Talk about unintended consequences: GDPR is an identity thief’s dream ticket to Europeans’ data



Black Hat When Europe introduced the General Data Protection Regulation (GDPR) it was supposed to be a major step forward in data safety, but sloppy implementation and a little social engineering can make it heaven for identity thieves.

In a presentation at the Black Hat security conference in Las Vegas James Pavur, a PhD student at Oxford University who usually specialises in satellite hacking, explained how he was able to game the GDPR system to get all kinds of useful information on his fiancée, including credit card and social security numbers, passwords, and even her mother’s maiden name.

At the Black Hat security conference in Las Vegas, Microsoft announced the top security researchers and enterprise partners who contributed the most vulnerability and zero-day reports affecting the company’s products.

Microsoft’s list of top contributors has become a Black Hat tradition, and many industry experts use it as a guide to today’s top bug hunters.

Security researchers who rank on the list will often tout it as one of their highest career achievements, and for good reasons.

This year’s rankings included bug reports filed in Microsoft products from July 1, 2018 to June 30, 2019. According to Microsoft, this year’s top security researcher is Yuki Chen of Qihoo 360’s Vulcan team.

Read more…