September 24, 2024 at 09:00AM Kaspersky has started withdrawing its offerings in the U.S., transitioning users to UltraAV before its formal exit at the end of September. While the company ensured a seamless transition to maintain protection, some users reported unexpected automatic deletion of Kaspersky’s software. UltraAV claimed to have communicated the transition process to … Read more
September 23, 2024 at 10:08AM Summary: Data resilience, a critical aspect of cybersecurity, focuses on securing an organization’s sensitive data assets. The process requires data discovery, classification, and securing sensitive data stores. Research conducted by Enterprise Strategy Group highlights the importance of stakeholder alignment, project planning, and securing executive support for successful implementation of Data … Read more
September 23, 2024 at 06:49AM Discord has introduced a new end-to-end encryption protocol, DAVE, to secure audio and video calls in DMs, Group DMs, and voice channels. However, it’s important to note that messages on Discord will remain unencrypted and subject to content moderation. DAVE uses publicly auditable encryption methods, ensuring secure communication while prioritizing … Read more
September 19, 2024 at 05:57PM The FTC reveals a deep-rooted issue of data harvesting and inadequate protection by major social media and video streaming companies, endangering privacy and freedoms. The companies collect and retain user data with subpar protection, pose potential harms with AI models, and fail to adequately protect teenagers’ data. The report urges … Read more
September 19, 2024 at 01:22PM The FTC staff report reveals widespread user surveillance by social media and video streaming companies, with insufficient privacy protections for children and teens. The findings, based on a 2019-2020 investigation, raise concerns about data retention, sharing practices, and targeted advertising. The report urges Congress to pass comprehensive federal privacy legislation … Read more
September 18, 2024 at 01:42PM ServiceNow’s enterprise knowledge bases (KBs) continue to expose sensitive corporate data, despite last year’s security improvements. AppOmni’s research found 45% of instances leaked internal data due to outdated configurations and misconfigured access controls. ServiceNow acknowledged the issue and identified changes but encountered challenges protecting KBs due to internal and external … Read more
September 18, 2024 at 08:24AM AT&T has agreed to pay $13 million in a settlement with the FCC over a 2023 data breach compromising customer information. The FCC’s consent decree addresses AT&T’s failure to protect customer data and mandates investments in data protection measures. AT&T is required to limit vendor access to customer information and … Read more
September 18, 2024 at 05:19AM Google is introducing new features in Chrome for enhanced data control and protection. Updates include an improved Safety Check, easier opting out of website notifications, and granting one-time permissions. Safety Check will now automatically run in the background and notify users of security issues and potentially unwanted notifications. Users can … Read more
September 17, 2024 at 01:15AM SolarWinds released fixes for two security flaws in its Access Rights Manager (ARM) software. The critical vulnerability (CVE-2024-28991) with a 9.0 CVSS score allows remote code execution. A medium-severity flaw (CVE-2024-28990) was also addressed. Security researcher Piotr Bazydlo discovered the flaws, and updates to ARM version 2024.3.1 are recommended to … Read more
September 16, 2024 at 12:53PM Snowflake has made multi-factor authentication (MFA) the default for all new user accounts, following investigations into data thefts. This change follows pressure to enhance security, with additional password strength measures also being implemented. Snowflake aims to eliminate password-only authentication in the long term and advises users to consult security best … Read more