Operations | Monitoring | ITSM | DevOps | Cloud

Data Breaches

Apple in 2018, now Tesla-who's next in the line of internal data leaks?

Recent allegations of an ex-Tesla employee syncing the Autopilot source code to his personal iCloud account is yet another classic case of how poor data security is, even in some of the most technologically advanced organizations. The Tesla leak isn’t even the first time that a data breach of such immense magnitude pertaining to self-driving technologies has occurred; in July 2018, an Apple employee was caught using AirDrop to transfer 40GB of confidential data to a personal PC.

How and When to Inform Website Users of a Data Breach

Data breaches don’t wait for a convenient time to strike. They sometimes take months to uncover. They are complicated beasts, but once you’ve uncovered them some complex rules kick in that determine when you need to report the breach. Reporting a breach can be a daunting prospect. You’ll need to make a public statement in most cases, you may need to report the breach, and there may be legal requirements.

Magecart Monthly: Record £183m fine for British Airways.

Read the latest news on Magecart attacks! We’ve trawled the web for the latest news of data breaches, including updates on previous attacks. Now featuring insider insights from our own Security Researcher! Latest attacks: New! Major Attack on US Medical Debt Collection company American Medical Collection Agency (AMCA). Their payment portal was compromised for 8 months from August 1st, 2018 to March 30th, 2019.

Reported vulnerability in Evernote Web Clipper exposes browsing data of millions of users

A critical vulnerability in Evernote’s Web Clipper Chrome extension recently allowed hackers to steal data present in active web sessions. Web Clipper, an extension that allows users to save screenshots of webpages, emails, images, articles, etc., had a vulnerability that provided hackers with easy access to the websites accessed by its 4.5 million users before it was fixed on May 31, 2019.

Magecart - A Victim's Perspective

We’ve discussed Magecart very frequently in recent months and it’s getting worse, with new attacks coming to light on a weekly basis. At RapidSpike, we are committed to raising exposure on these types of attacks and educating companies as to how they can effectively detect data breaches and reduce their exposure to them.

Fantastic Data Breaches and How to Prevent Them Event

Named in the top 10 world’s most dangerous people alongside Trump & Putin, we are all under attack from Magecart. They attack websites, digital platforms & e-commerce 3rd party supply chains to steal our data, selling it to the highest bidder on the dark web. Our aim is to increase awareness on Magecart attacks, therefore we’ve created an event for Leeds Digital Festival.

Top 5 Open-Source HIDS Systems

The threat landscape has become increasingly diverse and the systems used to attack are more sophisticated than ever before. In 2018, enterprises and organizations of all sizes and across all industries faced serious data breaches (information leaks were experienced by Aadhar —1.1B users; myFitnessPal —150M; Quora—100M; Facebook—29M and many more). One of the biggest victims was Marriot.