Austria Privacy NGO Takes on Apple Over 'Tracking Code' (SecurityWeek) An Austrian online privacy group is filing complaints over Apple's use of a so-called IDFA ("identifier for advertisers") which NOYB says are used on phones "without user's knowledge or consent".
Apple hit with two privacy complaints in Europe over its mobile tracking tool for advertisers (CNBC) Austrian privacy activist Max Schrems' non-profit group Noyb alleges Apple's use of a tracking code on iPhones breaches European law.
Privacy advocates call for European probe into Palantir (ComputerWeekly) Dutch group SOMI is trying to raise awareness of Palantir’s data privacy practices and how it works with European government agencies.
STEPHEN ADKINS, on behalf of himself and those similarly situated, Plaintiffs, v. FACEBOOK, INC., Defendant. (United States District Court, Northern District of California) In this data-breach class action, plaintiffs move for preliminary approval of a class settlement agreement. The proposal appearing non-collusive and within the realm of approvable, the motion is GRANTED.
HHS Issues Cybersecurity Guidance for Healthcare Organizations (Lexology) Cyberattacks continue to rise across industries, and healthcare is no different. Eighty percent of U.S. physicians reported having experienced some form of cyberattack.
EU Restrictions Could Force Companies to Change Data Transfer Practices (Wall Street Journal) Businesses could be forced to adopt strict encryption practices and ensure the personal data of Europeans can’t be decrypted if companies move that information to the U.S. and other countries outside the EU, the draft rules said.
A Methodology for Conducting Data Transfers in a Post Schrems II World (cyber/data/privacy insights) On November 10, 2020, the European Data Protection Board issued two new pieces of guidance. Read together, they outline a detailed methodology to follow when conducting data transfers under the EU General Data Protection Regulation – such guidance has been keenly anticipated following the Court of J
Lawyer Checker to Host Crucial Panel Discussion as Cybercrime Reaches New Heights (Today's Wills and Probate) The Solicitors Regulation Authority have recently publicised their first thematic review investigating the impact of cybercrime. The review has highlighted a number of troublesome statistics making it definitively apparent that cyber related incidents leading to fraud remain one of the largest threats the legal sector faces. The SRA conducted the review by selecting a randomised …
Holiday Shoppers Beware: Tips for Global Brand Owners and Consumers to Safeguard Against Domain Security Threats (Digital Brand Services Blog) With the COVID-19 pandemic persisting, online shopping will be the preferred method for the 2020 holiday shopping season. While staying home to shop is the safest option right now, it means consumers are more vulnerable to online fraud, counterfeits, and cyber crime.
SEGs Struggle to Mitigate Most Phishing Attacks (IRONSCALES) New Research: Nearly Half of Phishing Emulations Bypass Microsoft ATP and Top SEGs at nearly 50% clip
Online Shoppers Undeterred by COVID as Holiday Shopping Season Shifts Earlier (Akamai) Holiday shoppers are overcoming worries and restrictions and easily adapting to new shopping norms as the COVID-19 pandemic has invaded our lives and made us overwhelmingly dependent on online and mobile activity. According to an Akamai-commissioned survey of more than 1,000 U.S. consumers conducted between October 31 and November 2, 2020, 73% of shoppers who have started gift hunting have done half to all their shopping online to date.
2 in 3 Concerned About Data Breaches During the Holiday Shopping Season This Year (Iris Identity) The Holiday Shopping ID Theft survey examines consumer sentiment on retail data breaches and the identity theft risks holiday shopping poses.
Holiday Shopping Warning: Simple Typos Can Lead Consumers and Brands to Online Fraud, Counterfeit Goods, and Cyber Crime (BusinessWire) Over 70% of misspelled domain names for 10 major online brands are registered to third parties, making consumers susceptible to cyber crime.
CrowdStrike Global Survey Reveals Fear of State-Sponsored and Ransomware Attacks Pose Danger of Stifling Future Business Growth in Post COVID-19 World (AP NEWS) CrowdStrike, Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint and workload protection, today announced the release of the 2020 CrowdStrike Global Security Attitude Survey, produced by independent research firm Vanson Bourne.
53% of Manufacturing Organizations Say Operational Technology is Vulnerable to Cyber Attacks (PR Newswire) TrapX Security, the global leader in Deception-based cyber defense solutions, has today released findings of a research survey in partnership...
