January 27, 2020 By David Bisson 3 min read

Last week in security news, a survey found that data protection regulators have thus far imposed 114 million euros in fines for a variety of General Data Protection Regulation (GDPR) infringements including data breaches. The security community also witnessed established malware families like TrickBot and FTCODE add new functionality to expand the efficacy of their attack efforts. Finally, Microsoft announced its intention to fix an Internet Explorer vulnerability under active exploitation by attackers.

Top Story of the Week: GDPR Infringements Earn Organizations €114M in Penalties

In its GDPR Data Breach Survey, DLA Piper announced that regulators had fined organizations a total of 114 million euros (about $126 million) for violating the standard. France, Germany and Austria accounted for the highest values of fines imposed by regulators at 51 million euros, 24.5 million euros and 18 million euros, respectively. Meanwhile, The Netherlands and Germany topped the rankings of the greatest number of data breaches reported to regulators at 40,647 and 37,636 individual data security events.

DLA Piper’s survey found that data protection regulators had received more than 160,000 data breach notifications between May 25, 2018 and January 2020. Those notices originated from 28 European Union member states along with Norway, Iceland and Liechtenstein.

Source: iStock

Also in Security News

  • Multi-Year Cryptomining Campaign Attributed to Vivin Threat Actor: In November 2019, Cisco Talos first began linking malware samples engaged in dropping cryptocurrency miners to the same threat actor. Security researchers further investigated the threat actor, internally tracked as Vivin, and discovered that it had been using cryptomining techniques since 2017.
  • UAC Bypass Leveraged by TrickBot to Infect Windows 10 Users: As reported by Bleeping Computer, a security researcher observed a new sample of TrickBot analyzing a machine’s OS upon execution. The malware then used the Fodhelper UAC bypass on a machine running Windows 10, thereby allowing it to proceed with its infection chain without alerting users.
  • Some Insurers Considering Changes to Ransomware Coverage: According to Reuters, some digital insurers are considering making changes to the way in which they cover ransomware attacks. Some are planning on raising their rates, for instance, while others are thinking of restructuring their ransomware coverage as coinsurance plans with their customers.
  • Microsoft Confirms Attackers Are Exploiting Internet Explorer Flaw: TechCrunch spoke with Microsoft and confirmed that the tech giant is aware of ongoing attacks involving CVE-2020-0674, a security flaw affecting Internet Explorer. Microsoft went on to say that it was working on a fix but that it was unlikely to release it before its February 2020 Patch Tuesday.
  • Steganography and Traffic-Filtering Employed by Browser Locker Campaign: In December 2019, Malwarebytes demystified the propagation mechanism employed by a long-elusive browser locker (browlock) campaign. Researchers specifically found that malicious actors had designed their campaign to use targeted traffic-filtering techniques along with steganography.
  • FTCODE Ransomware Adds Info-Stealing Functionality: Researchers at Zscaler came across a new sample of FTCODE and observed the ransomware attempting to steal information from several web browsers and email clients. This functionality was unique to the target of FTCODE’s information-stealing efforts.
  • Nearly 30 Percent of macOS Malware Detections Attributed to Shlayer Trojan: Between January 2019 and November 2019, one-tenth of the macOS security solutions employed by Kaspersky Lab detected the Shlayer Trojan at least once. That piece of malware also accounted for almost 30 percent of infections spotted by Kaspersky’s tools across the macOS platform.

Security Tip of the Week: Step Up Your Data Protection Efforts

Security professionals can help bolster data protection efforts by investing in artificial intelligence (AI)-driven solutions and automated monitoring tools to gain visibility into their data. They can then use this visibility to monitor for potential access attempts and protect critical information.

These processes should reflect an organization’s data discovery and classification efforts. Infosec personnel can use the location and value of their data assets to prioritize the protection of their organization’s information.

More from

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

X-Force data reveals top spam trends, campaigns and senior superlatives in 2023

10 min read - The 2024 IBM X-Force Threat Intelligence Index revealed attackers continued to pivot to evade detection to deliver their malware in 2023. The good news? Security improvements, such as Microsoft blocking macro execution by default starting in 2022 and OneNote embedded files with potentially dangerous extensions by mid-2023, have changed the threat landscape for the better. Improved endpoint detection also likely forced attackers to shift away from other techniques prominent in 2022, such as using disk image files (e.g. ISO) and…

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today