Tag: data
-
UK ICO Criticizes Google Advertising Policy Update
by
in SecurityNewsData Protection Authority Says Change Isn’t Green Light for Device Fingerprinting. The U.K. data regulator blasted Google Thursday for a changes to policies governing online advertising the government agency says amount to bestowing permission to track users by the indelible fingerprint of their devices. Businesses do not have free rein to use fingerprinting, the office…
-
Thousands of Hapn customer data exposed by website bug
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-hapn-customer-data-exposed-by-website-bug
-
Misconfiguration exposes Virtavo security cam user data
by
in SecurityNews
Tags: dataFirst seen on scworld.com Jump to article: www.scworld.com/brief/misconfiguration-exposes-virtavo-security-cam-user-data
-
Major data breach leads to $264M fine for Meta
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/major-data-breach-leads-to-264m-fine-for-meta
-
Massive Cisco data trove partially exposed by IntelBroker
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/massive-cisco-data-trove-partially-exposed-by-intelbroker
-
Breach Roundup: US Seeks Extradition of Alleged LockBit Coder
by
in SecurityNewsAlso: Interpol Says ‘Pig Butchering’ Shames Victims, A Data Leak Scandal in Mexico. This week, U.S. asks Israel to extradite an alleged LockBit coder, don’t say pig butchering, and an Apache Struts flaw. A hunt for alleged data thieves in Mexico, Europe probes TikTok and Netfilix fined 4.75 million. A ransomware attack against Texas medical…
-
Android malware found on Amazon Appstore disguised as health app
A malicious Android spyware application named ‘BMI CalculationVsn’ was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-spyware-found-on-amazon-appstore-disguised-as-health-app/
-
Rhode Island officials warn residents as ransomware group threatens social services data leak
by
in SecurityNewsThe personal data of hundreds of thousands of vulnerable residents is at risk after a threat group attacked a state social services database. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/rhode-island-ransomware-social-services/735912/
-
Netflix Fined Euro4.75 Million Over GDPR Transparency Issues
by
in SecurityNewsNetflix has been hit with a Euro4.75 million fine by the Dutch Data Protection Authority (DPA). The fine stems from the company’s failure to clearly explain its data practices to users between 2018 and 2020″, highlighting a key issue that has been in the spotlight ever since the GDPR was introduced. What Went Wrong? The…
-
EU Opens Door for AI Training Using Personal Data
by
in SecurityNewsThe EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/edpb-ai-training-personal-data/
-
From reactive to proactive: Redefining incident response with unified, cloud-native XDR
by
in SecurityNewsIn today’s rapidly evolving threat landscape, cybersecurity is a constant game of cat and mouse. The average security operations center (SOC) team receives 4,484 alerts every day and can spend up to 3 hours manually triaging to understand which signals represent a genuine threat and which are just noise.However, this model traps SOCs in a…
-
European authorities say AI can use personal data without consent for training
by
in SecurityNewsThe European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as the finished application does not reveal any of that private information.This reflects…
-
Supply Chain Risk Mitigation Must Be a Priority in 2025
by
in SecurityNewsA balance of rigorous supplier validation, purposeful data exposure, and meticulous preparation is key to managing and mitigating risk. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/supply-chain-risk-mitigation-priority-2025
-
NYDOH Cybersecurity Regulations: What Healthcare Providers Need to Know in 2025
by
in SecurityNews10 NYCRR 405.46: NY’s New Hospital Cyber Regulation Hospitals are no strangers to health data privacy laws like HIPAA. But New York’s new cybersecurity regulations take things to the next level. Finalized by the New York State Department of Health (NYDOH) in October 2024, these laws aim to fill gaps left by existing frameworks. They……
-
Bugs in a major McDonald’s India delivery system exposed sensitive customer data
by
in SecurityNewsMcDonald’s India exposed the personal information of customers and drivers due to security flaws impacting its APIs. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/bugs-in-a-major-mcdonalds-india-delivery-system-exposed-sensitive-customer-data/
-
IAM Predictions for 2025: Identity as the Linchpin of Business Resilience
by
