Experts suggest using multifactor authentication and telling your bank to put extra security checks in place Follow our Australia news live blog for the latest updates Get our morning and afternoon news emails, free app or daily news podcast Millions of Medibank’s current and former customers have had …

I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a …

Techniques which allow the sharing of data whilst keeping it secure may revolutionise fields from healthcare to law enforcement Rachel is a student at a US university who was sexually assaulted on campus. She decided against reporting it ( fewer than 10% of survivors do). What she did, however, was …

Experts suggest using multifactor authentication and telling your bank to put extra security checks in place Follow our Australia news live blog for the latest updates Get our morning and afternoon news emails, free app or daily news podcast Millions of Medibank’s current and former customers have had …

Watchdog says phishing email enabled hackers to steal personal information of 113,000 employees Britain’s data watchdog has fined the construction group Interserve £4.4m after a cyber-attack that enabled hackers to steal the personal and financial information of up to 113,000 employees. The attack occurred when …

Attorney general Mark Dreyfus says the FBI is working with local authorities to investigate the Optus data breach. 'The government, as well as the Australian federal police and other government agencies, are working closely together on the Optus data breach,' he said. 'The Australian federal police is taking this …

Sometimes browser spellcheckers leak passwords : When using major web browsers like Chrome and Edge, your form data is transmitted to Google and Microsoft, respectively, should enhanced spellcheck features be enabled. Depending on the website you visit, the form data may itself include PII­—including but not limited to Social …

AWS is excited to announce the launch of the AWS Wickr ATAK Plugin, which makes it easier for ATAK users to maintain secure communications. The Android Team Awareness Kit (ATAK)—also known as Android Tactical Assault Kit for military use—is a smartphone geospatial infrastructure and situational awareness application …

Attack being investigated for potential data theft as experts warn criminals could use stolen details as leverage A ransomware attack on an NHS software supplier last week is being investigated for potential theft of patient data, as experts warned that criminals could use personal information as leverage in negotiations …

Personal information allegedly taken from Shanghai police database would be one of biggest data breaches in history A hacker has claimed to have stolen the personal information of 1 billion Chinese citizens from a Shanghai police database, in what would amount to one of the biggest data breaches in …

OpenSea tells customers and subscribers not to open emails and files ‘sent by strangers’ after revealing breach The world’s biggest marketplace for non-fungible tokens (NFTs) has warned its users to be on the alert for email phishing attacks following a massive data leak. OpenSea, where traders exchange the …

AWS is pleased to announce that Wickr for Government (WickrGov) has achieved Federal Risk and Authorization Management Program (FedRAMP) Ready status at the Moderate Impact Level, and is actively working toward FedRAMP Authorized status. FedRAMP is a US government-wide program that promotes the adoption of secure cloud services across …

Register now with discount code SALUZwmdkJJ to get $150 off your full conference pass to AWS re:Inforce. For a limited time only and while supplies last. Today we want to tell you about some of the engaging data protection and privacy sessions planned for AWS re:Inforce. AWS …

I’d like to personally invite you to attend the Amazon Web Services (AWS) security conference, AWS re:Inforce 2022, in Boston, MA on July 26–27. This event offers interactive educational content to address your security, compliance, privacy, and identity management needs. Join security experts, customers, leaders, and …

For your sensitive data on AWS, you should implement security controls, including identity and access management, infrastructure security, and data protection. Amazon Web Services (AWS) recommends that you set up multiple accounts as your workloads grow to isolate applications and data that have specific security requirements. AWS tools can …

A new International Data Corporation (IDC) whitepaper sponsored by AWS, Trusted Cloud: Overcoming the Tension Between Data Sovereignty and Accelerated Digital Transformation, examines the importance of the cloud in building the future of digital EU organizations. IDC predicts that 70% of CEOs of large European organizations will be incentivized …

Private contractor running service sent email to applicants containing more than 170 email addresses The Home Office’s visa service has apologised for a data breach in which the email addresses of more than 170 people were mistakenly copied into an email circulated last week. More than 170 email …

With KP Snacks the latest cyber-attack victim, firms must learn to defend themselves against a mounting menace The January snow lay thick on the Moscow ground, as masked officers of the FSB – Russia’s fearsome security agency – prepared to smash down the doors at one of 25 addresses they …

French version German version I’m happy to announce that AWS has declared 52 services under the Cloud Infrastructure Service Providers Europe Data Protection Code of Conduct (CISPE Code). This provides an independent verification and an added level of assurance to our customers that our cloud services can be …

Log4j is being exploited by all sorts of attackers, all over the Internet: At that point it was reported that there were over 100 attempts to exploit the vulnerability every minute. “Since we started to implement our protection we prevented over 1,272,000 attempts to allocate the vulnerability …

Launching an application in AWS Elastic Beanstalk is straightforward. You define a name for your application, select the platform you want to run it on (for example, Ruby), and upload the source code. The default Elastic Beanstalk configuration is intended to be a starting point which prioritizes simplicity and …

Regulator says safety of hundreds of individuals was jeopardised after their addresses were posted online The Cabinet Office has been fined £500,000 by the UK’s data watchdog after the postal addresses of the 2020 New Year honours recipients were disclosed online. The Information Commissioner’s Office (ICO …

AWS recently released the Ransomware Risk Management on AWS Using the NIST Cyber Security Framework (CSF) whitepaper. This whitepaper aligns the National Institute of Standards and Technology (NIST) recommendations for security controls that are related to ransomware risk management, for workloads built on AWS. The whitepaper maps the technical …

After being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.” [...]

Ministers considering bringing punishment in line with GDPR, which can issue fine of up to £17.5m Multimillion-pound fines could be imposed for nuisance or fraudulent calls and texts under a proposed overhaul of the UK’s data rules. Companies behind nuisance communications can be fined £500,000 by …