EU Data Protection Regulation

The globalisation of data and the enormous technological developments of the last decade raises a number of new challenges when it comes to data protection and privacy. Current privacy legislation has not yet caught up with the technology boom when it comes to personal data, and fails to consider aspects such as cloud storage and the wide spread use of social networks. This is set to change with the launch of the proposed EU Data Protection Regulation.

How to prevent a business from being the next exploited target

Over the past few years, Cybersecurity has become a high priority task on the agenda of every organisation that wants to: prevent unpleasant security incidents, avoid being breached by sophisticated attacks and Advance Persistent Threats, detect malicious activity which is specifically designed to evade detection and last but not least respond proactively to the emerging cyber threat landscape. During 2014 in particular, cyberattacks became the norm making headlines on a regular basis with a number of high profile breaches being in the spotlight which as a result affected the number of online transactions. More specifically, it was reported that the levels of fraud increased in 2013-2014 by 12% which accounts for 37% of the total £603m cost of retail crime as reported by the BRC Retail Crime Survey. 

Good luck Lenovo and thank you for the Superfish!

When you purchase a laptop it comes with some default, pre-installed applications. I personally hate this and it is quicker to format the laptop with a fresh install than go down the route of uninstalling all the <r@p-ware one by one. 
Have you ever bought a new Vaio? The amount of extras installed and running in the background take upon most of the resources. 
However, this post is about the Lenovo laptops which also contain a number of added "features". One of the added "features" is an adware which activates when taken out of the box for the first time. This adware ships with all consumer PCs from Lenovo and uses a certificate to perform a man-in-the-middle attack in order to inject ads into the user's browser. 

PCI SSC bulletin on impending revisions to PCI DSS, PA-DSS (updating to version 3.1)

The Payment Card Industry Security Standards Council (PCI SSC) in order to address few minor updates and clarifications and one impacting change, will publish a revision to the PCI DSS and PA-DSS v3.0 in the following weeks. The following bulletin will be issued on the PCI SSC website on 13 February in regards to this impending update to the standards.

Private IPv4 and IPv6 address spaces

In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 for Internet Protocol Version 4 (IPv4), and RFC 4193 for Internet Protocol Version 6 (IPv6). These addresses are commonly used for home, office, and enterprise local area networks (LANs), when globally routable addresses are not mandatory, or are not available for the intended network applications. Under IPv4, the private IP address spaces were originally defined in an effort to delay IPv4 address exhaustion, but they are also a feature of IPv6, the next generation Internet Protocol.

These addresses are characterized as private because they are not globally delegated, meaning that they are not allocated to any specific organization, and IP packets addressed with them cannot be transmitted through the public Internet.