in SecurityNews
Tags: access, ai, apple, attack, authentication, banking, breach, business, cloud, compliance, corporate, credentials, crime, data, deep-fake, detection, finance, iam, identity, malicious, microsoft, mobile, office, passkey, password, privacy, regulation, resilience, risk, service, supply-chain, theft, threat, tool, vulnerabilityIAM Predictions for 2025: Identity as the Linchpin of Business Resilience madhav Thu, 12/19/2024 – 05:33 As we look toward 2025, the lessons of 2024 serve as a stark reminder of the rapidly evolving identity and access management (IAM) landscape. The numbers tell the story: The latest Identity Theft Resource Center report indicates that consumers…
-
Fighting on the New Front Line of Security with Snowflake and LogLMs
by
in SecurityNews
Tags: access, ai, attack, cyber, cybersecurity, data, detection, finance, incident response, intelligence, malicious, mitre, monitoring, network, siem, soc, threat, toolTempo”Š”, “Ša Snowflake Native App”Š”, “Šharnesses AI and Log Language Models for Proactive Cybersecurity Cybersecurity attackers are innovating, challenging traditional security measures, and pushing organizations to seek more innovative solutions. Tempo, a Snowflake Native App that revolutionizes cybersecurity using AI-powered proactive security, sees even novel attacks. By leveraging Log Language Models (LogLMs), which are a…
-
Dutch DPA Fines Netflix Euro4.75 Million for GDPR Violations Over Data Transparency
by
in SecurityNewsThe Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix Euro4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020.An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy…
-
Is Your Hospital Sharing Patient Data with Facebook? A Guide for Security and Privacy Teams
by
in SecurityNewsRecent lawsuits have revealed a critical privacy concern for healthcare providers the sharing of patient data with Facebook through tracking pixels. We wrote this article to help your security and privacy teams assess their risk, identify key stakeholders, and understand the urgency of this issue. What is the risk? Many hospitals use Meta Pixel,…The post…
-
Die 10 häufigsten LLM-Schwachstellen
by
in SecurityNews
Tags: access, ai, api, application-security, awareness, breach, cloud, control, cyberattack, data, detection, dos, encryption, injection, least-privilege, LLM, ml, monitoring, privacy, RedTeam, remote-code-execution, risk, service, tool, update, vulnerability, zero-trust -
In potential reversal, European authorities say AI can indeed use personal data, without consent, for training
by
in SecurityNewsThe European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as the finished application does not reveal any of that private information.This reflects…
-
Don’t overlook these key SSE components
by
in SecurityNews
Tags: access, business, cctv, cloud, compliance, control, corporate, cybersecurity, data, data-breach, endpoint, fortinet, monitoring, network, risk, saas, service, technology, threatSecurity service edge (SSE) has emerged as a hot topic in the networking and security markets because it provides cloud-delivered security to protect access to websites and applications. This is key for the work-from-anywhere approach enterprises adopted during the pandemic and maintained as hybrid work became the norm. SSE is also a prevalent subject because…
-
Russia-linked APT29 group used red team tools in rogue RDP attacks
by
in SecurityNewsRussia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware. The…
-
Opswat Expands Critical Infrastructure Defense With Fend Buy
by
in SecurityNewsData Diodes Enhance Air-Gapped Network Security, Deliver Advanced Network Isolation. Opswat’s acquisition of Fend integrates advanced hardware-based security with Opswat’s platform, delivering robust protection against cyberattacks on critical infrastructure like power grids and water systems. Fend’s small-form-factor data diodes meet the demand for affordable, scalable solutions. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/opswat-expands-critical-infrastructure-defense-fend-buy-a-27099
-
Free Trial of aiSIEM-CGuard for 45 Days: Experience the Future of Cybersecurity
by
in SecurityNewsIn today’s ever-evolving digital landscape, businesses face increasingly sophisticated cyber threats. Protecting sensitive data, ensuring compliance, and maintaining operational continuity have never been more critical. This is where Seceon’s aiSIEM-CGuard emerges as a game-changer, offering advanced threat detection and response capabilities. And now, for a limited time, you can experience the full power of this…