to help enterprise security across Europe
The resource centre for busy senior executives seeking the latest insights into IT Compliance & Privacy issues for major organizations
 
 
sarbaines oxley ofcom communications regulator
Latest Resources      data protection register
compliance resources privacy resource center

Breaking Global News
Global Compliance and Privacy News - Breaking News, updated every 30 minutes
•   Compliance, Privacy and Security
•  Money Laundering
•  Phishing
•  Regulatory Issues
•  SOX, Basel 2, MiFID


You Tell Us:
S
S
L

T
E
C
H
N
O
L
O
G
Y		 We use SSL Technology for web data entry points:

Always
Sometimes
Never
What is SSL?

News
Phorm, Webwise and OIX - BCS Security Forum
The challenges of PCI DSS compliance - Thales, Russell Fewing
"Quality" Data Vendor Spams us! Editor astounded!
National Gateway Security Survey 2008 - Wick Hill
Unified Threat Management - Watchguard Technologies
Trust is not about SSL, It's about Domains - ComplianceAndPrivacy Survey
Centralised UTM - a Wick Hill White Paper
Mobile & Remote Working - Is it secure? Wick Hill
UK Informatiomn Commssioner prosecutes two London solicitors. Both fined
UK Information Commissioner prosecutes ADC Organisation. Convicted and fined.
Marks & Spencer ordered to encrypt laptops - UKIC
Dam Data Leakage at Source - Wick Hill
We do not regulate BlueSpam - UK Information Commissioner
Beware Internet Flash Mobs - Eversheds e80

news archives:
0 | 1 | 2 | 3 | 4 | 5 |
6 | 7 | 8 | 9 | 10 | 11 |
12 | 13
[What is this?]

Industry Blogs
Tim Berners Lee's Blog
Tim Callan's SSL Blog
Davis Wright Tremaine's Privacy & Security Law Blog
Emergent Chaos Blog
Michael Farnum's Blog
Phillip Hallam-Baker's Blog - The dotFuture Manifesto: Internet Crime, Web Services, Philosophy
Stuart King's Security and Risk Management Blog
David Lacey's IT Security Blog
Metasploit Official Blog
Jeff Pettorino's Security Convergence Blog
Jeff Richards's Demand Insights Blog
David Rowe's Risk ManagementBlog
Bruce Schneier's Security Blog
Larry Seltzer's Security Weblog
Mike Spinney's Private Communications Blog
Richard Steinnon's Threat Chaos Blog
The TechWeb Blog
Tim Trent's Marketing by Permission Blog
Rebecca Wong 's DP Thinker Blog

Newsletters
23 February Newsletter
Newsletter Archives are located in "News"

Industry Update
Internet Security Intelligence Briefing - November 2005
Find out the latest trends in e-commerce, web usage & the latest threats from adware/Spyware

Reports
'The Any Era has Arrived, and Everyione has Noticed' - Stratton Sclavos - VeriSign
Identity Security - Time to Share
Malicious code threats - iDefense
Public Alerts - updated as they happen from Stopbadware.org
Public Alerts - updated as they happen from Websense
Public Advisories - updated as they happen, from iDefense
Phoraging - Privacy invasion through the Semantic web: a special report by Mike Davies of VeriSign

Legislation
Privacy Laws & Business International E-news, Issue 57
Privacy Laws & Business UNited Kingdom E-news, Issue 60

Security Reviews
February 2007 - VeriSign Security Review
The security review archive is here

Case Studies
Finance Industry
Case Study Example
A case study on a Finance industry company.

White Papers
VeriSign® Intelligent Infrastructure for the 21st Century
VeriSign® Intelligent Infrastructure for Security
VeriSign® Intelligent Infrastructure: An Overview
Identity Protection Fraud Detection Service - description of the service
Life of a Threat - Video on Threat Management Lifecycle
Optimizing Enterprise Information Security Compliance - Dealing with all the audits
For a full list of all whitepapers, visit our Whitepaper library

Legal Notices
Privacy Policy
Terms of use
basel 2 sarbanes oxley
    legislation
data controller notification binding corporate rules BCR data transfer third countries third part data transfer basel 2 regualtor regulation regulate FSA banking network security RSA encryptin algorithm Bits sacked bank staff
Blogs compliance Reports compliancy Legislation Data Protection Case Studies data privacy White Papers data protection act News information commissioner Events security standards Links information security iDefense
Retail Solutions

Compliance, Privacy and Security News As It Happens, Every 30 Minutes - Regular Global News on Compliance and Privacy

compliance and privacy

Current News Updates

Regularly Updated Global News on Compliance and Privacy

We bring you news, views, and announcements from around the world. This is Globally Syndicated News, as it happens. News on this page changes as organisations whose news feeds and tickers we subscribe to publish their own new items.

