by John E Dunn Hands up who’s used the increasingly popular online collaboration platform Trello? Trello is great for organising to-do lists and for coordinating team tasks. But it has its downsides too. While the default for Trello boards is set to ‘private’, many users set them to ‘public’ which means that anyone can see
by Danny Bradbury Facebook is rolling out a global tool to help you understand what other sites and apps tell it about your activities, to make it forget what they’ve shared in the past, and to control what they share in the future. It’s called Off-Facebook Activity, and it’s part of the company’s effort to
In March 2019, researchers with a group called Security Without Borders identified more than 20 government spyware apps squatting in plain sight, pretending to be harmless, vanilla apps on Google’s Play store. Security Without Borders is a non-profit that often investigates threats against dissidents and human rights defenders. Those apps were just a decoy through
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. View Original Source Article HERE
Marking yesterday’s 14th anniversary of Europe’s first data protection day reminds us how far we still have to go. Enterprisewide leverage of company data is now a near-universal objective for the modern organization, but this must be balanced with the needs of data protection and privacy compliance. The frequency with which breaches of personally identifiable
by Lisa Vaas The cybercriminal group OurMine has struck again, claiming responsibility for hijacking and defacing the Twitter accounts of the US National Football League (NFL) and 15 of its teams. The timing is pointed: The attacks hit during this, the media-hectic week that leads up to Sunday’s Super Bowl Championship, which will pit the
Have you had a Google Privacy Checkup lately? If not, when better than Data Privacy Day to audit the privacy of your Google account? Users have become increasingly sensitive about how their data is handled, which in turn means that tech companies face increasing scrutiny. Google, for example, has introduced new privacy features in recent
Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2015-3154PUBLISHED: 2020-01-27 CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email. CVE-2019-17190PUBLISHED: 2020-01-27 A Local Privilege Escalation
5 Safety Tips For Data Privacy Day Today is Data Privacy Day. As we say every year, Data Privacy Day is more than just a 24-hour period when you try to keep safe online. It’s a day to think about changes you can make in your digital life that will keep you safer today, and
Here is a checklist of 10 important tasks security administrators should perform to keep devices protected and secure. Security administrators oversee the secured processes in place, safeguarding the day-to-day operations of an organization. While it is easy for users to focus solely on protecting computers and their devices, security admins are tasked with managing the overall
According to research from the Enterprise Strategy Group, 87% of organizations use Network Traffic Analysis (NTA) tools for threat detection and response today, and 43% say that NTA is a “first line of defense” in case of an attack. The increasing IT complexity is one of the main factors in the adoption of NTA tools
A company that provides security and investigative services, including background check services, has agreed to settle Federal Trade Commission allegations that the firm misrepresented its participation in and compliance with the EU-U.S. Privacy Shield framework, which enables companies to transfer consumer data legally from European Union countries to the United States. In a complaint, the
The Federal Trade Commission will mark Tax Identity Theft Awareness Week, February 3-7, 2020, by co-hosting a series of free events highlighting the warning signs of tax identity theft and government imposter scams, ways consumers can protect themselves, and what to do if a consumer is a victim of tax identity theft. Tax identity theft
Firm Sued For Scraping 3 Billion Faceprints for Facial Recognition New York facial recognition startup Clearview AI is being sued in a potential class action lawsuit that claims the company gobbled up photos out of “pure greed” to sell to law enforcement. This which has amassed a huge database of more than three billion images scraped
5 Ways to Ensure Improved Data Security Within Your Organization Each year on January 28, the United States, Canada, Israel, and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take
Cybercriminals are putting a new twist on an old trick Scammers are combining spoofed company websites and fake job ads to trick unsuspecting job seekers into surrendering their sensitive information and paying fraudulent fees. According to a recent public service announcement by the FBI’s Internet Crime Complaint Center (IC3), fraudsters increasingly post job openings on
Take this quick, multiple choice survey and tell us about your company’s cybersecurity strategies for the upcoming year. View Original Source Article HERE
WHAT: The Federal Trade Commission will host a workshop to examine voice cloning technologies. WHEN: Tuesday, January 28, 12:30 p.m.-5:00 p.m. ET. WHERE: Constitution Center400 Seventh St., SWWashington, D.C. 20024 WHO: The event will feature remarks by FTC Commissioner Rohit Chopra as well as industry officials, academics, and others. WEBCAST: The workshop will be webcast.
