Video: Zoom Researcher Details Web Conference Security Risks, 2020 Threats

video zoom researcher details web conference security risks 2020 threats

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. View Original Source Article HERE

Why Companies Should Care about Data Privacy Day

Marking yesterday’s 14th anniversary of Europe’s first data protection day reminds us how far we still have to go. Enterprisewide leverage of company data is now a near-universal objective for the modern organization, but this must be balanced with the needs of data protection and privacy compliance. The frequency with which breaches of personally identifiable

15 NFL teams’ Twitter hijacked in lead-up to the Super Bowl

15 nfl teams twitter hijacked in lead up to the super bowl

by Lisa Vaas The cybercriminal group OurMine has struck again, claiming responsibility for hijacking and defacing the Twitter accounts of the US National Football League (NFL) and 15 of its teams. The timing is pointed: The attacks hit during this, the media-hectic week that leads up to Sunday’s Super Bowl Championship, which will pit the

How to take charge of your Google privacy settings

how to take charge of your google privacy settings

Have you had a Google Privacy Checkup lately? If not, when better than Data Privacy Day to audit the privacy of your Google account? Users have become increasingly sensitive about how their data is handled, which in turn means that tech companies face increasing scrutiny. Google, for example, has introduced new privacy features in recent

NFL, Multiple NFL Teams’ Twitter Accounts Hacked and Hijacked

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2015-3154PUBLISHED: 2020-01-27 CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email. CVE-2019-17190PUBLISHED: 2020-01-27 A Local Privilege Escalation

5 Ways To Be a Bit Safer This Data Privacy Day

5 ways to be a bit safer this data privacy day

5 Safety Tips For Data Privacy Day Today is Data Privacy Day. As we say every year, Data Privacy Day is more than just a 24-hour period when you try to keep safe online. It’s a day to think about changes you can make in your digital life that will keep you safer today, and

Security admins checklist: 10 tasks to perform every year

security admin checklist

Here is a checklist of 10 important tasks security administrators should perform to keep devices protected and secure. Security administrators oversee the secured processes in place, safeguarding the day-to-day operations of an organization. While it is easy for users to focus solely on protecting computers and their devices, security admins are tasked with managing the overall

Time for Some Straight Talk Around Network Traffic Analysis

time for some straight talk around network traffic analysis

According to research from the Enterprise Strategy Group, 87% of organizations use Network Traffic Analysis (NTA) tools for threat detection and response today, and 43% say that NTA is a “first line of defense” in case of an attack. The increasing IT complexity is one of the main factors in the adoption of NTA tools

FTC Marks Tax Identity Theft Awareness Week February 3-7, 2020

The Federal Trade Commission will mark Tax Identity Theft Awareness Week, February 3-7, 2020, by co-hosting a series of free events highlighting the warning signs of tax identity theft and government imposter scams, ways consumers can protect themselves, and what to do if a consumer is a victim of tax identity theft. Tax identity theft

Background Check Services Provider Agrees to Settle FTC Allegations that it Falsely Claimed Participation in the EU-U.S. Privacy Shield

A company that provides security and investigative services, including background check services, has agreed to settle Federal Trade Commission allegations that the firm misrepresented its participation in and compliance with the EU-U.S. Privacy Shield framework, which enables companies to transfer consumer data legally from European Union countries to the United States. In a complaint, the

5 Ways Your Organization Can Ensure Improved Data Security

5 Ways Your Organization Can Ensure Improved Data Security - making Sense of Security

5 Ways to Ensure Improved Data Security Within Your Organization Each year on January 28, the United States, Canada, Israel, and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take

Job hunting? Beware hiring scams using spoofed company websites

job hunting beware hiring scams using spoofed company websites

Cybercriminals are putting a new twist on an old trick Scammers are combining spoofed company websites and fake job ads to trick unsuspecting job seekers into surrendering their sensitive information and paying fraudulent fees. According to a recent public service announcement by the FBI’s Internet Crime Complaint Center (IC3), fraudsters increasingly post job openings on

FTC to Host Workshop Voice Cloning Technologies on Jan. 28

WHAT: The Federal Trade Commission will host a workshop to examine voice cloning technologies. WHEN: Tuesday, January 28, 12:30 p.m.-5:00 p.m. ET. WHERE: Constitution Center400 Seventh St., SWWashington, D.C. 20024 WHO: The event will feature remarks by FTC Commissioner Rohit Chopra as well as industry officials, academics, and others. WEBCAST: The workshop will be webcast.

