Light Dark
January 27, 2020 By David Bisson 3 min read

Last week in security news, a survey found that data protection regulators have thus far imposed 114 million euros in fines for a variety of General Data Protection Regulation (GDPR) infringements including data breaches. The security community also witnessed established malware families like TrickBot and FTCODE add new functionality to expand the efficacy of their attack efforts. Finally, Microsoft announced its intention to fix an Internet Explorer vulnerability under active exploitation by attackers.

Top Story of the Week: GDPR Infringements Earn Organizations €114M in Penalties

In its GDPR Data Breach Survey, DLA Piper announced that regulators had fined organizations a total of 114 million euros (about $126 million) for violating the standard. France, Germany and Austria accounted for the highest values of fines imposed by regulators at 51 million euros, 24.5 million euros and 18 million euros, respectively. Meanwhile, The Netherlands and Germany topped the rankings of the greatest number of data breaches reported to regulators at 40,647 and 37,636 individual data security events.

DLA Piper’s survey found that data protection regulators had received more than 160,000 data breach notifications between May 25, 2018 and January 2020. Those notices originated from 28 European Union member states along with Norway, Iceland and Liechtenstein.

Source: iStock

Also in Security News

  • Multi-Year Cryptomining Campaign Attributed to Vivin Threat Actor: In November 2019, Cisco Talos first began linking malware samples engaged in dropping cryptocurrency miners to the same threat actor. Security researchers further investigated the threat actor, internally tracked as Vivin, and discovered that it had been using cryptomining techniques since 2017.
  • UAC Bypass Leveraged by TrickBot to Infect Windows 10 Users: As reported by Bleeping Computer, a security researcher observed a new sample of TrickBot analyzing a machine’s OS upon execution. The malware then used the Fodhelper UAC bypass on a machine running Windows 10, thereby allowing it to proceed with its infection chain without alerting users.
  • Some Insurers Considering Changes to Ransomware Coverage: According to Reuters, some digital insurers are considering making changes to the way in which they cover ransomware attacks. Some are planning on raising their rates, for instance, while others are thinking of restructuring their ransomware coverage as coinsurance plans with their customers.
  • Microsoft Confirms Attackers Are Exploiting Internet Explorer Flaw: TechCrunch spoke with Microsoft and confirmed that the tech giant is aware of ongoing attacks involving CVE-2020-0674, a security flaw affecting Internet Explorer. Microsoft went on to say that it was working on a fix but that it was unlikely to release it before its February 2020 Patch Tuesday.
  • Steganography and Traffic-Filtering Employed by Browser Locker Campaign: In December 2019, Malwarebytes demystified the propagation mechanism employed by a long-elusive browser locker (browlock) campaign. Researchers specifically found that malicious actors had designed their campaign to use targeted traffic-filtering techniques along with steganography.
  • FTCODE Ransomware Adds Info-Stealing Functionality: Researchers at Zscaler came across a new sample of FTCODE and observed the ransomware attempting to steal information from several web browsers and email clients. This functionality was unique to the target of FTCODE’s information-stealing efforts.
  • Nearly 30 Percent of macOS Malware Detections Attributed to Shlayer Trojan: Between January 2019 and November 2019, one-tenth of the macOS security solutions employed by Kaspersky Lab detected the Shlayer Trojan at least once. That piece of malware also accounted for almost 30 percent of infections spotted by Kaspersky’s tools across the macOS platform.

Security Tip of the Week: Step Up Your Data Protection Efforts

Security professionals can help bolster data protection efforts by investing in artificial intelligence (AI)-driven solutions and automated monitoring tools to gain visibility into their data. They can then use this visibility to monitor for potential access attempts and protect critical information.

These processes should reflect an organization’s data discovery and classification efforts. Infosec personnel can use the location and value of their data assets to prioritize the protection of their organization’s information.

 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  | 
David Bisson
Contributing Editor

More from

May 2, 2024

A spotlight on Akira ransomware from X-Force Incident Response and Threat Intelligence

7 min read - This article was made possible thanks to contributions from Aaron Gdanski.IBM X-Force Incident Response and Threat Intelligence teams have investigated several Akira ransomware attacks since this threat actor group emerged in March 2023. This blog will share X-Force’s unique perspective on Akira gained while observing the threat actors behind this ransomware, including commands used to deploy the ransomware, active exploitation of CVE-2023-20269 and analysis of the ransomware binary.The Akira ransomware group has gained notoriety in the current cybersecurity landscape, underscored…

May 1, 2024

New proposed federal data privacy law suggests big changes

3 min read - After years of work and unsuccessful attempts at legislation, a draft of a federal data privacy law was recently released. The United States House Committee on Energy and Commerce released the American Privacy Rights Act on April 7, 2024. Several issues stood in the way of passing legislation in the past, such as whether states could issue tougher rules and if individuals could sue companies for privacy violations. With the American Privacy Rights Act of 2024, the U.S. government established…

April 30, 2024

AI cybersecurity solutions detect ransomware in under 60 seconds

2 min read - Worried about ransomware? If so, it’s not surprising. According to the World Economic Forum, for large cyber losses (€1 million+), the number of cases in which data is exfiltrated is increasing, doubling from 40% in 2019 to almost 80% in 2022. And more recent activity is tracking even higher.Meanwhile, other dangers are appearing on the horizon. For example, the 2024 IBM X-Force Threat Intelligence Index states that threat group investment is increasingly focused on generative AI attack tools.Criminals have been…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature