The FBI has sent a security alert to the US private sector about an ongoing hacking campaign that’s targeting supply chain software providers. The FBI says hackers are attempting to infect companies with the Kwampirs malware, a remote access trojan (RAT). ZDNet reports.
ElevenPaths, Telefonica’s Cybersecurity Unit, recently released a new report that summarizes the latest cybersecurity insights from the second half of 2019 — covering everything from relevant incidents and vulnerabilities to cyber risk ratings by sector. The information presented is mostly based on the collection and synthesis of internal data that has been contrasted with public information from high-quality sources, including BitSight Security Ratings. Read more.
Researchers at Check Point have demonstrated how a vulnerability found in Philips Hue smart lightbulbs could allow intruders to infiltrate networks, highlighting the increasing risk from the prevalance of IoT devices in the home, office and workplace.
Shared Assessments Senior VP & CSO Brad Keller looks at the depth of operational impact new data privacy regulations will have on companies & their third parties. Read on…
Third-Party breaches & cyber supply chain issues that caught our eye
The Norwegian DPA also imposed an administrative fine of €120,000 on the Municipality of Oslo, the Education Agency, as a result of poor security of processing in a mobile app. The app is used for communication between school employees, parents and pupils.
The fine was issued because the municipality had not implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk. The Municipality of Oslo did not appeal the decision.
Visit the European Data Protection Board notification website.
UK Councils are sharing information about users of their websites – including when they seek help with a benefit claim, or with a disability or alcoholism – with dozens of private companies. More than 400 local authorities allowed at least one third-party company to track individuals who visit their sites, an investigation has revealed.
The report highlights the risks to data privacy and data protection posed by Third-Party data collectors, ad servers and social plug-ins embedded in council websites.
NormShield Cybersecurity offers its run down of the major Third-Party data breaches and cyber hacks from across the globe over the last month.
Read on… if you dare
Learn more about how DVV Solutions Third Party risk managed services can help you achieve operational resilience and enhance oversight in your cyber supply chain.
