Danny Palmer reports: Cyber criminals are using uniquely crafted phishing emails to infect victims with malware — and they’re doing so by experimenting with a new method of delivering the malicious payload. According to analysis by Proofpoint, there’s been a rise in cyberattackers attempting to deliver malware using OneNote documents, a digital notebook signified by .one extensions that is part…
Category: Commentaries and Analyses
Acuity Brands allegedly failed to protect employee info during data breaches – lawsuit
Jessy Edwards reports on litigation stemming from breaches previously noted on this site. Acuity Brands was negligent in its data security, leading to two data breaches that exposed as many as 37,000 people’s personal information to hackers, a new class action lawsuit alleges. Plaintiffs Andrew Smith and Mackenzie Fairfield—both former employees of the lighting company—filed…
Ie: HSE patients startled to get alerts about personal info stolen by hackers
Reminder: If you are first sending out data breach notification letters two years after the breach, you might want a public announcement or media campaign to alert the public that letters are going out. Daire Fitton reports: People across Cork have raised concerns with the HSE after suddenly receiving letters about their leaked personal information…
UK: Counter-attacking ransomware hackers
Thomas Rudkin of Farrer & Co writes: There is a developing line of cases in England & Wales where those who have been subject to a ransomware attack take action against the hackers through the civil courts. The question is why bother and what is the best way to go about this if that is…
In 2023, Resolve to Fix Your Organization’s Meta Pixel Problem
In 2023, Resolve to Fix Your Organization’s Meta Pixel Problem It’s time to be proactive about user privacy. Find out if you’re sending too much data to Facebook—or if you need to send data at all By: Maria Puertas and Simon Fondrie-Teitler We all use the internet to complete increasingly sensitive tasks: book doctor’s appointments,…
Hacker finds bug that allowed anyone to bypass Facebook 2FA
Lorenzo Franceschi-Bicchierai reports: A bug in a new centralized system that Meta created for users to manage their logins for Facebook and Instagram could have allowed malicious hackers to switch off an account’s two-factor protections just by knowing their phone number. Gtm Mänôz, a security researcher from Nepal, realized that Meta did not set up a limit…