Data Protection

Vulnerabilities

Issued by: Security Week

Nissan Canada Informs 1.1 Million Customers of Data Breach

Nissan Canada revealed on Thursday that the personal information of some customers may have been compromised as a result of a data breach discovered by the company on December 11. The incident affects individuals who have financed their vehicles through Nissan Canada Finance (NCF) and INFINITI Financial Services Canada. The exact number of impacted customers…

Vulnerabilities

Issued by: Security Week

Old Crypto Vulnerability Hits Major Tech Firms

A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world’s top websites. Last month, F5 Networks informed customers that some of its BIG-IP products include a vulnerability that can be exploited by a remote attacker for recovering encrypted data…

Network Security

Issued by: Dark Reading

Security Compliance: The Less You Spend the More You Pay

The costs of complying with data protection requirements are steep, but the costs of non-compliance are even higher, a new study shows. Like the old saying about an ounce of prevention being better than a pound of cure, complying with data protection requirements can be expensive, but the financial consequences of non-compliance can hurt a…

Vulnerabilities

Issued by: Security Week

Dormant Keylogger Functionality Found in HP Laptops

A researcher has discovered that a touchpad driver present on hundreds of HP laptops includes functionality that can be abused for logging keystrokes. The vendor has released patches for a vast majority of affected devices. Michael Myng was looking for ways to control the keyboard backlight functionality on HP laptops when he noticed that the…

Network Security

Issued by: Help Net Security

How cybersecurity solutions can help with GDPR compliance

Technical (protection) measures, means, technologies, rules and resources are mentioned multiple times throughout the GDPR text. The Regulation does not, however, specify any security technology implementation as obligatory (a few methods are suggested as optional solutions for the specific usage). Choice and evaluation of adequacy is the sole responsibility of the data controller and processor.

Malware & Threats

Issued by: Security Week

Hackers Target U.K. Shipping Giant Clarkson

Clarkson, one of the world’s largest providers of shipping services, informed the public on Tuesday that it has suffered a security breach and the hackers may release some data taken from its systems. Clarkson provided only few details citing the ongoing law enforcement investigation, but the information it made public suggests that it was targeted…

Network Security

Issued by: Help Net Security

Imgur confirms breach, 1.7 million users affected

Popular image hosting website Imgur has announced on Friday that hackers stole usernames and passwords of 1.7 million of its users. The breach dates back to 2014, when Imgur still encrypted the stored passwords with the SHA-256 algorithm, which has since been found too weak to withstand brute forcing.

Network Security

Issued by: Security Intelligence

Data Storage and Encryption Should Top the CISO’s To-Do List

In today’s digitized world, data storage and encryption are surely top of mind for most chief information officers (CIOs). But given the increasing regulations and privacy implications surrounding data security, these measures should also be on the chief information security officer (CISO)’s agenda. Most organizations need to house massive amounts of data to comply with…