The abuse and/or misuse of privileged credentials plays a role in almost every cybersecurity breach incident today. With privileged access in hand. an attacker essentially becomes a malicious insider - and that's an alarming scenario for any IT professional, all the way up to the C-level and the Board.
Privileged...
From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.
U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
In the past, the relationship between cybersecurity and privacy has been uneasy and even ill-defined. But today, in the post-GDPR era, the relationship is clear, and so is the legal and compliance path forward, says David Ruiz of Malwarebytes.
Dark patterns are out to get you. The term describes the practice of abusing usability norms to create user interfaces that trick users into divulging their personal details or sacrificing their privacy. Bipartisan legislation proposed in the U.S. Senate, however, would make malicious design illegal.
The lack of a strong security culture at Equifax - especially compared to its two main competitors - was a key factor contributing to its 2017 data breach that exposed the personal records of 145 million Americans, according to a 71-page Congressional report.
The Indian government is not doing enough to address cybersecurity issues for the upcoming national election, says cyber law expert Pavan Duggal, who offers a harsh assessment.
The Singapore government has introduced draft legislation that it says would help in combating fake news, especially on social media platforms. While some privacy experts have expressed reservations, government intervention is merited.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
Singapore Prime Minister Lee Hsien Loong has formed a committee to conduct a comprehensive review of data security practices and suggest recommendations for preventing data breaches that affect critical infrastructure. How are security experts reacting?
Some privacy activists and cyber lawyers are criticizing Facebook's new requirement in India that users who are posting content related to elections or national security verify their identity by sharing either their driving license, passport or PAN card.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
Britain's intelligence establishment warns that Chinese networking giant Huawei's "software engineering and cybersecurity processes" continue to be beset by unresolved "defects" and that improvements promised by the manufacturer have yet to be seen.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.