January 27, 2020 By David Bisson 3 min read

Last week in security news, a survey found that data protection regulators have thus far imposed 114 million euros in fines for a variety of General Data Protection Regulation (GDPR) infringements including data breaches. The security community also witnessed established malware families like TrickBot and FTCODE add new functionality to expand the efficacy of their attack efforts. Finally, Microsoft announced its intention to fix an Internet Explorer vulnerability under active exploitation by attackers.

Top Story of the Week: GDPR Infringements Earn Organizations €114M in Penalties

In its GDPR Data Breach Survey, DLA Piper announced that regulators had fined organizations a total of 114 million euros (about $126 million) for violating the standard. France, Germany and Austria accounted for the highest values of fines imposed by regulators at 51 million euros, 24.5 million euros and 18 million euros, respectively. Meanwhile, The Netherlands and Germany topped the rankings of the greatest number of data breaches reported to regulators at 40,647 and 37,636 individual data security events.

DLA Piper’s survey found that data protection regulators had received more than 160,000 data breach notifications between May 25, 2018 and January 2020. Those notices originated from 28 European Union member states along with Norway, Iceland and Liechtenstein.

Source: iStock

Also in Security News

  • Multi-Year Cryptomining Campaign Attributed to Vivin Threat Actor: In November 2019, Cisco Talos first began linking malware samples engaged in dropping cryptocurrency miners to the same threat actor. Security researchers further investigated the threat actor, internally tracked as Vivin, and discovered that it had been using cryptomining techniques since 2017.
  • UAC Bypass Leveraged by TrickBot to Infect Windows 10 Users: As reported by Bleeping Computer, a security researcher observed a new sample of TrickBot analyzing a machine’s OS upon execution. The malware then used the Fodhelper UAC bypass on a machine running Windows 10, thereby allowing it to proceed with its infection chain without alerting users.
  • Some Insurers Considering Changes to Ransomware Coverage: According to Reuters, some digital insurers are considering making changes to the way in which they cover ransomware attacks. Some are planning on raising their rates, for instance, while others are thinking of restructuring their ransomware coverage as coinsurance plans with their customers.
  • Microsoft Confirms Attackers Are Exploiting Internet Explorer Flaw: TechCrunch spoke with Microsoft and confirmed that the tech giant is aware of ongoing attacks involving CVE-2020-0674, a security flaw affecting Internet Explorer. Microsoft went on to say that it was working on a fix but that it was unlikely to release it before its February 2020 Patch Tuesday.
  • Steganography and Traffic-Filtering Employed by Browser Locker Campaign: In December 2019, Malwarebytes demystified the propagation mechanism employed by a long-elusive browser locker (browlock) campaign. Researchers specifically found that malicious actors had designed their campaign to use targeted traffic-filtering techniques along with steganography.
  • FTCODE Ransomware Adds Info-Stealing Functionality: Researchers at Zscaler came across a new sample of FTCODE and observed the ransomware attempting to steal information from several web browsers and email clients. This functionality was unique to the target of FTCODE’s information-stealing efforts.
  • Nearly 30 Percent of macOS Malware Detections Attributed to Shlayer Trojan: Between January 2019 and November 2019, one-tenth of the macOS security solutions employed by Kaspersky Lab detected the Shlayer Trojan at least once. That piece of malware also accounted for almost 30 percent of infections spotted by Kaspersky’s tools across the macOS platform.

Security Tip of the Week: Step Up Your Data Protection Efforts

Security professionals can help bolster data protection efforts by investing in artificial intelligence (AI)-driven solutions and automated monitoring tools to gain visibility into their data. They can then use this visibility to monitor for potential access attempts and protect critical information.

These processes should reflect an organization’s data discovery and classification efforts. Infosec personnel can use the location and value of their data assets to prioritize the protection of their organization’s information.

More from

How I got started: Incident responder

3 min read - As a cybersecurity incident responder, life can go from chill to chaos in seconds. What is it about being an incident responder that makes people want to step up for this crucial cybersecurity role?With our How I Got Started series, we learn from experts in their field and find out how they got started and what advice they have for anyone looking to get into the field.In this Q&A, we spoke with IBM’s own Dave Bales, co-lead X-Force Incident Command…

Zero-day exploits underscore rising risks for internet-facing interfaces

3 min read - Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities demand attention from organizations globally.The surge in attacks on internet-facing management interfaces highlights an evolving threat landscape and necessitates rethinking how organizations secure critical assets.Who is exploiting the NGFW zero-day?As of now, little is known about the actors behind the…

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today