Ukraine Power Outage Possibly Caused by Cyberattack
In a statement published on its website on Sunday, Ukrenergo said the outage occurred on Saturday, near midnight, at the North (Petrivtsi) substation, causing blackouts in the capital city of Kiev and the Kiev region. Ukrenergo Acting Director Vsevolod Kovalchuk said workers switched to manual mode and started restoring power after 30 minutes. Power was…
Privacy groups complain to FTC over Google’s ‘deceptive’ policy change
Privacy groups have complained to the Federal Trade Commission that Google is encroaching on user privacy through a policy change in June that allows it to combine personally-identifiable information with browsing data collected by its DoubleClick digital advertising service. The complaint by Consumer Watchdog and Privacy Rights Clearing House alleged that Google has created “super-profiles”…
Hacked for the Holidays: When You’re Asked to Fix the Family Computer
Whether hanging stockings, lighting candles on a menorah or gathering for an Airing of Grievances, if you are an IT professional visiting family this season, you will inevitably be asked to fix the family computer, tablet, smartphone or programmable thermostat while you’re there. As an introvert, I use the hour I might have to spend…
Medical data: Accessible and irresistible for cyber criminals
How valuable is personal healthcare data? Apparently it depends. Based on at least some price comparisons on the Dark Web – the underground online marketplace for cyber criminals – electronic health records (EHR) are not even close to premium goods. McAfee, now a division of Intel Security, reported recently that the price for an individual medical…
Highly lucrative Ransomware as a Service attacks poised to accelerate in 2017
Ransomware can be likened to global warming. It’s been around for years, but it’s now becoming an epidemic which needs serious attention. According to a recent survey conducted by Osterman Research, nearly 50% of U.S. companies experienced a “ransomware incident” over the last year. Without taking into account the number of unreported ransomware incidents, the…
LinkedIn skill learning unit Lynda.com hit by database breach
Lynda.com, the online learning unit of LinkedIn, has reset passwords for some of its users after it discovered recently that an unauthorized external party had accessed a database containing user data. The passwords of close to 55,000 affected users were reset as a precautionary measure and they have been notified of the issue, LinkedIn said…
Phishing email scams 108 government employees, 756,000 people affected by breach
On Friday, The LA County Chief Executive Office issued a public notice that 756,000 Californians were going to be receiving breach notification letters, after a single Phishing email scammed more than one hundred county employees. The notice also said a warrant has been issued for the Nigerian responsible for the Phishing attack.
GDPR Compliance Regulations: The New Challenge for the Cloud Operations Manager
In December 2015, the European Union (EU) announced a framework designed to combine the various data protection laws throughout the region. The General Data Privacy Regulation (GDPR) impacts many industries, from coffee shops to football clubs. It essentially affects any institution that retains personal information, especially businesses that store or handle data in multiple countries….
Evernote backs off from privacy policy changes, says it ‘messed up’
Evernote has reversed proposed changes to its privacy policy that would allow employees to read user notes to help train machine learning algorithms. CEO Chris O’Neill said the company had “messed up, in no uncertain terms.” The move by the note-taking app follows protests from users, some of whom have threatened to drop the service…
Nagios 4.2.4 closes serious root privilege escalation bug
If you’re using Nagios to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release fixes a high severity root privilege escalation vulnerability (CVE-2016-9566) discovered by researcher Dawid Golunski, who published a proof-of-concept exploit for it on Thursday.