Samsung UK discloses year-long data breach
Welcome to this week’s Security Spotlight, where we shine a light on:?
?
Samsung UK discloses year-long data breach?
According to an email it sent to its customers, Samsung determined on 13 November 2023 that “an unauthorised individual exploited a vulnerability in a third-party business operation we use, and that some personal information of certain customers who made purchases on SEUK’s eCommerce site between July 1, 2020 and June 30, 2020, was affected”.?
Compromised data “may have included” names, phone numbers, addresses and email addresses.?
?
Booking.com confirms phishing attack?
According to JD Supra, Booking.com confirmed in a “limited statement” on 12 November that it was investigating an incident that has been widely reported in the information security press since 14 September, when Perception Point researchers?reported?that they’d observed a number of phishing campaigns targeting hotels and travel agencies.?
These attacks enabled the attackers to access customer data, which they then used in further phishing campaigns, sent via official Booking.com channels.?
?
ALPHV/BlackCat attacks MeridianLink then reports it to the SEC?
The ALPHV/BlackCat ransomware group has added the software company MeridianLink to its leak site, having exfiltrated data without encrypting company systems. However, in a very unusual move, ALPHV has also reported MeridianLink to the US SEC for failing to comply with its new cyber security disclosure rules – even though the rules in question do not come into force until December.??
Vanessa Horton talks about ransomware and what organisations can do about it?
This week, we talk to GRCI Law’s Vanessa Horton about developments in ransomware, including:?
Have a question you’d like our experts to answer? Send it to us via LinkedIn , X/Twitter or email .?
?
Award-winning book from IT Governance Publishing?
ITGP (IT Governance Publishing), the world-leading publisher for governance and compliance, is delighted to announce that Alan Calder has emerged victorious at The Real Cyber Awards, clinching the award for “Best Cyber Book of the Year” for Cyber Resilience – Defence-in-depth principles.?
?
领英推荐
Infographic | What you need to know about supply chain assessments? ?
We've updated one of our most popular resources. Download now to see:? ?
Download now ??
?
?
Free webinar | An Introduction to SEC Cybersecurity Disclosure Rules?
Thursday, 30 November?
The US SEC has introduced a set of cyber security disclosure rules to ensure that publicly listed organisations not only safeguard their digital assets but also communicate their cyber security risk management efforts transparently.?
IT Governance USA’s cyber security expert William Gamble will demystify the complexities of the SEC rules, explaining why they exist and how they affect your organisation.?
?
Free webinar | Demonstrating compliance with DORA?
Tuesday, 5 December?
Learn about the benefits of demonstrating compliance with the EU’s DORA (Digital Operational Resilience Act) in our live webinar.?
In a world where regulatory landscapes are constantly evolving, DORA stands as a pivotal framework that shapes the future of compliance in the financial sector. Compliance is not just a requirement; it’s an opportunity to demonstrate your commitment to operational resilience, security and the highest industry standards.?
Join us for an insightful webinar as we explore the critical aspects of DORA compliance.?
Register now ??
?
Free assessment of your cyber security defences?
We’re committed to help protect your organisation from cyber threats. That’s why we’re excited to offer you a one-on-one assessment of your organisation’s cyber security.?
Simply complete the form to book a no-obligation call with our cyber security experts, where they’ll evaluate your current cyber security posture and offer tailored advice on the best strategies to close any gaps in your defences.?
Book now ?
?
?
?