Data collection and Security - Information Management Today

Look Beyond TikTok: Massive Data Collection Is the Real Risk

Data Breach Today

MARCH 29, 2023

All Social Media Apps Collect Information on a Scale That Facilitates Surveillance There's much national security ado about how much user data gets collected by the Chinese-owned, wildly popular video-sharing app TikTok.

Data collection

Data collection Risk Government Security

FTC Initiates Privacy and Data Security Rule-Making

Data Breach Today

AUGUST 11, 2022

Commission Asks for Comment on Link Between Consumer Surveillance and Lax Security U.S. companies could see new cybersecurity rules and restrictions on consumer data collection under a rule-making process initiated by the FTC.

Privacy

Privacy Security Data collection Cybersecurity

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

Security Affairs

MARCH 1, 2021

users for illegal data collection. The Chinese firm was accused to have failed to get the users’ consent to collect data in compliance with the Illinois biometric privacy law. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Data collection

Data collection Privacy Compliance Security

RSAC Fireside Chat: Jscrambler levels-up JavaScript security, slows GenAI-fueled privacy loss

The Last Watchdog

JUNE 10, 2024

Related: Next-level browser security That’s a question that spilled out of a thought-provoking conversation I had with Pedro Fortuna , co-founder and CTO of Jscrambler , at RSAC 2024. Jscrambler provides granular visibility and monitoring of JavaScript coding thus enabling companies to set and enforce security rules and privacy policies.

Privacy

Privacy Security Mining Data collection

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.

Artificial Intelligence

2 State Cybersecurity, Data Privacy Laws Enacted

Data Breach Today

JULY 13, 2021

Connecticut Law Provides Security Incentives; Colorado Measure Addresses Consumers' Privacy Two states have recently taken steps to bolster cybersecurity and data privacy protections. And a new data privacy law in Colorado allows individuals to opt out of data collection.

Data Privacy

Data Privacy Privacy Cybersecurity Data collection

Secret CIA Data Collection Program

Schneier on Security

FEBRUARY 15, 2022

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information from the CIA. No real details yet.

Data collection

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

The Last Watchdog

OCTOBER 23, 2023

Cisco’s $28 billion acquisition of Splunk comes at an inflection point of security teams beginning to adopt to working with modern, cloud-native data lakes. Related: Dasera launches new Snowflake platform For years, Splunk has been the workhorse SIEM for many enterprise Security Operation Centers (SOCs).

Data science

Data science Security Analytics Data migration

This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI

WIRED Threat Level

JUNE 4, 2024

Windows Recall takes a screenshot every five seconds. Cybersecurity researchers say the system is simple to abuse—and one ethical hacker has already built a tool to show how easy it really is.

Data collection

Data collection Cybersecurity IT Privacy

Avast Stops Using Security Software to Track Browsing Data

Data Breach Today

JANUARY 31, 2020

Czech Anti-Virus Giant Faced Outcry Over Privacy Risks Posed by Data Tracking Anti-virus giant Avast is shuttering Jumpshot, its data-collecting side business that has been funneling detailed internet browsing activity from the company's security products and browser extensions to marketers, after a probe by PCMag and Motherboard found the company (..)

Data collection

Data collection Security Marketing Privacy

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

The Last Watchdog

MAY 20, 2022

The unification revolution of cybersecurity solutions has started – and managed security service providers are leading the way. Managed security services (MSS) refer to a service model that enable the monitoring and managing of security technologies, systems, or even software-as-a-service (SaaS) products.

Security

Security Cybersecurity Digital transformation Marketing

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. Tony Sager, senior vice president and chief evangelist at the Center for Internet Security. TS: Like a lot of things in security, the economics always win.

Security

Security Computer and Electronics IoT Cloud

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

The Last Watchdog

APRIL 9, 2020

Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will get crunched by virtual servers. The many privacy and security issues raised by IoT, however, are another story. The addressing of IoT privacy and security concerns lags far, far behind.

IoT

IoT Security Cloud Passwords

GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

The Last Watchdog

MAY 26, 2021

With that in mind, what steps can you take to ensure that your personal data is protected at all times? As a data-driven, security-focused company, we’ve rounded up our top tips inspired by World Password Day to help you improve your password game. Password overhaul.

Passwords

Passwords Security Authentication Paper

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Customer Experience

Customer Experience Privacy Data collection Marketing

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

SEPTEMBER 9, 2019

Department of Homeland Security that manages the nation’s naturalization and immigration system. The Department of Homeland Security did not respond to requests for comment, nor did the Department of Transportation. Image: Hold Security. Department of Transportation , the National Institutes of Health (NIH), and U.S.

IT

IT Government Access Military

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 9, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Phishing

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Security Affairs

NOVEMBER 6, 2024

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc.

Security

Security Government Risk Data collection

Why Data Ethics Is a Growing CISO Priority

Dark Reading

AUGUST 3, 2020

With data collection growing, and increased concern about how it is handled, a synergy between security and data teams will be essential.

