Light Dark
January 27, 2020 By David Bisson 3 min read

Last week in security news, a survey found that data protection regulators have thus far imposed 114 million euros in fines for a variety of General Data Protection Regulation (GDPR) infringements including data breaches. The security community also witnessed established malware families like TrickBot and FTCODE add new functionality to expand the efficacy of their attack efforts. Finally, Microsoft announced its intention to fix an Internet Explorer vulnerability under active exploitation by attackers.

Top Story of the Week: GDPR Infringements Earn Organizations €114M in Penalties

In its GDPR Data Breach Survey, DLA Piper announced that regulators had fined organizations a total of 114 million euros (about $126 million) for violating the standard. France, Germany and Austria accounted for the highest values of fines imposed by regulators at 51 million euros, 24.5 million euros and 18 million euros, respectively. Meanwhile, The Netherlands and Germany topped the rankings of the greatest number of data breaches reported to regulators at 40,647 and 37,636 individual data security events.

DLA Piper’s survey found that data protection regulators had received more than 160,000 data breach notifications between May 25, 2018 and January 2020. Those notices originated from 28 European Union member states along with Norway, Iceland and Liechtenstein.

Source: iStock

Also in Security News

  • Multi-Year Cryptomining Campaign Attributed to Vivin Threat Actor: In November 2019, Cisco Talos first began linking malware samples engaged in dropping cryptocurrency miners to the same threat actor. Security researchers further investigated the threat actor, internally tracked as Vivin, and discovered that it had been using cryptomining techniques since 2017.
  • UAC Bypass Leveraged by TrickBot to Infect Windows 10 Users: As reported by Bleeping Computer, a security researcher observed a new sample of TrickBot analyzing a machine’s OS upon execution. The malware then used the Fodhelper UAC bypass on a machine running Windows 10, thereby allowing it to proceed with its infection chain without alerting users.
  • Some Insurers Considering Changes to Ransomware Coverage: According to Reuters, some digital insurers are considering making changes to the way in which they cover ransomware attacks. Some are planning on raising their rates, for instance, while others are thinking of restructuring their ransomware coverage as coinsurance plans with their customers.
  • Microsoft Confirms Attackers Are Exploiting Internet Explorer Flaw: TechCrunch spoke with Microsoft and confirmed that the tech giant is aware of ongoing attacks involving CVE-2020-0674, a security flaw affecting Internet Explorer. Microsoft went on to say that it was working on a fix but that it was unlikely to release it before its February 2020 Patch Tuesday.
  • Steganography and Traffic-Filtering Employed by Browser Locker Campaign: In December 2019, Malwarebytes demystified the propagation mechanism employed by a long-elusive browser locker (browlock) campaign. Researchers specifically found that malicious actors had designed their campaign to use targeted traffic-filtering techniques along with steganography.
  • FTCODE Ransomware Adds Info-Stealing Functionality: Researchers at Zscaler came across a new sample of FTCODE and observed the ransomware attempting to steal information from several web browsers and email clients. This functionality was unique to the target of FTCODE’s information-stealing efforts.
  • Nearly 30 Percent of macOS Malware Detections Attributed to Shlayer Trojan: Between January 2019 and November 2019, one-tenth of the macOS security solutions employed by Kaspersky Lab detected the Shlayer Trojan at least once. That piece of malware also accounted for almost 30 percent of infections spotted by Kaspersky’s tools across the macOS platform.

Security Tip of the Week: Step Up Your Data Protection Efforts

Security professionals can help bolster data protection efforts by investing in artificial intelligence (AI)-driven solutions and automated monitoring tools to gain visibility into their data. They can then use this visibility to monitor for potential access attempts and protect critical information.

These processes should reflect an organization’s data discovery and classification efforts. Infosec personnel can use the location and value of their data assets to prioritize the protection of their organization’s information.

 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  | 
David Bisson
Contributing Editor

More from

April 18, 2024

Unpacking the NIST cybersecurity framework 2.0

4 min read - The NIST cybersecurity framework (CSF) helps organizations improve risk management using common language that focuses on business drivers to enhance cybersecurity.NIST CSF 1.0 was released in February 2014, and version 1.1 in April 2018. In February 2024, NIST released its newest CSF iteration: 2.0. The journey to CSF 2.0 began with a request for information (RFI) in February 2022. Over the next two years, NIST engaged the cybersecurity community through analysis, workshops, comments and draft revision to refine existing standards…

April 17, 2024

What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?

3 min read - The IBM X-Force 2024 Threat Intelligence Index has been released. The headlines are in and among them are the fact that a global identity crisis is emerging. X-Force noted a 71% increase year-to-year in attacks using valid credentials.In this blog post, I’ll explore three cybersecurity recommendations from the Threat Intelligence Index, and define a checklist your Security Operations Center (SOC) should consider as you help your organization manage identity risk.The report identified six action items:Remove identity silosReduce the risk of…

April 16, 2024

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature