Security Affairs

APRIL 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 74

Spyware Ransomware Malware Data breaches 74

eSecurity Planet

FEBRUARY 2, 2024

Make sure your security and IT teams are aware of every connected device so your business knows how to best protect its networks and sensitive data from vulnerabilities and threat actors. Rapid7 published blogs detailing the successful and failed breaches of the 2024 event. The vulnerability is documented as CVE-2023-49722.

Hacking 125

Hacking IoT Firmware Cybersecurity 125

BH Consulting

MAY 31, 2023

The EU General Data Protection Regulation brought the role of Data Protection Officer (DPO) to the fore. The European Data Protection Board (EDPB) recently announced plans to start enforcing the role more closely, so, as the fifth anniversary of the GDPR was upon us last week, let’s take a closer look at the DPO.

Data privacy 52

Data privacy Government Technology Information Security 52

BH Consulting

JUNE 9, 2021

Almost a year after last summer’s CJEU decision to invalidate the Privacy Shield EU-US data transfer agreement, now SCCs have been called into question as a valid safeguard for transfers to certain third countries. This blog looks at the latest developments, and evaluates what options remain open to EU businesses for data transfers.

Surveillance 98

Surveillance Risk Encryption 98

Thales Cloud Protection & Licensing

JANUARY 14, 2020

The importance of data and the power of being an insights-driven enterprise are increasing the amount of damage that data breaches can cause. At the same time, consumers are deeply concerned with how their data is collected and used. So what’s in store for data privacy and the rollout of of 5G technology?

Data privacy 89

Data privacy IoT Data breaches Surveillance 89

Thales Cloud Protection & Licensing

FEBRUARY 8, 2019

We’ve also addressed what key executives, especially CISOs, should be thinking about as data moves and is accessed across their organizations. Now, we turn our attention to best practices for data security. Here are three best practices we’d recommend: Err on the side of caution. But what does vigilance look like?

Digital transformation 54

Digital transformation Encryption Threat Reports CISO 54

SC Magazine

JANUARY 27, 2021

And on those occasions in which an employee dies, that same practice should apply. But according to a blog post this week from Sophos, attackers from the Nefilim ransomware gang recently infiltrated an unnamed company in part by compromising the admin account of a deceased employee who had passed away three months earlier.

Accountability 102

Accountability Risk Ransomware Media 102

Google Security

JUNE 29, 2020

Posted by Charmaine D'Silva, Product Lead, Android Privacy and Framework, Narayan Kamath, Engineering Lead, Android Privacy and Framework, Stephan Somogyi, Product Lead, Android Security and Sudhi Herle, Engineering Lead, Android Security This blog post is part of a weekly series for #11WeeksOfAndroid.

Media 75

Media Engineering Manufacturing Mobile 75

Thales Cloud Protection & Licensing

APRIL 16, 2020

The drastic changes we’re experiencing in our personal and professional lives would have been impossible to imagine just a year ago when we shared this blog about CEOs becoming more actively involved in data security conversations in the boardroom. Are we protecting our data with end-to-end encryption and effective key management?

Encryption 79

Encryption Risk IoT Threat Reports 79

The Last Watchdog

DECEMBER 20, 2018

Security and Privacy Merge. Despite the fact that everyone is still trying to understand the new privacy landscape and perhaps because they haven’t fully grasped the new realities, everyone is paying attention. Perhaps it is our ever increasing focus on privacy in general and GDPR specifically. IoT security issues will increase.

Cybersecurity 113

Cybersecurity Artificial Intelligence Policy Compliance IoT 113

Troy Hunt

NOVEMBER 25, 2020

Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet. Or are they just the same old risks we've always had with data stored on the internet? Let's dive into it.

IoT 358

IoT Firmware Risk Manufacturing 358

McAfee

FEBRUARY 24, 2020

Our customers are seen as strategic enablers in their organizations by securing data in the cloud apps their users want to adopt, without friction to their experience. During the week of RSA, there will be multiple exclusive events hosted by McAfee. CASB has been a pivotal technology in this journey and we’ve heard it consistently.

