Category Archives for "Security"

Commission launches consultation on ENISA

European Commission has launched public consultation on the evaluation and review of the European Union Agency for Network and Information Security (ENISA, whose current mandate will come to an end in 2020). ENISA is the Agency of the European Union tasked with contributing to the enhancement of the overall level of cybersecurity of the EU and its Member States.

The European Commission wants all interested stakeholders to share their views on ENISA’s past performances, as well as on a possible revision of its mandate in view of new challenges the EU faces in the cybersecurity field.

The consultation is open until 12 April 2017.

More information

Irish Data Protection Commissioner to examine Yahoo

Ireland’s Data Protection Commissioner is stepping up its examination of the Yahoo Inc. data breach and is awaiting information from Yahoo regarding allegations on scanning of users’ emails for US government.

In September Yahoo confessed that in 2014 hackers had stolen the data of 500 million users. But just month later Yahoo was accused in using software checking millions of emails for specific information related to national security.

Read more: Irish data regulator steps up Yahoo hack probe, waits on email scanning

UK government breached personal data security 9,000 times in a year, watchdog reveals

UK’s National Audit Office (NAO) has found that government has breached personal data security nearly 9,000 times in a year. Most of breaches – about 6,000 – are on HMRC.

NAO found that 17 largest departments recorded 8,995 data breaches in years 2014-2015, but reported to the Information Commissioner (ICO) only 14 incidents. Although not all incidents shall be reported to ICO, NAO observed that lack of detail in the self-reporting data means it is not possible to determine how significant any of unreported breaches was.

Full story

The Shadow Brokers publish NSA spy tools

A hackers group that calls itself the Shadow Brokers recently published on web and made accessible to everyone sophisticated hacking and surveillance tools. They claim that those tools come come from breach of NSA.

Released hacking tools exploit vulnerabilities in software that the vendor doesn’t know about (so called “zero day vulnerabilities”) and thus haven’t fixed – making everyone using this software a potential target. Published tools revel that United States government has been hacking for decades without big attention.

Full story

Spotify forces users change their passwords – because other companies keep getting hacked

Spotify is making some users reset their passwords and the reason is – other websites keep getting hacked. There have been numerous huge data breaches affecting tens of millions of users.

Situation is even worse because of the fact that many people re-use their passwords across many services. So breach of one service where password was re-used compromises other sites and services as login details obtained on one service can be used to gain illicit access to accounts on other services and websites.

Therefore Spotify is forcing users whose details were exposed in some of these previous breaches to change their passwords.

Full stoy

DoJ is trying to predict how terrorists will use the Internet of Things

It is estimated that by year 2020 there will be anywhere up to 50 billion internet-connected devices and 20% of them will be cars and or trucks. Such rapid explosion of use of connected devices explodes comes with security risks. Therefore US Department of Justice, together with other agencies, is evaluating and trying to predict those risks before they come into reality.

Full story

Privacy expert’s tips for preventing visual hacking

“Visual hacking” is spying on physical items: like overlooking someone’s computer or mobile screen, desk, paper documents. These attacks are hard to notice and detect when it does happen. Kate Borten of the Visual Privacy Advisory Council shares her tips on how to secure against visual hacking.

Full article

>