Budget limitations and a lack of knowledge or training are two major factors hurting many SMBs, according to a survey from Untangle. View Original Source Article HERE
by Lisa Vaas In spite of Apple having turned over the shooter’s iCloud backups in the case of the Pensacola, Florida mass shooting last month, the US government has been raking it over the coals for supposedly not helping law enforcement in investigations. But according to a new allegation, Apple has been far more accommodating
Companies should realize that any user could be a target and use threat data to build a security awareness training program, says Proofpoint. View Original Source Article HERE
Dating Apps Are Sharing Your Personal Data with Third-Parties and Advertisers Some of the most popular dating services may be violating GDPR or other privacy laws Unbeknownst to their users, several popular dating apps, including Tinder, OkCupid, and Grindr, share detailed personal data on their users with third parties for advertising purposes, a study conducted
Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat. View Original Source Article HERE
by Paul Ducklin Microsoft has today announced a data breach that affected one of its customer databases. The blog article, entitled Access Misconfiguration for Customer Support Databases, admits that between 05 December 2019 and 31 December 2019, a database used for “support case analytics” was effectively visible from the cloud to the world. Microsoft didn’t
Are you looking to hide in plain sight? Here’s a rundown of three options for becoming invisible online As concern about internet privacy grows and grows, more and more people are actively seeking to browse the web anonymously. There are various ways to avoid being identified or tracked on the internet, although, in fact, “attempt
Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2020-7227PUBLISHED: 2020-01-18 Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, … CVE-2019-15625PUBLISHED: 2020-01-18 A memory usage vulnerability
Traditional data-leak prevention is not enough for businesses facing today’s dynamic threat landscape. Data attacks reached an all-time high in 2019 as we continued to transform our lives digitally — moving our work, health, financial, and social information online. In response, businesses must meet hefty data and information protection regulatory and compliance requirements. There’s no
by Danny Bradbury A researcher has discovered thousands of Tinder users’ images publicly available for free online. Aaron DeVera, a cybersecurity researcher who works for security company White Ops and also for the NYC Cyber Sexual Assault Taskforce, uncovered a collection of over 70,000 photographs harvested from the dating app Tinder, on several undisclosed websites.
Experts weigh in on whether schools should teach kids the skills they need to safely reap the benefits of the online world With education being one of the key factors in everyone’s life, the education system of any country seeks to provide children not only with elementary competencies, but also equip them with at least
A device that is supposed to help parents keep track of their children and give them a peace of mind can be turned into a surveillance device Researchers at the AV-Test Institute have uncovered gaping privacy and security holes in the SMA-WATCH-M2 smartwatch that is designed to keep children safe and their parents feeling secure
Smart selections when starting small can ease the pain as you scale up your company’s privacy infrastructure If, unlike enterprise customers, you don’t have six figures to spend, what are some things you can do to protect your data that can scale as your business grows? Even if you don’t plan on scaling to an
Privacy Concern or Identity Protection – Facial Recognition Issues What issues would face scanning attached to a mobile device resolve and, if used correctly, would it make the incursion into my privacy acceptable? On December 1st, China’s regulation took effect requiring each person to have a facial scan when subscribing for a new mobile phone. If
What are some of the most common warning signs that your child is experiencing online harassment? Cyberbullying is by no means a new phenomenon; in fact, the term was added to the Oxford Dictionary back in 2011. However, as technology permeates almost every facet of our lives, the threat of online harassment is becoming more
The second authentication factor might be a minor inconvenience, but it provides a major security boost With past years riddled with security breaches, it is high time we evaluated the way we secure our online presence. The usual way to secure most of your digital accounts is by using a password, no question about it.
SIM Swapping Attacks 5 Vulnerable Major US Wireless Phone Carriers When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds Five major US wireless carriers – AT&T, T-Mobile, Verizon, Tracfone and US Mobile – are susceptible to SIM swap scams, a danger