The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Friday Five: 1/4 Edition

by Chris Brook on Monday January 7, 2019

Contact Us
Free Demo
Chat

Brazil gets a data protection authority, hacking Face ID, and how CIOs are getting ready for 2019's challenges - catch up with the week's infosec news with this roundup!

1. Hackers hijack thousands of Chromecasts to warn of latest security bug by Zack Whittaker

Perhaps the biggest news this week – a fairly quiet one on the infosec front, especially compared to last January’s Meltdown/Spectre bonanza) – was that legions of Chromecast users had their devices taken over to highlight a flaw in Google's Chromecast and the router it connects to. Google told reporters the issue technically stemmed from router settings that make internet of things devices available to the public. It's apparently a years old issue, first being found in 2014, then again in 2016.

Read more

2. Apple Phone Phishing Scams Getting Better by Brian Krebs

Krebs has news on a nifty new Apple phishing scam that tricks users into thinking the company is actually calling them. Not only does the call display Apple's logo, agddress, and legitimate Apple phone number, the call also gets indexed in the iPhone's recent calls list as coming from the legitimate Apple Support line. As Krebs notes the fascinating thing here is that Apple devices can't differentiate calls from Apple from calls trying to impersonate the tech company. While a well-informed person may think twice about picking up or calling back – why would Apple be calling you in the first place? – some may be none the wiser.

Read more

3. Brazilian government to create data protection authority  by Angelica Mari

Brazil will indeed gets its own data protection authority. According to Angelica Mari, reporting for ZDNet, a provisional measure calling for the creation of a "National Authority for Personal Data Protection" was released last Friday. There was temporarily cause for concern earlier this summer when Brazilian President Michel Temer vetoed a provision of the country's General Data Privacy Law, signed in August, that would establish an independent data protection authority. Ultimately an authority had to created in order to implement the new legislation though and an executive order filed by Temer, shortly before the end of his term, will do this.

Read more

4. Cyber Researcher Pulls Public Talk on Hacking Apple's Face ID by Reuters' Jim Finkle, Stephen Nellis

Interesting news here via Reuters via the New York Times on a cybersecurity researcher who was scheduled to present research on cracking Apple's Face ID but who canceled it at the request of his employer. According to the report a China-based researcher was slated to present his research at Black Hat Asia in a few months but canceled the talk at the behest of Ant Financial, his employer, likely because the company's Alipay payment system is compatible with Face ID. If legitimate the research could cast a pall over Face ID, biometric technology that's used on tens of millions of iPhones worldwide.

Read more

5. Good Privacy Requires Tech, Cultural Change by Kim S. Nash

The Wall Street Journal's Kim S. Nash checks in with CIOs on how to best combat privacy/cybersecurity concerns in 2019. It’s worth reading the article, linked below, to see what each company is doing to lay the groundwork. The gist? Organizations will need to be more transparent about what they're doing with users' data, keep ahead of emerging threats, and comply with evolving regulations in the New Year.

Read more

Tags: Data Protection, Phishing, Data Privacy, Vulnerabilities

Recommended Resources


  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives
  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.