Official: Russian-owned company attempted Ohio election hack (Associated Press) November 27th
Ohio detected and thwarted an election-related cyber attack earlier this month, the state’s elections chief said. The “relatively unsophisticated” hacking attempt on Nov. 5, 2019, originated in Panama but was traced to a Russian-owned company.
Palo Alto Networks hit by data leak (Techradar) November 28th
The cybersecurity firm Palo Alto Networks has admitted that it suffered a data breach which resulted in the personal data of both past and current employees being leaked online.
Millions of SMS messages exposed in database security lapse (TechCrunch) December 1st
The database stored years of sent and received text messages from its customers and processed by TrueDialog. But because the database was left unprotected on the internet without a password, none of the data was encrypted and anyone could look inside.
Vulnerabilities & Exploits
How Bluetooth can be an attack gateway (Techradar) November 26th
Sophisticated hackers with sinister intent have exploited several Bluetooth flaws to steal data or install malware, whether that be via Bluetooth chips, targeting mobile devices or even navigating through car entertainment systems.
Although the CCPA enforcement deadline has passed, we found that possibly over 70% of orgs might not have started with their CCPA compliance programs. We detail the current state of CCPA compliance and 3 steps organizations lagging need to take in order to strategize their path to compliance.
Financial services businesses can use DLP to eliminate the risk of data exfiltration and boost their overall security strategy. Learn what the different types of PII are, what’s really at stake when this data is at risk, and how laws only do some of the work needed to keep data safe.
Maynard Webb, a Nightfall investor, tech veteran, and industry thought leader recently joined us for a discussion. We talk about how his early career shaped his values and perspective, what motivated him to write his New York Times bestseller, Rebooting Work, as well as how the coronavirus will reboot the tech industry.
It's impossible to understand cloud security without first understanding the shared responsibility model. First touted by AWS, the shared responsibility model is now a staple of many services and the best way of understanding on which parties specific security obigations lie.