Nakedsecurity – Twitter hands over student’s account to his college
“While the college didn’t take down the account it did mess with it once Twitter suspended the account and turned it over to a college administrator. “
Nakedsecurity – Much-attacked Baltimore uses ‘mind-bogglingly’ bad data storage
“Many staffers in the IT department of the much-hacked US city of Baltimore have been storing files on their computers’ hard drives – as in, they haven’t kept properly backed-up data, stored in the cloud or off-site, an audit has found.”
Helpnetsecurity – Over half of organizations were successfully phished in 2019
“Sixty-five percent of surveyed infosec professionals said their organization experienced a ransomware infection in 2019; 33 percent opted to pay the ransom while 32 percent did not.”
De Tijd – ‘Privacyboete van 15.000 euro is wake-upcall’
“De website Jubel.be is veroordeeld voor een gebrekkig cookiebeleid. Het is de eerste dergelijke uitspraak in ons land, maar volgens experts niet de laatste. ‘Dit is een belangrijk precedent.’”
De Tijd – ‘Het is wachten op de eerste cyberaanval die ons een week zonder stroom zet’
“‘De kans bestaat dat we in 2020 eens een ernstig incident meemaken, waarbij miljoenen mensen meer dan een week zonder stroom zitten’, zegt Preneel.”
ZDNet – Data privacy: Germans dish out one of the biggest GDPR fines yet over lax call centers
“The €9.55m fine is one of the largest relating to GDPR to date and comes after … the company had failed to enforce Article 32 … which requires businesses to take appropriate technical and organizational measures to protect the processing of personal data.”
BBC – Black Hat: GDPR privacy law exploited to reveal personal data
“About one in four companies revealed personal information to a woman’s partner, who had made a bogus demand for the data by citing an EU privacy law.”
VRTNWS – Chinezen voerden massaal cyberaanvallen uit op Belgische handelsmissie.
“De Belgische delegatie is van tevoren gebrieft om bepaalde veiligheidsmaatregelen te nemen en bijvoorbeeld laptops en gsm’s thuis te laten …”
The Hacker News – New Flaw Lets Rogue Android Apps Access Camera Without Permission
“An alarming security vulnerability … that could allow malicious apps to secretly take pictures and record videos — even when they don’t have specific device permissions to do so.”
The Hackers News – Company detected years-long breach only after hacker maxed out servers’ storage
… According to the FTC, InfoTrax Systems failed to “inventory and delete personal information it no longer needed, conduct code review of its software and testing of its network, detect malicious file uploads, adequately segment its network, and implement cybersecurity safeguards to detect unusual activity on its network.” …