Starting on December 8, Apple will require all third-party developers to detail their app’s privacy information, according to an Apple post. Security experts note that this new update (iOS 14) puts additional focus on user privacy, and in particular gives users better visibility into their personal information that is shared with third parties.
Data must be protected. There’s no argument about that. Solutions to protect data at rest and data in motion have been around for decades. The problem is that for data to be useful, it has to be processed, and, until recently, processing left data wide open to theft or attack.
For most of this year, COVID-19 has dominated and disrupted our normal business routines, and as we relocated to avoid the first wave of the virus, the hackers and thieves weren’t far behind. As people began working remotely in large numbers, the number of unsecured remote desktops soared, as did brute-force attacks against those desktops.
By now, it’s no secret that the endless quest by tech companies, data brokers and other players to capture, make sense of and monetize as much user data as possible – a practice known as surveillance capitalism – presents all sorts of privacy issues. Less discussed are the increased security risks this model creates for companies, governments and individuals.
A Russian national was sentenced to eight years in prison for his role in operating a sophisticated scheme to steal and traffic sensitive personal and financial information in the online criminal underground that resulted in an estimated loss of over $100 million.
A new examination of the top 10 fastest-growing cybersecurity skills shows employers are ready to pay more for workers who can prevent attacks before they occur by building a secure digital ecosystem from the ground up, according to data from Burning Glass Technologies.
Faced with this ransomware onslaught, organizations of all kinds need to rethink how they protect themselves. Part of that rethink means merging the need to provide better privacy protection for their employees with the necessity to protect themselves from the consequences of a ransomware attack exposing both customer and employee data. With federal agencies signaling the possibility of fines for complying with ransomware demands and the liability from exposing personally identifiable data likely to rise significantly, not doing so will soon be too costly to consider.
A security researcher published a blog outlining the details of common misconfigurations in Salesforce that can result in guest users, or hackers leveraging guest user access, gaining access to sensitive data in Salesforce.
Ahead of Amazon Prime Day, a highly-anticipated two-day online event, Bolster Research analyzed hundreds of millions of web pages and tracked the number of new phishing and fraudulent sites using the Amazon brand and logos. T