Artificial Intelligence 52

Artificial Intelligence Information Security Government Technology 52

Thales Cloud Protection & Licensing

FEBRUARY 24, 2020

2020 marks the launch of the Thales Data Threat Report-Global Edition for the seventh consecutive year. The 2020 Thales Data Threat Report-Global Edition indicates that we have reached a tipping point. Whatever the nature of the data stored in the cloud, it needs to be secured. Sage advice: encrypt everything.

Digital transformation 79

Digital transformation Threat Reports Encryption Technology 79

Thales Cloud Protection & Licensing

JANUARY 8, 2019

Personally, I find the daily announcement of a company losing control of their employees’, partners’, or customers’ data depressing. It doesn’t matter where in the world you are, many companies are not properly protecting your data and hackers are very good at seeking those companies out. You can read more here.

Risk 83

Risk Technology Banking Encryption 83

Malwarebytes

SEPTEMBER 21, 2021

Keep your online accounts secure Respect your privacy Capture and share with care Take care of your data Take care of your device Be wary of certain sites and content online Be kind. It seems like we can’t go a week—or even a day sometimes—without hearing about an online service being breached. 7 Internet safety tips.

Internet 114

Internet Internet Passwords Password Management 114

Thales Cloud Protection & Licensing

AUGUST 23, 2018

While it’s no surprise to anybody reading this that data breaches are on the rise, the attacks facing healthcare organizations, most recently in Asia, are particularly worrisome. MGM New Bombay Hospital was victimized by a ransomware attack in July, resulting in the loss of more than two weeks’ worth of data.

Healthcare 72

Healthcare Data breaches Penetration Testing IoT 72

Duo's Security Blog

SEPTEMBER 27, 2021

The Promise of Passwordless If you've been following the evolution of passwordless, you've likely read countless blog posts and whitepapers pondering the promise of this technology. As the Verizon Data Breach perennially points out, compromised credentials play a role in the majority of breaches. See the video at the blog post.

Passwords 71

Passwords Authentication Technology Data breaches 71

Elie

FEBRUARY 26, 2018

This ruling establishes a right to privacy, whereby individuals can request that search engines delist URLs from across the Internet that contain “inaccurate, inadequate, irrelevant or excessive” information surfaced by queries containing the name of the requester. This blog post summarizes our. millions URLs delisting requests.

Media 107

Media Government Engineering Internet 107

Thales Cloud Protection & Licensing

FEBRUARY 19, 2019

A few weeks ago, we issued the Global Edition of our 2019 Thales Data Threat Report, now in its seventh year. This year much of the emphasis within the results was on how digital transformation can put organizations’ sensitive data at risk. What was the top barrier to deploying more data security? The data bears this out.

Digital transformation 70

Digital transformation Data breaches Threat Reports Marketing 70

Thales Cloud Protection & Licensing

MAY 8, 2018

Data is increasingly amassed and harnessed to accelerate organizational transformation in the new digital economy. Unprotected data at rest is an attractive target for cybercriminals, and in today’s ever more distributed environment, not a week goes by without hearing of a new data breach. The Challenge.

Encryption 54

Encryption IoT Data breaches Engineering 54

Duo's Security Blog

AUGUST 25, 2021

It allowed the class not only to learn facts, but also to practice their critical thinking skills — evaluating the reliability of a source, analyzing a variety of primary and secondary documents, and corroborating information in order to develop independent views on what is important and true.

Cybersecurity 59

Cybersecurity Passwords Technology Data breaches 59

SiteLock

AUGUST 27, 2021

Last week at WordCamp OC, I gave a talk on Security for WooCommerce sites. As ecommerce sites are much more complex and typically handle sensitive data through digital payment transactions, there are a lot more points of potential security breach. GDPR Update: Where Are We Now? Extra Complexity for Ecommerce Sites.

eCommerce 52

eCommerce Data collection Accountability Marketing 52

Identity IQ

JUNE 20, 2023

IdentityIQ Picture this: it’s your first week at a new job. Through exploiting trust and authority, they aim to extract valuable data or gain unauthorized access to systems. Leveraging this trust, they convince individuals to provide access to their accounts, share confidential data, or perform actions that compromise their identities.

Social Engineering 75

Social Engineering Scams Engineering Identity Theft 75

IT Security Guru

APRIL 1, 2021

John Kindervag first coined the phrase “Zero Trust” and published his first blogs on the subject in 2010. As Robin Oldham remarked in his weekly infosec newsletter “ If true —then the company’s culture, practices, technical solutions, or assure activities must also have therefore been pretty spectacularly lax.

