Irish Data Protection Commissioner Shuts Down Government Genealogy Website Over Data Fears
The Irish government closed its genealogy website on Friday after Billy Hawkes, the Data Protection Commissioner, said that the availability of citizens’ data on the site presented “obvious risks”, including the potential for identity theft. The site – IrishGenealogy.ie – created by the Department of Arts, Heritage and the Gaeltacht, gave people who had been either […]
The First Rule Of Data Breach Response Is…
I would like to think that the first thing any company would do in the wake of a data breach is to crack open its incident response plan and start following through a well planned strategy that had been formulated long in advance of the breach actually occurring. Whilst maybe not being the first priority, I would also like […]
Who Fines Who: Information Commissioner's Office Breached
If asked how likely it is that an organisation will be breached it may not be unreasonable to reply along the lines of “it’s not so much if but when.” And that is something the UK’s Information Commissioner’s Office (ICO) can certainly attest to as it becomes clear that it experienced its own breach in the […]
Are We The Architects Of Our Own Insecurity?
Its a well known fact that people men are obsessed with something. (Note to self: make that two things but don’t mention the first). Go to any shopping centre on a Saturday and you’ll notice all manner of sideways glances, secret peeks and longing stares as men of all ages centre their attention on anything […]
Rogue SSL Certs – Microsoft Issues Out-Of-Band Patch
Microsoft has issued an emergency security update – “Improperly Issued Digital Certificates Could Allow Spoofing” – just two days after its regular monthly Patch Tuesday release cycle in order to address forged security certificates that could have been used to spoof Google and Yahoo websites. The forged certificates had been generated by India’s National Informatics […]
1 In 5 Organisations Have Experienced An APT Attack
“Advanced persistent threat (APT) is a term that has been used frequently in the course of security threat discussions; however, confusion exists as to what an APT is and how to manage the risk associated with it. Although the study reveals that a large number of respondents feel that APTs are a significant threat and have […]
Is Privacy Now The Preserve Of The Rich, Famous And Scandalous?
Article 8 of the Human Rights Act 1998 says (emphasis mine): Everyone has the right to respect for his private and family life, his home and his correspondence. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary […]
Women In InfoSec – Why Are We Still Discussing It?
This afternoon I have been reading (with much interest) about the Women In Security panel discussion at Bsides Manchester. In a great write-up from Dr Jessica Barker, followed by a quick exchange on Twitter, I learned that only one woman submitted a paper for the event. Why is that I wondered? Of course we know […]
MailPoet Newsletters Plugin For WordPress Vulnerable, Update Available
If you have responsibility for a corporate blog (or run your own) and it runs on WordPress and has a newsletter then I would suggest that you check how your newsletters are handled. If you find that your blog relies upon MailPoet (a plugin that has been downloaded over 1.7 million times) then you need to be […]
Google Glass Didn't Kill The Video Star
Have you just splurged £1,000 on Google Glass? If so, you may be tempted to wear your expensive fashion faux pas everywhere in order to show off how much of a [insert appropriate adjective here] you really are. But one place you won’t be able to wear the headset is in your local cinema. The UK’s […]