We have several newsfeed pages based around feeds that are aggregates for specific topics:

All breaking news, all topics, aggregated
[The sub-pages listed below are split into specialist topics]

[CaRP] XML error: Invalid document end at line 13

[CaRP] XML error: Empty document at line 1

[CaRP] XML error: Mismatched tag at line 20
  • Police 'find' author of notorious Gpcode virus
    The infamous Gpcode "ransomware" virus  that hit computers in July was the work of a single person who is known to the authorities, a source close to the hunt for the attacker has told Techworld.
  • Prominent Web sites have serious coding flaw
    Two Princeton University academics have found a type of coding flaw on several prominent Web sites that could jeopardize personal data and in one alarming case, drain a bank account.
  • Researchers develop bug-blocking chip monitor
    Researchers at the University of Michigan have developed technology that can fence off microprocessor bugs and keep them from seizing up a PC.
  • Clickjacking vulnerability to be revealed
    After shelving plans to detail a browser clickjacking vulnerability that is indirectly related to Adobe Systems' products at the company's request earlier this month, a security researcher plans to detail the flaw next month.
  • Test Center: Sandbox security versus the evil Web
    The Internet is a scary place. Criminal malware lurks on legitimate and illegitimate Web sites alike, looking to steal your money one way or the other. Vendors have been scratching their collective heads attempting to make more consumers safer, more often. One of the results has been a class of anti-malware software that I call sandbox protection products. These items encapsulate Internet browsers (and e-mail programs and sometimes any other program you can run) within a virtual, emulated cocoon designed to keep malware from reaching and modifying the underlying host computer.
  • Two tenacious exploits debunk vendor claims
    Many sandbox security vendors claim that their products stop all known and unknown attacks. Even assuming the ability to curtail all known attacks could be proven, it's simply impossible to believe that any piece of software could halt all unknown attacks. Of course, that doesn't prevent the vendors from making empty promises or the malware authors from proving them wrong.
  • IP piracy bill passed by U.S. Congress
    The U.S. House of Representatives on Sunday passed a bill that would significantly increase penalties for copyright infringement and create a new office of intellectual-property enforcement coordinator in the White House.
  • Security risks rise as smartphones become smarter
    As wireless devices become more numerous within businesses, their convenience will be counterbalanced by an increasing potential for security problems, according to a Gartner analyst.
  • Enterprises overpay for anti-virus software
    Enterprises continue to pay too much for security software -- while the software vendors aren't doing enough research to keep up with fast-changing threats on the Internet, a Gartner analyst said Monday.
  • Cryptologists needed to detect cyber crimes
    It’s an exciting blend of permutations and combinations. Called the science of secrecy, cryptography has probably got more attention in the...
  • Govt must take steps to tackle cyber terrorism
    Senior BJP Leader and Punjab State Investor Cell Chief Sukhminderpal Singh Grewal has termed the UPA Government 'ignorant' about the misuse of...
  • Hacker Won't Race @ Laguna
    The word given to the media on Saturday at Laguna Seca was that Jamie Hacking was okay after his scary crash at Laguna Seca, but his wife Rachel...
  • Notorious ISP Intercage goes dark again
    Accused of being home to online scammers, the San Francisco-based ISP Intercage has been unplugged from the Internet -- for the second time this week.
  • The 10 Most Mysterious Cyber Crimes
    The most nefarious and crafty criminals are the ones who operate completely under the radar. In the computing world security breaches happen all the...
  • Andiamo! Italian Judge Lifts Ban On Hacker Haven The Pirate Bay
    A win for The Pirate Bay. Back in August, Italy tried to block access to the P2P tracker site from Italian ISPs. The pirates vowed to fight the block,...
  • Pentagon hacker granted bail in Calgary
    CALGARY - A hacker who once burrowed into the Pentagon's systems was released on $30,000 bail Thursday, after being charged with hacking into a...
  • Second TJX hacker pleads guilty
    A Miami man pleaded guilty on Monday to charges of hacking and identity theft related to the high-profile data breaches at TJX and a number of other...
  • Police nab Maserati hacker
    A 60 year-old man has been charged with hacking a database and using the stolen information to blackmail sports-car maker Maserati. Police arrested...
  • What does the British Computer Society think of Phorm?
    Phorm, Webwise, OIX and the BCS Security Forum

