This Week in Security News: Bloomingdale’s and Claudette

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Timehop, Macy’s, Bloomingdale’s, and Domain Factory announce a system-wide breach. Also, a new AI tool, Claudette, is holding tech companies accountable for GDPR compliance.

Read on to learn more. 

Zero Day Initiative: A 1H2018 Recap

Now in its thirteenth year, the ZDI manages the largest vendor-agnostic bug bounty program in the world with over 3,500 external researchers.

Timehop Breach: U.S. Company Navigates Europe’s New Data Privacy Rules

Timehop – one of the first U.S. companies to suffer a major breach under GDPR – rushed to issue a report under the 72-hour deadline failed to report the full extent of information that was compromised.

Building a Profitable Security Services Offering Part 2 IT Security Features and Benefits Overview

Trend Micro is excited to partner with SPC International in this 5-part Blog, Webinar and Online Training Series; focused on Building a Profitable Security Services Offering for MSP Partners.

Notorious ‘Hijack Factory’ Shunned from Web

Bitcanal, a Portuguese web-hosting firm accused of helping spammers hijack dormant internet address space over the years, was kicked off the internet after multiple bandwidth providers severed ties.

How the Industry 4.0 Era Will Change the Cybersecurity Landscape

While enterprises work to enhance their efficiency, customer experience, logistics, and supply chains through IoT, their malicious counterparts may be expending just as much to undermine their efforts.

$660,000 Data Privacy Fine Highlights Dangers for Businesses Dabbling in Politics

The U.K. Information Commissioner’s Office is criminally prosecuting companies that have shared data with political parties, as well as giving them a $660,000 fine.

Check Your Accounts: Timehop, Macy’s, Bloomingdale’s, Domain Factory Announce Breach

Smartphone app Timehop, retailers Macy’s and sister company Bloomingdale’s, and Germany-based hosting provider Domain Factory announced that their systems were breached.

Macy’s Customer Credit Data Hacked In Breach

Data intruders accessed the names and passwords of some Macy’s customers and may have gained access to their credit card numbers and expiration dates, though not their four-digit security codes.

Keeping the Lights On: A Look at the EU’s Network and Information Security (NIS) Directive

The NIS is an EU-wide cybersecurity legislation that is meant to improve the cybersecurity of the critical utility and digital services industries, minimizing risk to essential processes and operations.

ZDI Reports Rise in Security Vulnerability Disclosures

Through the first six months of the year, ZDI has already published 600 security advisories, which is 33 percent more advisories than in the first half of 2017. 

A New AI Evaluates the GDPR Compliance of Top Tech Companies

The cutting-edge AI tool is part of a research project hosted at the Law Department of the European University Institute.

How Managed Detection and Response Provides Effective Threat Intelligence

Through managed detection and response, organizations can take advantage of the threat intelligence capabilities of security experts.

Did the results from Claudette’s scan surprise you? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Read More HERE