fbpx

Download free GDPR compliance checklist!

Tag Archives for " cybersecurity "

52% of companies use cloud services that have experienced a breach

Use of personal devices when accessing cloud services and the sprawl of high-risk cloud services drive new areas of risk for companies using the cloud.

Seventy-nine percent of companies store sensitive data in the public cloud, according to a McAfee survey. While these companies approve an average of 41 cloud services each, up 33 percent from last year, thousands of other services are used ad-hoc without vetting. In addition, 52 percent of companies use cloud services that have had user data stolen in a breach.

Source: 52% of companies use cloud services that have experienced a breach – Help Net Security

Sen. Graham Draft Bill Would Ban Encryption, Undermine User Privacy, Security

Senator Lindsey Graham, a top Trump ally, is targeting giant internet platforms with a child protection measure that could threaten tech companies’ use of encryption and a liability exemption they prize.

Although the measure doesn’t directly mention encryption, it would require that companies work with law enforcement to identify, remove, report and preserve evidence related to child exploitation — which critics said would be impossible to do for services such as WhatsApp that are encrypted from end-to-end.

Source: Lindsey Graham Proposal Could Expose Apple, Facebook to Lawsuits – Bloomberg

Tinder’s Panic Button Partner, Noonlight, Shares Data With Third Parties

Tinder has a proven track record of providing a dating platform to some less-than-stellar men who have been accused of raping—and in one grisly case, dismembering—women they’ve met through the platform.

With the help of a company called Noonlight, Tinder users will be able to share the details of their date—and their given location—in the event that law enforcement needs to get involved. However, it turns out that the app sends data to handful of major names in the ad tech space—including Facebook and Google-owned YouTube—gleaning details about the app every minute.

Source: Tinder’s Panic Button Partner, Noonlight, Shares Data With Third Parties

3 biggest threats cybersecurity professionals are facing in 2020

Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat.

The three threats that respondents cited as their biggest for 2020 are:

  1. Weaponized email attachments and links (74%)
  2. Ransomware (71%)
  3. Banking trojans and other browser-based password hijackers (67%)

Source: 3 biggest threats cybersecurity professionals are facing in 2020 – TechRepublic

€114 Million in Fines Imposed by EU Authorities Under GDPR

New findings from DLA Piper show that 160,000 data breach notifications reported across 28 European Union Member States and data protection authorities have imposed €114 million in monetary fines under the GDPR for a wide range of infringements. Not all fines were related to data breach infringements, however.

In terms of the total value of fines issued by geographical region, France (€51m), Germany (€24.5m) and Austria (€18m) topped the rankings, whilst the Netherlands (40,647), Germany (37,636) and the UK (22,181) had the highest number of data breaches notified to regulators.

Source: €114m in Fines Imposed by Euro Authorities Under GDPR – Infosecurity Magazine

Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

2019 saw continued growth and change in data protection and cyber-security across the Asia-Pacific. Following the implementation of the GDPR in May, 2018, many jurisdictions moved to review and strengthen existing data privacy and cyber-security laws.

In addition, 2019 saw regulators publishing findings in respect of some of the largest data incidents of 2018. We have set out below the key highlights of the year and what to look out for in 2020.

Full article: Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

Why your palm could be safer than fingerprints or facial recognition?

Amazon and Apple both have patents for palm scanners and Chinese startups have already started using the tech in locks and vending machines.

Palm recognition systems work by identifying vein patterns and lines and creases on the hand’s surface, ideally using cameras and infrared to avoid contact. Compared with a face, palmprint is not privacy sensitive.

Source: Why your palm could be safer than fingerprints or facial recognition – Amazon and Apple both have patents for palm scanners and Chinese startups have already started using the tech in locks and vending machines | Abacus

NSA alerted Microsoft to major Windows 10 security flaw

The National Security Agency recently alerted Microsoft to a major flaw in its Windows operating system that could let hackers pose as legitimate software companies.

Microsoft issued a software update on Tuesday to fix the vulnerability, as part of its normal schedule for releasing software patches.

Source: NSA alerted Microsoft to major Windows 10 security flaw – CNN

US Government-funded Android phones come preinstalled with unremovable malware

An Android phone subsidized by the US government for low-income users comes preinstalled with malware that can’t be removed without making the device cease to work, researchers reported on Thursday.

The first is heavily obfuscated malware that can install adware and other unwanted apps without the knowledge or permission of the user. The second unpleasant surprise is something called Wireless Update. While it provides a mechanism for downloading and installing phone updates, it also loads a barrage of unwanted apps without permission.

Source: US Government-funded Android phones come preinstalled with unremovable malware | Ars Technica

Top Apps Invade User Privacy By Collecting and Sharing Personal Data

A new report published today by the Norwegian Consumer Council (NCC) looks at the hidden side of the data economy and its findings are alarming.

Scrutinizing 10 popular apps in Google Play Store, such as Grindr, Clue, and Perfect365, the NCC report’s technical analysis reveals comprehensive tracking and profiling practices. Personal data is systematically collected and shared with dozens of third-party companies without users’ knowledge.

Source: Top Apps Invade User Privacy By Collecting and Sharing Personal Data, New Report Finds

>