On January 1, 2016, the new Dutch Law on Data Breach Notifications came into effect. Organizations – both companies and government agencies – are now required to immediately report any serious data breach to the Dutch Data Protection Authority (Authoriteit Persoonsgegevens). And, if it is likely that the data breach will have an adverse effect on the privacy of those involved, those people have to be informed as well.
A data breach is defined as the act of accessing, deleting, modifying or releasing personal data, committed unintentionally by the organization. Not only releasing (e.g. leaking) personal data, but also the illegal processing of data, will be seen as a data breach. Examples of data breaches are a lost USB stick containing personal data, a stolen smartphone or malicious access to a database by a hacker.
A security bug affecting Linux versions 3.8 and higher was recently identified. Although this bug (CVE-2016-0728) was first introduced into the Linux Kernel in 2012, it was only discovered and made public a few days ago. When we learned of the bug’s existence, we immediately patched all internal LeaseWeb servers. We advise everyone to patch their servers as well.
The vulnerability in the Linux kernel could potentially be used by attackers in order to obtain higher privileges from a regular account. It uses a technique called “use-after-free” to control the way memory is freed on kernel objects which is then replaced with user supplied data, while keeping the privileges of that memory object.
The IT industry is slowly becoming a technically solid sector, but until now, it continues to be vulnerable as well. Security incidents are still widely reported in the press. It’s an important topic, and one there are many ways of looking at it. This is I why lead a round table session with nine LeaseWeb customers, where questions were answered about the new Dutch Law on Data Breach Notifications (Meldplicht Datalekken) and participants discussed how to organize a secure online company.
The participants were executives of companies which have IT as a core business, or companies that use IT for their online services. They were joined by LeaseWeb founders Laurens Rosenthal and Con Zwinkels, and Jort Kollerie, Enterprise Security Specialist at Dell Security. In addition, IT journalist and security specialist Brenno de Winter shared his experiences about the topic.
Read the rest of this entry »
The various LeaseWeb services companies are always looking to improve the processes involved with handling abuse notifications and to increase user-friendliness.
Over the past few years, we have received valuable feedback on the abuse handling process from customers and third parties who submitted notifications. With that feedback in mind, we have developed a brand new system that will further streamline the abuse notification handling process. This system was launched on July 1st 2015 and the first responses are very positive.
On Thursday 19 June, LeaseWeb learned of the new critical SuperMicro baseboard management controller (BMC) vulnerability that allows retrieving the remote login password via an internet scan on port 49152.
We continuously look out for security issues that may have an impact on our customers. An integral part of preventing or limiting the impact these issues might have, is to make sure as many people as possible know how to deal with them.
In the last few weeks, the Heartbleed bug received the attention it needed. A serious security flaw was discovered in the often-used OpenSSL cryptographic library. This allowed attackers to steal information normally protected by the SSL/TLS encryption. See also our previous posting.
This Friday, another ‘flaw’ received a lot of attention; the OpenID and OAuth security flaw dubbed ‘Covert Redirect‘. Almost immediately, the media started naming this the second Heartbleed. However, is this really the case?
In the morning of Tuesday, 8 April, we noticed that a bug had been reported in OpenSSL (CVE-2014-0160), called Heartbleed. This bug can only be found in third-party software. It enables hackers to read 64K of memory on a server that is running one of the OpenSSL versions affected by this issue.