    Phorm over function? Perhaps that's the challenge in relation to marketing desires clashing with privacy hopes. But given the starting point of the Phorm furore, in the Spring of 2008, we are now in the Autumn of 2008 and its been nothing but data breach after user faux pas exposing countless millions of individuals' personally identifiable information that has focussed the spotlight firmly upon the need to apply "privacy by design" principles from the outset - something that the ICO will be taking a very serious view of in the coming months. The BCS Security Forum is equally involved in keeping a watching brief.
  • Cybercrime expert to educate MSU engineers on "Gen Next Terror"
    "Hacking is my passion", says 20-year-old cyber-crime expert, Sunny Vaghela, who has been helping the Mumbai Anti-Terrorism Squad (ATS) and Ahmedabad...
  • Two-thirds of firms hit by cybercrime
    The Department of Justice released data from its 2005 National Computer Security Survey last week, finding that two-thirds of firms detected at least...
  • Are you storing customer data properly? The challenges of PCI DSS compliance
    Data security breaches are hitting the headlines with alarming frequency. While the most recent breaches have involved the public sector and financial services industries, retailers are not immune from the rise of data losses. Cotton Traders, the UK leisurewear and casual clothes brand, for example, recently conceded that thousands of customer details had been stolen from the company's website. Last year saw perhaps one of the most publicised cases involving retail giant, TJ Maxx, which found that hackers had accessed internal systems used to process and store customer transaction data, including credit card, debit card, cheque and return transactions. The incident cost TJ Maxx $256 million1...
  • Apple QuickTime PICT Integer Overflow Vulnerability
  • Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability
  • Data Vendor Sends SPAM about The Dangers of Prospecting Databases
    ComplianceAndPrivacy.Com received an email that appears to be from Harris Infosource, a D&B Company. Not a lot wrong with that, you may say. The email is a cold unsolicited email, or SPAM, What makes this amusing is that the SPAM has this subject line:

    "Why Using Cheap Prospect Lists Can Cost You Big!"

    Harris Inforsource, it seems, are the purveyors of fine prospect lists.

    Harris addressed their SPAM to Milton Bennett at our domain. If Milton existed, if Milton had ever existed, if we had ever created, used, publicised an address for Milton, who is not now and never has been a member of our staff, then this would have been something we could pass off as "just one of those things". Bu...
  • Bank Customer Personal Data Sold on eBay for £35
    An investigation is under way into how a computer containing bank customers' personal data was sold on an internet auction site.

    The PC, which was reportedly sold for £35 on eBay, had sensitive information on the hard drive.

    The Royal Bank of Scotland (RBS) and its subsidiary, Natwest, have confirmed their customers' details were involved.

    RBS says an archiving firm told it the PC had apparently been "inappropriately sold on via a third party".

    It said historical information relating to credit card applications for their bank and others had been on the machine.

    The information is said to include account details and in some cases customers' signatures, mobile phone numbers and mothers' m...
  • Best Western Denies Report of Massive Data Breach
    A Scottish newspaper Friday ran a story that claimed to uncover a massive theft of data from Best Western's customer database, including personal information on all 8 million customers at the chain's 1,300 hotels in the past year.

    After initially thanking the newspaper and doing its own investigation, however, the hotel chain now says The Sunday Herald's report of a massive breach at Best Western is "grossly unsubstantiated."

    In its report, The Sunday Herald stated that "a previously unknown Indian hacker successfully breached the IT defenses of the Best Western Hotel Group's online booking system and sold details of how to access it through an underground network operated by the Russian m...
  • Best Western Data Loss - Indian hacker alleged brain behind biggest cyber-heist
    An unknown Indian hacker is being 'charged' with the greatest cyber-heist in history for allegedly helping a criminal gang steal identities of an estimated eight million people in a hacking raid that could ultimately net more than 2.8 billion pounds in illegal funds.

    An investigation by Scotland's Sunday Herald newspaper has discovered that late on Thursday night a previously unknown Indian hacker successfully breached the IT defences of UK's Best Western Hotel group's online booking system and sold details of how to access it through an underground network operated by the Russian mafia.

    There are no details yet on how the hacker was identified to be an Indian and if a probe is on to ide...
  • Vietnam introduces heavy fines for spammers
    Organisations and individuals who send spam mail and text messages or trade in e-mail addresses may be fined up to VND80 million (US$5,000), according to the newly-issued Decree on Anti-spam mail.

