SASKATOON—The City of Saskatoon says it has lost $1 million in an online scam. City manager Jeff Jorgenson says a fraudster electronically impersonated the chief financial officer of a construction company that has a contract with the city. He says the culprit asked to have a payment sent to a new bank account and the city complied. Jorgenson says the city is reviewing its financial More »
The use of facial recognition, iris recognition or fingerprints — referred to as Biometric authentication; is seen by many experts as the savior of security by allowing organizations to do away with passwords. However, on Wednesday August privacy researchers discovered a large bank of unprotected biometric, password and other personal data open on the internet. The data, which belong to the BioStar 2 identity and access More »
In the run-up to the Tokyo Olympics next year, the sponsors are speeding up preparations to counter cyberattacks. Hackers hampered the two previous Olympics, taking down a state government website at the Rio Games in 2016 and triggering system failures just before the opening ceremony for the 2018 Pyeongchang Winter Games in South Korea, making it impossible for spectators to print tickets. At a meeting More »
Posting wonderful events about your job on Facebook, Twitter and other social media sites may be great for your friends and relatives, but if you don’t lock down your privacy settings these snippets are also great for hackers. Proof comes from a recent blog on the site Fast Company by Stephanie Carruthers who works for an IBM team hired to test the cyber security of companies. You More »
The bad guys are now exploiting news of the CapitalOne breach to push a malicious backdoor trojan via a phishing email purporting to offer a Windows Security Update. See the attached example email. Clicking the link in that email downloads a file named KB3085604.exe — obviously named to resemble Microsoft patch files and security updates. The phishing email itself spoofs the targeted those working in organizations that occasionally ask More »
A fourth U.S. city is getting ready to ban local government from using facial recognition technology. The city of Cambridge, Massachusetts, is considering an order that will require the city council’s approval prior to the acquisition or deployment of certain surveillance tech. This includes facial recognition. Gizmodo reports. Councillors feel this helps bring the city closer to banning the use of the tech altogether. The news More »
Capital One Financial Corp announced Monday that the FBI has arrested an alleged hacker who accessed the personal information of as many as 6 million people in Canada and 100 million people in the United States. For Canadians, the hack compromised 1 million social insurance numbers (SIN). The information exposed in the hack was largely linked to consumers and small businesses that applied for Capital One credit card More »
The UK Information Commissioner’s Office (ICO) issued the European General Data Protection Regulation (GDPR) fine against Marriott as the result of a major security breach in 2018 that resulted in more than 339 million guest records being exposed. The $123 million GDPR fine is approximately 3 percent of the company’s $3.6 billion in global annual revenue. The maximum fine under the GDPR rules can now More »
Fines continue to be levied for data breaches across the planet, and a $700 million settlement from credit-reporting company Equifax has been trending on Google News. It is the largest settlement related to a data breach that we have ever seen. Equifax experienced a major data breach in 2017, which exposed the private information of around 147 million customers. As part of the settlement, Equifax More »
As a penetration tester Joshua Crumbaugh, who now heads the Alabama-based security awareness training firm PeopleSec, says employees are the real block to improving digital security. “I would argue 100 per cent of breaches are the result of people,” he told the International Cyber Security and Intelligence Conference Wednesday. In fact in an interview he argued the overwhelming amount of an organization’s cyber spending should go to More »