Information Commissioner's Office Reports On Big Data And Privacy
The Information Commissioner’s Office (ICO) has today released a new report that considers how big data will operate within existing data protection laws which ensure that personal information is: Fairly and lawfully processed Processed for limited purposes Adequate, relevant and not excessive Accurate and up to date Not kept for longer than is necessary Processed […]
MailPoet Update Goes Unnoticed, Up To 50,000 Websites Compromised So Far
Users of the popular MailPoet plugin for WordPress are being urged to update it after it was revealed that up to 50,000 websites may have been compromised. As I reported at the beginning of June, the vulnerability in MailPoet allows attackers to remotely upload files to a website without the need for authentication. MailPoet released […]
Advanced Fee Fraud Now Plagued By RATs
From: The Boys from Lagos, Somewhere entirely different to where they claim, Dear Sir, I am writting to you in respect of your recent attempt to settle the modalities concerning your quatation for Iran May Order (see attachment). As you will know doubt see, there has been a problem with the Randam Access Tables (RAT) in […]
Irish Data Protection Commissioner Shuts Down Government Genealogy Website Over Data Fears
The Irish government closed its genealogy website on Friday after Billy Hawkes, the Data Protection Commissioner, said that the availability of citizens’ data on the site presented “obvious risks”, including the potential for identity theft. The site – IrishGenealogy.ie – created by the Department of Arts, Heritage and the Gaeltacht, gave people who had been either […]
The First Rule Of Data Breach Response Is…
I would like to think that the first thing any company would do in the wake of a data breach is to crack open its incident response plan and start following through a well planned strategy that had been formulated long in advance of the breach actually occurring. Whilst maybe not being the first priority, I would also like […]
Who Fines Who: Information Commissioner's Office Breached
If asked how likely it is that an organisation will be breached it may not be unreasonable to reply along the lines of “it’s not so much if but when.” And that is something the UK’s Information Commissioner’s Office (ICO) can certainly attest to as it becomes clear that it experienced its own breach in the […]
Are We The Architects Of Our Own Insecurity?
Its a well known fact that people men are obsessed with something. (Note to self: make that two things but don’t mention the first). Go to any shopping centre on a Saturday and you’ll notice all manner of sideways glances, secret peeks and longing stares as men of all ages centre their attention on anything […]
Rogue SSL Certs – Microsoft Issues Out-Of-Band Patch
Microsoft has issued an emergency security update – “Improperly Issued Digital Certificates Could Allow Spoofing” – just two days after its regular monthly Patch Tuesday release cycle in order to address forged security certificates that could have been used to spoof Google and Yahoo websites. The forged certificates had been generated by India’s National Informatics […]
1 In 5 Organisations Have Experienced An APT Attack
“Advanced persistent threat (APT) is a term that has been used frequently in the course of security threat discussions; however, confusion exists as to what an APT is and how to manage the risk associated with it. Although the study reveals that a large number of respondents feel that APTs are a significant threat and have […]
Is Privacy Now The Preserve Of The Rich, Famous And Scandalous?
Article 8 of the Human Rights Act 1998 says (emphasis mine): Everyone has the right to respect for his private and family life, his home and his correspondence. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary […]