t just an amazing coincidence that every organisation you’ve ever visited updated its … [Read more...]

1 in 8 cyber attacks successful in Denmark

A recent survey by the Danish Society of Engineers’ IT subsidiary, IDA-it, concluded that two thirds of businesses had experienced a cyber attack, and that up to one in eight cyber attacks carried out against Danish organisations are successful. IDA-it surveyed people working in IT or personal data related roles in the public and private sector. Kåre Løvgren, IDA-it’s chairperson, said that … [Read more...]

9 steps to implementing ISO 27001

There are many reasons to adopt ISO 27001, the international standard that describes best practice for an information security management system (ISMS). It helps organisations improve their security, comply with cyber security regulations, and protect and enhance their reputation. But implementing the Standard takes a lot of time and effort. That should be obvious, at least if you believe the … [Read more...]

The GDPR and Brexit

In less than a month from now, the General Data Protection Regulation (GDPR) comes into force across the EU. It is expected that businesses and charities across Ireland have taken the necessary measures, such as preparing new policies, appointing chief information security officers, restricting IT admin rights and installing firewalls and controls over company-owned devices, to ensure compliance … [Read more...]

How to spot a phishing attack

Phishing is one of the biggest threats that individuals and organisations face, but do you know what they are, what they look like, and where to look for them? In the broadest sense, phishing is any attempt to pose as a trustworthy source in order to get people to hand over personal information. Phishing usually takes the form of mass emails sent to hundreds or thousands of people, criminals can … [Read more...]

Upcoming GDPR training dates in Ireland – book your place today

The GDPR comes into force in less than two months – start preparing now! The General Data Protection Regulation (GDPR) is fast approaching, but there is still time to start your compliance project. Learn from the experts how the Regulation will affect your organisation and how to comply on our certified GDPR Foundation and Practitioner courses. Avoid disappointment – book your place on our … [Read more...]

What Facebook’s Cambridge Analytica problem means for your data

As you may already know, there’s been a security meltdown at Facebook, thanks to a company called Cambridge Analytica and Donald Trump. Facebook CEO Mark Zuckerberg insists it wasn’t a breach, which is technically true. But that doesn’t change the fact that the data of 50 million users was obtained without express permission and used for political purposes. This is a tricky topic … [Read more...]

Plugging a virtual leak: insecure VR app exposes customer data

I’ve been giving talks on the possible problems raised by virtual/augmented/mixed reality for a while now, and sure enough, we have what may be one of the first potentially major security issues thrown up by an in-the-wild application. Until a recent fix was applied, users of the pornography app SinVR could have found their subscriber information up for grabs. Researchers over at Digital … [Read more...]