Data collection

Data collection Security IT

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

The Last Watchdog

SEPTEMBER 11, 2019

Security orchestration, automation and response, or SOAR, is a fledgling security technology stack that first entered the cybersecurity lexicon about six years ago. Saurabh told me he developed a passion for helping organizations improve the efficiencies of their security operations. billion, and later co-founded SumoLogic.

Security

Security Big data Cybersecurity Analytics

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

OCTOBER 31, 2022

Security experts say the passwords and other data stolen by Raccoon malware were often resold to groups engaged in deploying ransomware. investigators by Polish border security officials, and it shows Sokolovsky leaving Poland for Germany on Mar. Working with investigators in Italy and The Netherlands, U.S.

Military

Military Passwords Data collection Ransomware

Sipping from the Coronavirus Domain Firehose

Krebs on Security

APRIL 16, 2020

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. Data: Hold Security.

Phishing

Phishing Data collection Security Government

Google Play to Require Android App Data Privacy and Security Disclosures

Hunton Privacy

MAY 10, 2021

On May 6, 2021, Google announced that beginning in the second quarter of 2022, mobile app developers submitting new apps and app updates to the Google Play store will be required to disclose certain information regarding their apps’ data collection, use, sharing and security practices, as well as provide a privacy policy for their apps.

Privacy

Privacy Data Privacy Security Data collection

Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security

MARCH 11, 2022

As Russian military tanks and personnel began crossing the border into Ukraine last month, security experts tracked a series of destructive data “wiper” attacks aimed at Ukrainian government agencies and contractor networks.

Phishing

Phishing Military Government Data collection

China Issues Data Security Law

Hunton Privacy

JUNE 16, 2021

After two rounds of public comments, the Data Security Law of the People’s Republic of China (the “DSL”) was formally issued on June 10, 2021, and will become effective on September 1, 2021. Data Security Policies. Data Security Obligation. increasing the punishment dynamics for violations of the law. .

Security

Security Education Government Cybersecurity

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

Now for the big challenge - security. The "s" in IoT is for Security Ok, so the joke is a stupid oldie, but a hard truth lies within it: there have been some shocking instances of security lapses in IoT devices. But there are also some quick wins, especially in the realm of "using your common sense". Let's dive into it.

IoT

IoT Security Risk Cloud

The Ethics of Network and Security Monitoring

Dark Reading

MARCH 17, 2023

Companies need to rethink their data collection and monitoring strategies to protect employee privacy and corporate integrity. The chances of getting hacked are no longer low.

Data collection

Data collection Security Privacy

Access Management is Essential for Strengthening OT Security

Thales Cloud Protection & Licensing

MAY 23, 2022

Access Management is Essential for Strengthening OT Security. These systems are connected to and managed from the cloud to fine-tune performance, provide data analytics, and ensure the integrity of critical infrastructure across all sectors. Tue, 05/24/2022 - 06:11. The threat landscape. The vulnerability landscape.

Access

Access Security Ransomware Authentication

The Equifax Breach Settlement Offer is Real, For Now

Krebs on Security

DECEMBER 20, 2022

In 2017, Equifax disclosed a massive, extended data breach that led to the theft of Social Security Numbers, dates of birth, addresses and other personal information on nearly 150 million people. Americans currently have no legal right to opt out of this data collection and trade. They received a check for $6.97.

Data breaches

Data breaches Data collection Paper Personal data

This Machine Exposes Privacy Violations

WIRED Threat Level

JULY 24, 2024

A former Google engineer has built a search engine, WebXray, that aims to find illicit online data collection and tracking—with the goal of becoming “the Henry Ford of tech lawsuits.”

Privacy

Privacy Data collection Security

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. It should be no surprise that data security regulations are on the rise.

Data Privacy

Data Privacy Compliance Privacy GDPR

Wegmans Agrees to Pay $400,000 Penalty After Cloud Security Lapse

Hunton Privacy

JULY 14, 2022

Wegmans”) in connection with a cloud storage security issue. The NYOAG alleges that Wegmans exposed the personal information of three million consumers by storing the data in misconfigured cloud storage containers. As a result, the NYOAG alleges Wegmans violated New York data security and consumer protection laws.

Cloud

Cloud Security Passwords Data collection

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

The Last Watchdog

JUNE 13, 2022

The top drivers of the continued growth of cybersecurity are: the growing need to protect the API supply chain, the inadequacy of existing identity management systems, and the unfulfilled promise of data-driven AI-powered cybersecurity systems. Securing APIs. Every week, we see a new pitch for an API supply chain security startup.

Cybersecurity

Cybersecurity Data science Artificial Intelligence Marketing

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

The Last Watchdog

MAY 21, 2020

Logged online activities are easier to trace so service providers can perform the necessary security check if one is required. Online fingerprinting, which started life as a security and accountability measure, is now being used to identify internet users for other purposes.