The 2021 Financial Data Risk Report Reveals Every Employee Can Access Nearly 11 Million Files (Inside Out Security) Financial services organizations must safeguard tons of highly sensitive information, but data is often left exposed to far too many people. If just one employee clicks on a phishing email,...
F5 Labs report reveals increasing attacker sophistication raises global cybersecurity stakes (Intelligent CIO Europe) COVID-19 continues to significantly embolden cybercriminals’ phishing and fraud efforts, according to new research from F5 Labs. The fourth edition of the Phishing and Fraud Report found that phishing incidents rose 220% during the height of the global pandemic compared to the yearly average. Based on data from F5’s Security Operations Center (SOC), the number […]
India Hit By 375 Cyberattacks Daily In 2020, Says Cyber Security Coordinator (Inc42 Media) People should be very careful about hoax calls and click-baits whose sole intention is to dig information from an internet user, he suggested.
macOS Big Sur 11.0.1 Patches 60 Vulnerabilities (SecurityWeek) The first update released by Apple for macOS Big Sur 11.0 patches 60 vulnerabilities.
New Zoom feature can alert room owners of possible Zoombombing disruptions (ZDNet) The new "At-Risk Meeting Notifier" Zoom feature scans the internet and alerts conference organizers when a link to their Zoom meeting has been posted online.
Animal Jam was hacked, and data stolen; here’s what parents need to know (TechCrunch) Some 46 million user records were stolen and published online.
Dating Site Bumble Leaves Swipes Unsecured for 100M Users (Threatpost) Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles.
University fallen victim to cybersecurity breach (Pipe Dream) During the weekend of Nov. 7, computer servers at Binghamton University became the target of “malicious activity” according to the University’s website, resulting in some...
Human error blamed in Welsh Covid-19 patient data leak (ComputerWeekly) Public Health Wales accepts recommendations of independent probe into data breach that saw PII on 18,105 coronavirus patients leaked.
Expert says odds are against municipalities amid ‘significant cyber attack’ on City of Saint John (Global News) "Our IT teams and our security teams have to be right 100 per cent of the time. A criminal just needs to get right once," says cybersecurity expert David Shipley.
Toledo Public Schools sends cyber attack explanation letter to parents (13ABC) The letter explains what happened, what information was involved, what TPS did, and what it is doing.
Report: Retail-focused Used Electronics Business Leaks Customers' IDs & Fingerprints in Data Breach (Website Planet) Company name and location: TronicsXchange, Inc based in California, US. Leak size: Over 2.6 million files (including 80,000 identification
Micropayments company Coil distributes new privacy policy with email that puts users' addresses in the ‘To:’ field (Register) Hundreds of email addresses exposed, customers predictably less-than-thrilled
Jekyll Island Data Breach Update (Jekyll Island) The Jekyll Island-State Park Authority was subject to a recent data privacy event that may have impacted the security of personal information. While there is currently no evidence that any of this information has been misused, we want to provide you with information about the…
How the U.S. Military Buys Location Data from Ordinary Apps (Vice) A Muslim prayer app with over 98 million downloads is one of the apps connected to a wide-ranging supply chain that sends ordinary people's personal data to brokers, contractors, and the military.
U.S. Hospitals are the Target of Ransomware Attacks (Legal Reader) U.S. Hospitals are the Target of Ransomware Attacks
The ransomware landscape is more crowded than you think (ZDNet) More than 25 Ransomware-as-a-Service (RaaS) portals are currently renting ransomware to other criminal groups.
Malsmoke operators abandon exploit kits in favor of social engineering scheme (Malwarebytes Labs) Threat actors behind malsmoke, one of the largest malvertising campaigns we've seen in recent months, have switched malware delivery tactics.
Cybercriminals Use Cloud Technology to Accelerate Business Attacks (AiThority) Trend Micro Incorporated, the leader in cloud security, has identified a new class of cybercrime. Criminals are using cloud services.
Cybercriminal ‘Cloud of Logs’: The Emerging Underground Business of Selling Access to Stolen Data (Trend Micro) We take a closer look at an emerging underground market that is driven by malicious actors who sell access to a gargantuan amount of stolen data, frequently advertised in the underground as “cloud of logs."