Dating Apps Share Personal Data with Advertisers and 3rd Parties

dating apps share personal data with advertisers study says

Dating Apps Are Sharing Your Personal Data with Third-Parties and Advertisers Some of the most popular dating services may be violating GDPR or other privacy laws Unbeknownst to their users, several popular dating apps, including Tinder, OkCupid, and Grindr, share detailed personal data on their users with third parties for advertising purposes, a study conducted

Big Microsoft data breach – 250 million records exposed

big microsoft data breach 250 million records

by Paul Ducklin Microsoft has today announced a data breach that affected one of its customer databases. The blog article, entitled Access Misconfiguration for Customer Support Databases, admits that between 05 December 2019 and 31 December 2019, a database used for “support case analytics” was effectively visible from the cloud to the world. Microsoft didn’t

3 ways to browse the web anonymously

3 ways to browse the web anonymously

Are you looking to hide in plain sight? Here’s a rundown of three options for becoming invisible online As concern about internet privacy grows and grows, more and more people are actively seeking to browse the web anonymously. There are various ways to avoid being identified or tracked on the internet, although, in fact, “attempt

Ransomware Upgrades with Credential-Stealing Tricks

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2020-7227PUBLISHED: 2020-01-18 Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, … CVE-2019-15625PUBLISHED: 2020-01-18 A memory usage vulnerability

Data Awareness Is Key to Data Security

Traditional data-leak prevention is not enough for businesses facing today’s dynamic threat landscape. Data attacks reached an all-time high in 2019 as we continued to transform our lives digitally — moving our work, health, financial, and social information online. In response, businesses must meet hefty data and information protection regulatory and compliance requirements. There’s no

What do online file sharers want with 70,000 Tinder images?

Tinder to get panic button, catfish-fighting facial recognition

by Danny Bradbury A researcher has discovered thousands of Tinder users’ images publicly available for free online. Aaron DeVera, a cybersecurity researcher who works for security company White Ops and also for the NYC Cyber Sexual Assault Taskforce, uncovered a collection of over 70,000 photographs harvested from the dating app Tinder, on several undisclosed websites.

Should cybersecurity be taught in schools?

should cybersecurity be taught in schools

Experts weigh in on whether schools should teach kids the skills they need to safely reap the benefits of the online world With education being one of the key factors in everyone’s life, the education system of any country seeks to provide children not only with elementary competencies, but also equip them with at least

How to spot if your child is a victim of cyberbullying

how to spot if your child is a victim of cyberbullying

What are some of the most common warning signs that your child is experiencing online harassment? Cyberbullying is by no means a new phenomenon; in fact, the term was added to the Oxford Dictionary back in 2011. However, as technology permeates almost every facet of our lives, the threat of online harassment is becoming more

2FA: Double down on your security

2fa double down on your security

The second authentication factor might be a minor inconvenience, but it provides a major security boost With past years riddled with security breaches, it is high time we evaluated the way we secure our online presence. The usual way to secure most of your digital accounts is by using a password, no question about it.

Voice Cloning: Where WOW Meets OMG

Don’t Become a Victim of Voice Cloning Have you had this experience? You hear about a remarkable innovation, but before you can finish the phrase “That’s amaz . . . .” you’ve already jumped ahead to the questions and concerns it raises. It’s also the subject of You Don’t Say: An FTC Workshop on Voice

Cyberawareness in Australia: The good and the bad

cyberawareness in australia the good and the bad

An ESET-commissioned survey sheds light on the browsing habits of Australians and how they protect themselves online Australia is a highly interconnected country with nine in ten inhabitants being internet users, most of which use the internet every day. What do they know about cybersecurity and how do they approach it, though? A recent survey