Man killed in roof fall

A man in his 60s has died after falling off a roof at a property at Neilborough, just north of Bendigo.
Source: WorkSafe News Man killed in roof fall

Hop grower fined $130,000 after worker dies in trailer fall

A hop grower has been convicted and fined $130,000 after a worker died when he fell from a trailer towed by an out of control tractor.
Source: WorkSafe News Hop grower fined 0,000 after worker dies in trailer fall

Facebook Password, Email Contact Mishandling Worsens

Millions of Instagram Users Affected by Plain-Text Password Storage
Two security issues disclosed by Facebook over the past month are worse than first thought, adding to a harrowing series of data-handling mishaps by the social network. Millions of Instagram users had their plain-text passwords stored, and 1.5 million people had their email contact lists uploaded without consent.
Source: Info Risk Today Facebook Password, Email Contact Mishandling Worsens

Mueller Report: With Russian Hacking Laid Bare, What Next?

Trump Administration Faces Call to Fully Combat Russia’s Election Interference
Robert Mueller’s report into Russian interference clearly states: “The Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.” In the wake of the Trump administration lifting some Russian sanctions, one expert says it must take the opposite tack.
Source: Info Risk Today Mueller Report: With Russian Hacking Laid Bare, What Next?

Leak Exposes OilRig APT Group's Tools

Group, Apparently Backed By Iran, Was Broadening Its Targets, Analysts Say
A set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has leaked online, exposing some of the organization’s methods and goals, analysts say.
Source: Info Risk Today Leak Exposes OilRig APT Group’s Tools

Senators Raise Issue of Regulating Facebook

CEO Zuckerberg Grilled at First of Two Congressional Hearings
At the first of two Congressional hearings this week, Facebook CEO Mark Zuckerberg on Tuesday faced questions from Republicans and Democrats alike about whether the government should more closely regulate his firm and others.
Source: Info Risk Today Senators Raise Issue of Regulating Facebook

Hackers Deface Popular Videos Published by Vevo

Pilfered Access Credentials Could Be to Blame
A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit. But Google, which owns YouTube, says that tampering didn’t occur directly on its platform.
Source: Info Risk Today Hackers Deface Popular Videos Published by Vevo

Facebook's Zuckerberg Pledges Worldwide GDPR Compliance

Second Congressional Hearing Probes Privacy Issues
At a U.S. House hearing Wednesday, Facebook CEO Mark Zuckerberg said the company would eventually comply worldwide with the European Union’s tough privacy law, the General Data Protection Regulation.
Source: Info Risk Today Facebook’s Zuckerberg Pledges Worldwide GDPR Compliance

The 4 Pitfalls of Privileged Access Management

Bomgar’s Sam Elliott on Overlooked Areas of Security
Overlooked areas of security and defense include four pitfalls of privileged access management, says Sam Elliott of Bomgar, who offers insights on taking the right steps.
Source: Info Risk Today The 4 Pitfalls of Privileged Access Management

Mitigating Risks From Open Source and Third-Party Code

CA Veracode’s Chris Eng on New Strategies to Bolster Application Security
Organizations are developing new apps at the speed of business. But through the use of vulnerable code, they also are creating new risks just as fast. Chris Eng of CA Veracode offers new strategies and solutions to mitigate open source and third-party risks.
Source: Info Risk Today Mitigating Risks From Open Source and Third-Party Code

Breaches Tied to Chat Network Provider

Delta, Sears, Kmart and Best Buy Breaches All Stem From Hack of Same Vendor
A spate of payment card breaches at some of the most recognized U.S. brands has been blamed on the hacking of India-based chat network provider [24]7.ai that led to the infiltration of online chat portals for Delta, Sears, Best Buy, Kmart and perhaps others.
Source: Info Risk Today Breaches Tied to Chat Network Provider

NJ AG Smacks Practice With Hefty Fine for Vendor Breach

Settlement Spotlights Vendor Risks, Plus State Enforcement Trends
The New Jersey state attorney general has smacked a medical practice with a $418,000 penalty for a 2016 HIPAA breach involving a vendor’s misconfigured server. The case is the latest example of the risks posed by vendors.
Source: Info Risk Today NJ AG Smacks Practice With Hefty Fine for Vendor Breach

The Future of Secure Payments

Jim Cunha of the Boston Fed on Future-Proofing Against Fraud
The Secure Payments Task Force was established by the Federal Reserve Bank in 2015 in part to determine areas of focus and priorities for future action. Jim Cunha, a member of that task force, talks about how to advance payment system safety, fight fraud and ensure resiliency.
Source: Info Risk Today The Future of Secure Payments

Art Coviello on Fraud and the 2018 State of Security

RSA’s Ex-CEO Opens up on Cybercrime and Social Media Risks
Art Coviello, ex-CEO of RSA, is concerned about fraud trends and social media vulnerabilities. But he also is bullish on the opportunity for artificial intelligence and DevOps security to stop attacks before they cause harm.
Source: Info Risk Today Art Coviello on Fraud and the 2018 State of Security

Police Bust 20 Phishing Suspects in Italy, Romania

Arrests Came After a Two-Year Investigation of ‘Highly Organized’ Crime Group
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
Source: Info Risk Today Police Bust 20 Phishing Suspects in Italy, Romania

The Road to GDPR Compliance: 12 Steps to Take Now

The European Union’s General Data Protection Regulation will be enforced beginning May 25. Personal data must be protected or severe penalties may be imposed. Companies not located in the EU still need to prepare to comply with GDPR if they routinely execute transactions with EU citizens.
Source: Info Risk Today The Road to GDPR Compliance: 12 Steps to Take Now

Under Armour Reports Massive Breach of MyFitnessPal App

150 Million Accounts Exposed; Could Phishing Campaign Be Coming?
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
Source: Info Risk Today Under Armour Reports Massive Breach of MyFitnessPal App

OCR Considering HIPAA Privacy Rule, Enforcement Changes

But Agency Will Seek Public Input First
Federal regulators are considering potential changes to HIPAA privacy rule and enforcement regulations, but aim to first engage the healthcare sector and public for input, says the nation’s top HIPAA enforcer. So, what changes are being considered?
Source: Info Risk Today OCR Considering HIPAA Privacy Rule, Enforcement Changes

Boeing Confirms 'Limited' Malware Outbreak

WannaCry Reportedly Identified by Boeing Executive as the Culprit
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for “all hands on deck” to respond to the incident.
Source: Info Risk Today Boeing Confirms ‘Limited’ Malware Outbreak

Why Is Shadow IT So Common in Healthcare?

VA Watchdog Agency Report Cites Unauthorized Patient Database
The unauthorized deployment of an unsecured patient database is the latest instance of “shadow IT” spotlighted by a Department of Veteran’s Affair’s watchdog agency. The incident serves as a reminder to all healthcare entities about the patient data risks posed by unsanctioned technology deployments.
Source: Info Risk Today Why Is Shadow IT So Common in Healthcare?