Privacy & Regulatory Considerations in Enterprise Blockchain

Posted on April 6th, 2019 by Responsible Cyber

People who understand information governance, privacy, and security should be active participants on the distributed ledger technology implementation team to ensure success. Blockchain, or distributed ledger technology (DLT), is estimated by Gartner to create $3.1 trillion of business value by 2030, yet many organizations lack a clear understanding of its applications, the risks and benefits […]

Read More

Medtronic’s Implantable Defibrillators Vulnerable to Life-Threatening Hacks

Posted on March 24th, 2019 by Responsible Cyber

The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk.Cardioverter Defibrillator is a small surgically implanted device (in patients’ chests) that gives a patient’s heart an […]

Read More

Autism, Cybercrime, and Security’s Skill Struggle

Posted on March 14th, 2019 by Responsible Cyber

People on the autism spectrum often possess traits that could help them succeed in cybersecurity – providing they don’t fall into cybercrime first. Many cybercriminals aren’t diagnosed with autism until they enter the criminal justice system – and the same traits that lead them toward digital crime could potentially help them fight it. Rebecca Ledingham, […]

Read More

MyEquifax.com Bypasses Credit Freeze PIN — Krebs on Security

Posted on March 14th, 2019 by Responsible Cyber

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may be simple for identity thieves […]

Read More

Dow Jones Leak Exposes Watchlist Database

Posted on March 1st, 2019 by Responsible Cyber

The Watchlist, which contained the identities of government officials, politicians, and people of political interest, is used to identify risk when researching someone. A data leak at Dow Jones exposed the financial firm’s Watchlist database, which contains information on high-risk individuals and was left on a server sans password. Watchlist is used by major global […]

Read More

US House and Senate debate new data privacy law

Posted on February 28th, 2019 by Responsible Cyber

by Lisa Vaas Most people in the US – 91%, according to the Pew Research Center – feel they’ve lost control over their data. Lawmakers feel your pain, citizens. They’re not interested in hearing your thoughts, though. This week, both the House and the Senate are holding hearings on privacy legislation, transparency about how data […]

Read More

Creating a Security Culture & Solving the Human Problem

Posted on January 30th, 2019 by Responsible Cyber

People are the biggest weakness to security breaches; people can also be your organization’s biggest defense. Through nearly a dozen years of experience at the FBI and now at Qualtrics, I’ve seen that many of the most successful hackers no longer first look for software vulnerabilities. They’re coming after your people. The reason is simple: […]

Read More

Thieves’ names and descriptions made public on B&Q database

Posted on January 30th, 2019 by Responsible Cyber

by Danny Bradbury When people find unsecured Elasticsearch databases online, they often contain sensitive customer information. Not so with UK-based DIY giant B&Q, which reportedly suffered its own breach this week. Instead of customer data, an exposed Elasticsearch instance gave up information on around 70,000 shoplifters, according to Australian security researcher Lee Johnstone. The exposed […]

Read More

Apple Phone Phishing Scams Getting Better — Krebs on Security

Posted on January 30th, 2019 by Responsible Cyber

A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people. It starts with an automated call that display’s Apple’s logo, address and real phone number, warning about a data breach at the company. The scary part is that if the recipient is an iPhone user who then requests […]

Read More

Courts Hand Down Hard Jail Time for DDoS — Krebs on Security

Posted on January 30th, 2019 by Responsible Cyber

Seldom do people responsible for launching crippling cyberattacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes. On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014. […]

Read More