As seen on the European Data Protection Board (EDPB): The Norwegian Data Protection Authority has fined the Municipality of Indre Østfold EUR 20 000 (NOK 200,000) for a confidentiality violation. Personal data that should have been restricted was available to unauthorized persons. The Municipality of Indre Østfold, formerly the Municipality of Askim, published the records…
Category: Commentaries and Analyses
When Cyber Gangs Disregard Ransomware Payments, Victims Can Be Hit Twice
David Bisson reports: Several digital gangs have gone back on their pledge to honor the ransomware payments made by victims. In its Quarterly Ransomware Report for Q3 2020, Coveware notes that nearly half of the ransomware attacks it had tracked during that quarter had included the threat to leak unencrypted data. Yet, multiple gangs did not always…
Could your baby monitor be unsafe and unsecured?
I’d ask, “Why is this STILL happening?” but I think we all know the answers to that, and Jim Wilson of Safety Detectives actually addresses that in his article. The SafetyDetectives cybersecurity team has discovered a vulnerability affecting baby monitors, provoked by their misapplication/misconfiguration, which provides potentially harmful parties with unauthorized access to each camera’s video stream….
Conti ransomware: Evasive by nature
In part of a three-part series, Andrew Brandt and Anand Ajjan of Sophos write: For the past several months, both SophosLabs and the Sophos Rapid Response team have been collaborating on detection and behavioral analysis of a ransomware that emerged last year and has undergone rapid growth. The ransomware, which calls itself Conti, is delivered…
Hacks and zoom-bombings continue to plague educational facilities
Educational settings across countries and age groups continue to be report hacking incidents or zoom-bombing incidents. Here are just some of the data security headlines I noted over the past few weeks: In the U.S.: Hundreds of Wimberley ISD students receive racist email in an apparent hack Council Rock Student’s Email Was Hacked, District Says…
What makes us human: countering the accidental insider cyber threat
Philip Bridge writes: […] The Information Commissioner’s Office (ICO) has been keen to change the perception that a data breach can only occur through the actions of someone outside the organisation. Instead, it defines a breach as “any event that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal…