Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Twitter last week started sending emails to developers to inform them of a vulnerability that might have resulted in the disclosure of developer information, including API keys. [Read More]
Someone claims to have leaked tens of gigabytes of Microsoft source code, including for Windows XP and Windows Server 2003. [Read More]
A cybersecurity enthusiast has discovered that Airbnb accounts can be hijacked due to recycled phone numbers, and the issue does not appear to have been fixed. [Read More]
Experts have identified an unprotected Elasticsearch server that contained terabytes of data pertaining to users of Microsoft’s Bing mobile application. [Read More]
Box announced additions and enhancements to its range of products designed for the growing remote working environment. [Read More]
Six European Union countries and the bloc’s executive Commission have begun testing a virtual “gateway” to ensure national coronavirus tracing apps can work across borders. [Read More]
A server misconfiguration has resulted in data pertaining to thousands of Razer customers being exposed to the Internet. [Read More]
American tech giant Microsoft said Sunday its offer to buy TikTok was rejected, leaving Oracle as the sole remaining bidder ahead of the imminent deadline for the Chinese-owned video app to sell or shut down its US operations. [Read More]
Facebook may be forced to stop sending data about its European users to the U.S., in the first major fallout from a recent court ruling that found some trans-Atlantic data transfers don’t protect users from American government snooping. [Read More]
Researchers disclose Raccoon Attack, a new method that can allow malicious actors to decrypt TLS connections, but launching a successful attack is not an easy task. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Alastair Paterson's picture
Opportunities for accidental exposure of sensitive information are often compounded by multiple stakeholders using collaborative tools without the proper policies, oversight and security training.
Laurence Pitt's picture
For an MSP looking to grow business, the convergence of SD-WAN and security, along with the transitional needs of customers, translates to opportunity.
Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.