Hubdate: what data protection compliance looks like, updates to the GDPR audit toolkit & new GDPR training

Hub Changelog

Hub Changelog v1.0.3 – 30th September 2017 An updated introduction to data protection which brings data protection up to date with the GDPR A new guide to what data protection compliance should look like within your organisation Updates to the GDPR Audit Toolkit Minor changes to the preparation stage text Minor changes to the audit stage …

Read moreHubdate: what data protection compliance looks like, updates to the GDPR audit toolkit & new GDPR training

Joomla! 3.8 patches 2 security issues

Online Security

Last week Joomla! released a new version, 3.8. The new version is an update to the Joomla! 3 series. Whilst it is primarily a feature release with 300 improvements and two major features it also patches two security issues: Core – Information Disclosure in LDAP Authentication Plugin (affecting Joomla 1.5.0 – 3.7.5) Core – Information …

Read moreJoomla! 3.8 patches 2 security issues

ICO publishes draft guidance on the Controller – Processor relationship

consultation guidance

Chapter IV of the GDPR sets out responsibilities of Data Controllers and Data Processors. Whilst the general responsibility of a Data Controller is to apply the data protection principles to their business and uphold the GDPR from a compliance perspective, this section of the GDPR also sets out strict controls around the Controller and Processor …

Read moreICO publishes draft guidance on the Controller – Processor relationship

Security update to WordPress (4.8.2)

wordpress

Yesterday, WordPress issued an update to it’s core. This is a security release, so you’re strongly advised to update immediately if you’re running WordPress. According to the release notes for v4.8, it fixes 9 security vulnerabilities in version 4.8.1 and earlier. Check that you’re running on the latest version by logging into your WordPress dashboard – …

Read moreSecurity update to WordPress (4.8.2)

UK government publishes paper on the case for EU data flows post Brexit

UK Government & Data Protection

Whilst the UK is still part of the EU it can continue to benefit from EU transfers of data as set out in the 1995 Directive (implemented in the UK as the Data Protection Act 1998). These EU rules allow for the free flowing of data across all EU member states; those outside the European …

Read moreUK government publishes paper on the case for EU data flows post Brexit

Drupal Security Release (8.3.7)

Drupal Notice

Web hosting platform, Drupal, have issued a maintenance release of their software that patches a number of security fixes. Users are urged to upgrade to the latest version, 8.3.7 as soon as possible. The release patches a number of security vulnerabilities: Views – Access Bypass – Moderately Critical – Drupal 8 – CVE-2017-6923 REST API can …

Read moreDrupal Security Release (8.3.7)

GDPR and fines

GDPR and fines

It seems the Information Commissioner’s Office (ICO) is getting a little fed up with misinformation about the General Data Protection Regulation (GDPR) and so are publishing a series of blog posts “sorting the fact from the fiction”. We tend to agree with the ICO on this – there is a lot of misinformation about the GDPR, articles speaking …

Read moreGDPR and fines

Talk Talk fined for breach of data protection principle

news header

The ICO has fined TalkTalk £100,000 for a breach of principle 7 of the Data Protection Act – the “security” principle. It found that a third party company, contracted by TalkTalk, had wide access to customer data and that some of the third party accounts had been used to unlawfully access TalkTalk’s customer data. The issue …

Read moreTalk Talk fined for breach of data protection principle

Wordfence reports increase in TrafficTrade malware infection caused by theme

wordpress

WordPress security experts, Wordfence, are reporting a “significant increase in the number of WordPress websites hit by an infection [they’re] calling TrafficTrade.” Wordfence says there seems to be two routes to infection. A small number caused by a redundant searchreplacedb2.php script (which they reported as an issue a few weeks back). The bulk of infections though, are …

Read moreWordfence reports increase in TrafficTrade malware infection caused by theme