December 12, 2023 at 10:04AM The 2013 Target breach revealed significant vulnerabilities in third-party interactions, leading to nearly a billion dollars in financial damages. Despite efforts to strengthen cyber defenses, organizations continue to grapple with systemic issues and supply chain security. The industry now faces a critical need for a paradigm shift towards proactive data … Read more
December 12, 2023 at 08:48AM A review of the PSNI’s August data breach revealed vast impact on staff, including relocation for safety, mental health decline, and operational consequences. Failings in data protection and governance were highlighted, along with delayed audits and incomplete GDPR requirements. Staff responses varied, with some feeling resilient while others encountered significant … Read more
December 11, 2023 at 02:28PM Apple has issued emergency security updates for two zero-day flaws in iOS, iPadOS, tvOS, and watchOS. The CVE-2023-42916 and CVE-2023-42917 vulnerabilities in the WebKit browser engine allowed attackers to access sensitive data and execute arbitrary code. Security researcher ClĂ©ment Lecigne discovered and reported both flaws. CISA ordered Federal Civilian Executive … Read more
December 8, 2023 at 05:34PM An Apple-commissioned report emphasized the importance of end-to-end encryption in safeguarding sensitive data amidst a significant surge in data breaches and compromised records. The study underscored the rise in ransomware campaigns and vendor attacks as contributors to the worsening data security landscape. The report also highlighted the challenges and complexities … Read more
December 8, 2023 at 12:20PM Insider threats using privilege escalation flaws are on the rise, with 55% of incidents relying on privilege escalation exploits and 45% introducing risks through downloading risky tools. Crowdstrike reports that insider attacks cost an average of $648,000 for malicious and $485,000 for non-malicious incidents. Additionally, introducing flaws into networks increases … Read more
December 7, 2023 at 10:42PM Facebook Messenger now defaults to end-to-end encryption, ensuring only the sender and recipient can read messages, not even Meta itself. Key Takeaways from Meeting: 1. End-to-End Encryption has been implemented in Facebook Messenger as a default feature. 2. As a result of this encryption, messages can only be read by … Read more
December 7, 2023 at 07:46AM Over 22,000 patients’ data were exposed by Cambridge University Hospitals NHS Foundation Trust due to errors responding to Freedom of Information requests. Maternity and cancer patient details were inadvertently revealed. The Trust has since audited past FoI responses, improved data security measures, and is cooperating with the ICO. Meeting Takeaways: … Read more
December 6, 2023 at 06:22PM DTEX Systems has appointed cybersecurity veteran Marshall Heilman as CEO to enhance its insider risk management and accelerate global growth. Heilman’s vast experience is set to strengthen the company’s proactive approach to preventing data loss amid an increasing demand for its InTERCEPT™ platform and expansion in critical industries. **Meeting Takeaways:** … Read more
December 6, 2023 at 11:18AM Edge security challenges are escalating as more functions decentralize, increasing the attack surface at network edges. Sectors like healthcare and energy lack dedicated IT security, risking severe breaches. Dell’s webinar tackles this with a Zero Trust strategy, promoting constant verification and automated protection through its NativeEdge platform. Meeting Takeaways: – … Read more
December 6, 2023 at 06:54AM Browser extensions present high-risk vectors for cyber-attacks, exploiting users’ trust through three types: initially malicious, compromised, and risky due to excessive permissions. The LayerX report highlights this threat and recommends vigilance in installation methods and identifying signs of potential harm, emphasizing the need for educated choices and robust security protocols … Read more