Marketing 60

Marketing Artificial Intelligence Technology InfoSec 60

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. Data poisoning attacks. which involve feeding training adversarial data to the classifier. duplicate) models or recover training data membership via blackbox probing. Model stealing techniques.

Accountability 107

Accountability Artificial Intelligence Engineering Retail 107

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. Data poisoning attacks. which involve feeding training adversarial data to the classifier. duplicate) models or recover training data membership via blackbox probing. Model stealing techniques.

Accountability 91

Accountability Artificial Intelligence Engineering Retail 91

The Last Watchdog

FEBRUARY 20, 2019

When Facebook founder Mark Zuckerberg infamously declared that privacy “is no longer a social norm” in 2010, he was merely parroting a corporate imperative that Google had long since established. But what if companies chose to respect an individual’s right to privacy, especially when he or she goes online? Privacy as good business.

Internet 113

Internet Internet Data privacy Engineering 113

Troy Hunt

APRIL 5, 2023

Specific guidance prepared by the FBI in conjunction with the Dutch police on further steps you can take to protect yourself are detailed at the end of this blog post on the gold background. That's the short version, here's the whole story: Ever heard that saying about how "data is the new oil"?

Marketing 337

Marketing Passwords Authentication Accountability 337

Google Security

MAY 10, 2023

Posted by Ronnie Falcon, Product Manager Android is built with multiple layers of security and privacy protections to help keep you, your devices, and your data safe. Most importantly, we are committed to transparency, so you can see your device safety status and know how your data is being used.

Phishing 114

Phishing Passwords Accountability Media 114

Thales Cloud Protection & Licensing

FEBRUARY 17, 2020

In the process, however, they embraced a large number of connected devices and IoT platforms, which means that additional data and processes are now moving outside of the firewall and into the cloud. One issue is that cloud native encryption and key management services provide just basic data security. Sensitive Data at Risk.

Encryption 123

Encryption Policy Compliance Digital transformation Data breaches 123

Troy Hunt

AUGUST 7, 2020

Every single byte of data that's been loaded into the system in recent years has come from someone who freely offered it in order to improve the security landscape for everyone. The very second blog post on that tag was about how I used Azure Table Storage to make it so fast and so cheap. Let me explain why and how.

Passwords 364

Passwords Architecture Data breaches Internet 364

SC Magazine

MARCH 19, 2021

Take Zoom, for example, which struggled to respond to privacy and security controversies amid exploding demand. Looking back over the last year, what was the most significant shift that the company needed to make to accommodate customer demands, but also adhere to high standards of customer security and privacy protection?

Advertising 97

Advertising Education Media Encryption 97

eSecurity Planet

AUGUST 12, 2023

Trellix researchers are disclosing a number of critical data center power management platform vulnerabilities at DEFCON 2023 today. The Trellix researchers investigated several data center software platforms and hardware technologies as part of a U.S. effort to secure critical infrastructure.

Authentication 98

Authentication Spyware DDOS Cybersecurity 98

Malwarebytes

JANUARY 10, 2023

In the first half of 2022 alone , the education sector saw an average of almost 2,000 attacks every week—a 114% increase compared to two years ago. The most high profile of these attacks occurred during Labor Day weekend, when a ransomware gang breached the Los Angeles Unified School District and stole roughly 500 gigabytes of data.

Cybersecurity 68

Cybersecurity Education Ransomware Government 68

Troy Hunt

JANUARY 10, 2018

billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. Sooner or later, big repositories of data will be abused. India's Aadhaar implementation is the largest biometric system in the world, holding about 1.2

Hacking 279

Hacking Government Risk Encryption 279

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Dave Kennedy | @hackingdave. Eva Galperi n | @evacide.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Troy Hunt

AUGUST 7, 2023

This keeps with the spirit of HIBP's roots being a community service and ensures the data is accessible without barrier to the majority of people. This is a big one. A massive one. It's the culmination of a solid 7 months of work that finally, as of now, is live. Pwned 1 Up to 25 10% $3.95 Pwned 2 Up to 100 10% $16.95

Data breaches 229

Data breaches Accountability Cryptocurrency Banking 229