Privacy

Privacy GDPR Risk Data collection

China Issues the Second Version of the Draft of Data Security Law

Hunton Privacy

MAY 3, 2021

On April 29, 2021, China issued a second draft version of the Data Security Law (“Draft DSL”). Article 30 differentiates how the cross-border transfer of important data is to be treated by critical information infrastructure (“CII”) operators and by other data processors.

Security

Security Cybersecurity Data collection Government

Mobile virtual network operator Mint Mobile discloses a data breach

Security Affairs

DECEMBER 23, 2023

. “We are writing to inform you about a security incident we recently identified in which an unauthorized actor obtained some limited types of customer information. ” reads the data breach notification email sent to the impacted customers.

Data breaches

Data breaches Data collection Passwords Access

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

The Last Watchdog

DECEMBER 7, 2021

A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating data collected from live settings. As data collection and computer modeling have advanced apace, so have the use-cases for digital twin technology. Alexander. I’ll keep watch and keep reporting.

Data collection

Data collection Artificial Intelligence Data Privacy IT

How to Advocate for Data Privacy and Users' Rights

WIRED Threat Level

SEPTEMBER 28, 2022

Want to speak up against Big Tech, unjust data collection, and surveillance? Here's how to be an activist in your community and beyond.

Data Privacy

Data Privacy Privacy Data collection Security

Internet providers tracking sites we visit in secretive trial

The Guardian Data Protection

MARCH 11, 2021

Details about the data collection experiment are limited, emerging via an obscure regulatory disclosure and a report in Wired , prompting campaigners to warn of a lack of transparency over data being “hoovered up into a surveillance net”.

Data collection

Data collection Security

Norway suspends its COVID-19 contact tracing app due to privacy concerns

Security Affairs

JUNE 16, 2020

On Friday, the Norwegian Data Protection Authority (Norwegian: Datatilsynet) issued a warning that it would stop the Norwegian Institute of Public Health from handling data collected via Smittestopp contact tracing app. “The pandemic is not over,” she said. . Pierluigi Paganini.

Privacy

Privacy IT Data collection Personal data

NationalPublicData.com Hack Exposes a Nation’s Data

Krebs on Security

AUGUST 15, 2024

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. Many media outlets mistakenly reported that the National Public data breach affects 2.9

Data breaches

Data breaches Privacy Sales Cleanup

Best Wi-Fi Security & Performance Testing Tools for 2022

eSecurity Planet

MAY 20, 2022

But security remains a problem. Modern Wi-Fi networks are certainly more secure than early versions, as Wi-Fi security standards have evolved over the years, from Wired Equivalent Privacy (WEP) to Wi-Fi Protected Access (WPA), WPA2, and now WPA3 with its improved security. Challenges of Wi-Fi Security.

Security

Security Access Encryption Passwords

Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates

Security Affairs

FEBRUARY 28, 2020

Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates. The post Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates appeared first on Security Affairs. ”added Netblocks. It's 5:30 a.m.

Military

Military Data collection Government Access

Changes in WhatsApp’s Privacy Policy

Schneier on Security

JANUARY 11, 2021

Some of the data that WhatsApp collects includes: User phone numbers. Diagnostic data collected from app logs. Under the new terms, Facebook reserves the right to share collected data with its family of companies. Other people’s phone numbers stored in address books. Profile names.

Privacy

Privacy Data collection IT

Look Beyond TikTok: Massive Data Collection Is the Real Risk

FTC Initiates Privacy and Data Security Rule-Making

Trending Sources

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

RSAC Fireside Chat: Jscrambler levels-up JavaScript security, slows GenAI-fueled privacy loss

Generative AI Deep Dive: Advancing from Proof of Concept to Production

2 State Cybersecurity, Data Privacy Laws Enacted

Secret CIA Data Collection Program

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI

Avast Stops Using Security Software to Track Browsing Data

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

Supply Chain Security 101: An Expert’s View

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Secret Service Investigates Breach at U.S. Govt IT Contractor

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Why Data Ethics Is a Growing CISO Priority

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Sipping from the Coronavirus Domain Firehose

Google Play to Require Android App Data Privacy and Security Disclosures

Report: Recent 10x Increase in Cyberattacks on Ukraine

China Issues Data Security Law

IoT Unravelled Part 3: Security

The Ethics of Network and Security Monitoring

Access Management is Essential for Strengthening OT Security

The Equifax Breach Settlement Offer is Real, For Now

This Machine Exposes Privacy Violations

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

Wegmans Agrees to Pay $400,000 Penalty After Cloud Security Lapse

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

China Issues the Second Version of the Draft of Data Security Law

Mobile virtual network operator Mint Mobile discloses a data breach

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

How to Advocate for Data Privacy and Users' Rights

Internet providers tracking sites we visit in secretive trial

Norway suspends its COVID-19 contact tracing app due to privacy concerns

NationalPublicData.com Hack Exposes a Nation’s Data

Best Wi-Fi Security & Performance Testing Tools for 2022

Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates

Changes in WhatsApp’s Privacy Policy

Stay Connected