Dr. Adem Koyuncu and Valerie Mei of Covington & Burling write: On 3 July 2020, the German parliament passed a draft bill (German language) for patient data protection and for more digitalisation in the German healthcare system (Patientendaten-Schutz-Gesetz). The draft bill is currently in the legislative procedure and is expected to enter into force in…
Category: Commentaries and Analyses
Security researcher publishes details and exploit code for a vBulletin zero-day
Catalin Cimpanu reports: A security researcher has published details and proof-of-concept exploit code for a zero-day vulnerability in vBulletin, one of today’s most popular forum software. The zero-day is a bypass for a patch from a previous vBulletin zero-day — namely CVE-2019-16759, disclosed in September 2019. Read more on ZDNet. Lawrence Abrams of BleepingComputer has…
Hacking medical devices to hijack secure facilities
Fahmida Y. Rashid reports: People entering secure facilities—such as those found in military, security, and government agencies—are often asked to hand over their connected devices such as fitness trackers and smartphones. Those devices are stored in secure lockers and then returned when their owners leave the facility. All this is done in the name of…
Why Healthcare is (or isn’t) Adopting Blockchain
Matt Jordan reports: There’s a place for Blockchain in the Healthcare environment, whether individual providers are choosing to adopt it or not. With the current health crisis rocking our country, and even our world, sending patients to ICU or bed-ridden and unable to leave their homes to receive care and diagnoses from their medical professionals….
Pepperstone Updates Clients on Data Breach Investigation
Aziz Abdel-Qader reports: Multi-regulated FX broker Pepperstone has just updated its clients about the data security breach that occurred just over a week ago. The company said the security issue had originated from one of its third-party vendors after cybercriminals used malware to compromise its computers and obtained access to the provider’s credentials. Not so long after…
SPARTOO: sanction of 250,000 euros and injunction under penalty to comply with the GDPR
From the CNIL, the French data protection authority: SPARTOO is specialized in the online shoe sales sector. For this activity, it has a website accessible in thirteen countries of the European Union. The CNIL inspected the company in May 2018, and noted shortcomings concerning the data of customers, prospects and employees. The President of the CNIL therefore…