You are here
Home > Author: Peter Glock

Aventura charged for flogging Chinese spy equipment to US gov’t with security vulnerabilities

Quis custodiet ipsos custodes? as Donald Trump is very unlikely to say...: Aventura Technologies and its operator have been charged with fraud after allegedly selling surveillance equipment to the US government with known security vulnerabilities. Located in Commack, New York, the company, which sells products including vision cameras, CCTV, and storage services, is central to a criminal complaint unsealed on Thursday. According to the US Department of Justice (DoJ), A

UK Supreme Court upholds first successful claim for breach of the “Quincecare” duty financial institutions owe their customers

I've reproduced the whole article because it raises an important issue. Financial institutions have a duty of care to make sure funds are not misappropriated. Given the rise of Business Email Compromise (BEC), this is additional reason for compaies to ensure controls are in place to identify and stop fraudulent transactions...: In Singularis Holdings Ltd (In Official Liquidation) v Daiwa Capital Markets Europe Ltd ([2019] UKSC 50), the Supreme Court upheld the first successf

Navigating Privacy and Cyber Incident Notification and Disclosure Requirements

Screenshot of the ICO Report a Breach web page

This is from a US perspective. For we Europeans, a lot of these requirements are mandated by the regulator (here is the ICO advice on notification). It's worth keeping up to date with what happens elsewhere in the world so have a read of the original article...: Fulfilling a company's data breach and cybersecurity incident notification and disclosure requirements is an increasing challenge. Companies operating across industry sectors and around the world must satisfy a wide

Tech-support scammers used data stolen by Trend Micro employee

This is one of those cases which should make you think "How would I stop this happening, or at least get an early warning?" Assuming that you've identified and locked down sensitive data so that only those that need it can gain access (not always a given, but part of the GDPR principles), I can think of several strategies to help spot rogue employees/supply chain. First is to plant some breadcrumbs in the data that, if they get used, will raise an alert and identify the p...

Information Commissioner reminds political parties they must comply with the law ahead of General Election

If you're in the UK, check out the Be Data Aware site...: [...] “People expect their personal information to be used in line with law, and where that doesn’t happen in digital campaigning, there’s a danger that public trust and confidence in the broader democracy process is damaged.” A dedicated election hub for parties and campaigns has also been created on the ICO website, along with an updated ‘Be Data Aware’ campaign for the public telling them their rights when their

Privacy attacks on AI models

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Andrew Paterson, Principal Technology Adviser, discuss new security risks associated with AI, whereby the personal data of the people who the system was trained on might be revealed by the system itself.