    The decree bans organi-sations and individuals from using electronic means to deliver spam messages, exchange or trade e-mail addresses or deliver software products that collect e-mail addresses, according to the Ministry of Information and Communications.


  • Republic of the Phillipines can?t do without policy on data privacy, security
    Under no circumstances can the Philippines compete, let alone thrive, in the lucrative outsourcing market and the global marketplace without a fool-proof policy on data protection and security.

    This was the clear message sent out by participants in a recent conference dubbed "Mapping the Future of Information Security Forum" organized by the Information Systems Security Society of the Philippines (ISSSP) at a hotel in Makati City.

    Anthony Tuason, a director at consultancy firm PriceWaterhouseCoopers, said during his presentation that IT companies, most especially those in the BPO sector, cannot possibly institute "IT governance" ? the process of using technology as to management tool to ru...
  • National Gateway Security Survey 2008 Shows Interesting Changes in Threat Lan...
    The National Gateway Security Survey 2008, carried out for value added distributor and security specialist Wick Hill and sponsored by WatchGuard Technologies, leaders in unified threat management systems, has highlighted the increasing move toward remote and mobile use, as well as the concerns users have about this shift. In a survey of 341 of the top UK companies, by employee number and turnover, 48% had over 150 remote users and a further 11% had 50 to 100 remote users. 61% said that the number of remote users on their network was increasing. 45% reported that the number of VPNs was increasing and 43% that the number of SSL users was increasing.
  • Unified Threat Management (UTM) - Watchguard Technologies
    Unified threat management (UTM) spawned a new era of IT security. The promise of these integrated security appliances proved to be an exceptional and efficient way of securing commercial networks. However, businesses today face an inflection point, dictated by changing market trends and new technologies that demand more of today?s UTM. Hence the need is for eXtensible threat management (XTM) solutions, the next generation of UTM appliances. XTM is predicated upon the substantive expansion of three elements: more security, greater networking capabilities, and more management flexibility. This paper provides an overview of these issues and the WatchGuard Technologies perspective on ?extensibil...
  • Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability
  • Microsoft Excel FORMAT Record Invalid Array Index Vulnerability
  • Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability
  • Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability
  • Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability
  • Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability
  • Microsoft Office BMP Input Filter Heap Overflow Vulnerability
  • Solaris snoop SMB Decoding Multiple Format String Vulnerabilities
  • Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities
  • Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability
  • Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability
  • Ingres Database for Linux verifydb Insecure File Permissions Modification Vul...
  • Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability
  • SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability
  • Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability
  • Transatlantic Events - Data Privacy Conference
    As a grand special offer to readers of ComplianceAndPrivacy.Com, Transatlantic Events has slashed the ticket price to £200 per day. Reach the special Compliance and Privacy booking page directly from here:

    Special ComplianceAndPrivacy.Com Delegate Booking Page.

    This event is a Must See for those planning cross Atlantic or International operations which involve passing data from location to location


  • Special Privacy Event Offer
    EXCLUSIVE READERS OFFER:

    Dear Readers of Compliance and Privacy,
    It's our pleasure to announce and invite you as a VIP Delegate to:
    The 5th Annual Privacy & Data Protection UK 2008
    3rd & 4th of September 2008
    at The Law Society, 113 Chancery Lane, London, United Kingdom The event is broken up into two separate days & two separate events:

    "Data Protection: Global Compliance Management" 3rd of September 2008


    "Data Protection: CRM, Privacy 2.0 & Social Networking " 4th of September 2008

    This is a major Privacy & Data Protection event with more than 20 internationally renowned speakers. If there is one Privacy & Data Protection event to attend this year, this is it! ...
  • Oracle Database Local Untrusted Library Path Vulnerability

Please note: News feeds contain items from other websites gathered by our aggregating the news feeds that they offer. Where an item comes in a news feed from another website it is presented "as is" with no endorsement from, nor editing by, nor approval from complianceandprivacy.com or its sponsors, VeriSign. News feeds are dynamic. We offer them in good faith, but, where the content is outside our control we cannot be responsible for their errors, omissions or other conduct. Some of the links on this page remain on this site, others go to other sites; that is the nature of a newsfeed. When you leave this site you are encouraged to be aware of the privacy policy of the new site before leaving personal data there.


 


This site is independent of all its sources
The contents of the site are sourced from across the industry. All copyrights are acknowledged.

Transatlantic Events, Dublin 2009