July 26, 2024 at 10:01AM Cybersecurity compliance remains a priority for private organizations and government bodies, with new regulations being proposed. While regulations offer leverage for improving security processes, they also increase the burden on chief information security officers (CISOs) to navigate cost containment, trust-building, and compliance. It’s crucial to clarify security responsibilities beyond the … Read more
July 25, 2024 at 01:57AM Google is enhancing security in Chrome by adding new warnings for potentially dangerous file downloads. The new warnings convey more detailed information and offer a two-tier warning system based on Google Safe Browsing verdicts. Enhanced Protection mode allows for automatic deep scans without user prompts, while maintaining user privacy by … Read more
July 24, 2024 at 04:39AM The UK’s Information Commissioner’s Office (ICO) reprimanded Chelmer Valley High School for breaking data protection laws by introducing facial recognition technology for canteen payments without proper assessments and permission. The school failed to consult the data protection officer, parents, and students, and relied on assumed consent. ICO provided recommendations for … Read more
July 23, 2024 at 06:28AM Specops Software addresses the inherent security risks in traditional employee onboarding methods by offering a First Day Password feature with Specops uReset. This tool eliminates the need to share initial passwords and empowers new employees to create secure passwords through a verified system. By using this method, organizations can significantly … Read more
July 23, 2024 at 06:28AM Meta has been given until September 1, 2024, to address concerns from the European Commission regarding its “pay or consent” advertising model. The Commission warned of enforcement measures if not addressed, stating that this model may violate consumer protection laws. Similar actions have been taken against other tech companies like … Read more
July 22, 2024 at 01:01PM Play ransomware, a new threat, has initiated targeted attacks on Linux devices, focusing on VMware ESXi virtual machines. This is a concerning development, expanding potential victims and ransom negotiation success. The gang’s tactics involve scanning and encrypting files, leading to significant disruptions in business operations and reduced data recovery options. … Read more
July 19, 2024 at 08:28AM The Cloud Security Alliance released CCSK v5, a comprehensive cloud security training and certificate for security professionals. It covers topics like incident response, data encryption, and application security. The program complements other education and provides in-depth information on cloud architecture, workloads, AI, and more. The exam is 120 minutes long … Read more
July 18, 2024 at 05:17PM A judge has mostly dismissed a lawsuit by America’s financial watchdog against SolarWinds and its CISO for misleading investors about computer security practices and the backdooring of its Orion product after the SUNBURST attack. The judge ruled in favor of SolarWinds on post-SUNBURST claims but sustained the SEC’s securities fraud … Read more
July 18, 2024 at 04:03PM OpenAI is launching new compliance tools for ChatGPT Business Edition, aiming to support enterprise customers in regulated industries like finance and healthcare. The Enterprise Compliance API and third-party integrations help audit, manage data, and ensure compliance with regulations like FINRA, HIPAA, and GDPR. This move aligns with OpenAI’s focus on … Read more
July 18, 2024 at 04:00AM Meta has suspended the use of generative artificial intelligence in Brazil following objections from the country’s data protection authority over privacy concerns. The halt is due to talks with Brazil’s National Data Protection Authority to address the issue. This follows a trend of tech giants facing regulatory challenges over data … Read more