Cybersecurity

Israeli cybersecurity researchers have disclosed details about a new flaw impacting DNS protocol that can be exploited to launch amplified, large-scale distributed denial-of-service (DDoS) attacks to takedown targeted websites. Called NXNSAttack, the flaw hinges on the DNS delegation mechanism to force DNS resolvers to generate more DNS queries to authoritative…

With governments around the world making billions of dollars available for COVID-19 financial relief, criminals are making every effort to take advantage. That includes building phony official coronavirus relief templates for websites to trick victims into giving up sensitive personal information. Among the sites discovered by security vendor Proofpoint are…

The ETSI Security Week 2020 goes virtual! Many presentations that were to be given during the ETSI Security Week will be given virtually from 8 until 19 June. Thanks to the willingness and additional efforts of nearly 50 Programme Committee Members and Speakers, we are able to offer 14 different…

The CIO Strategy Council published a new National Standard of Canada for third-party access to data last week, news that quickly got buried after Sidewalk Labs announced it was pulling the plug on its smart city project in Toronto. And while the rest of the country argues over whether or…

Cybercriminals use all kinds of tricks to try to legitimize malicious websites, files, emails, and other content in hopes of trapping unsuspecting users. A new malware campaign analyzed by cybersecurity firm Malwarebytes employs a particularly deceptive strategy to empower credit card skimming attacks. In a card skimming campaign, hackers gain…

Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but…

Broadcast date: May 8, 2020 Time: 10:00–11:00 a.m. PT, 1:00–2:00 p.m. ET, 7:00–8:00 p.m. CET (can watch after broadcast date. FREE to IAPP Members. $149 US for non-members) When teleworking became the new normal nearly overnight, privacy and cybersecurity experts across the globe needed to tackle myriad unexpected privacy and…

Despite the threat of ransomware being at an all-time high, a recent report from cybersecurity firm Kaspersky says that 45 per cent of employees in the U.S and Canada wouldn’t know how to respond to a ransomware attack. Thirty-seven per cent don’t even know what it is. Ransomware, characterized by…

On any given day, CIOs are being asked to drive digital transformation, reduce costs, minimize risk, enable everyday efficiencies, deliver a great employee experience, and more. Handling these competing strategic and operational priorities requires a daily balancing act to produce results, align roadmaps and keep everything moving in the right…

Rising enterprise costs under CCPA The CCPA states that a consumer has the right to sue if their data is leaked during a breach and it is found that the company did not “implement and maintain reasonable security procedures and practices appropriate to the nature of the information.” This means…