June 14, 2024 at 08:30AM “Data is rapidly expanding, with businesses of all sizes managing petabytes. The data is continuously accessed and analyzed, posing challenges for securing such a dynamic landscape. An upcoming webinar features industry experts discussing adapting security strategies, access control, third-party data risks, and future-proofing for big data era. Essential for data … Read more
June 13, 2024 at 01:25PM A proof-of-concept exploit for Veeam Recovery Orchestrator vulnerability tracked as CVE-2024-29855 has been released by security researcher Sina Kheirkha. The exploit allows unauthenticated access to the web UI with administrative privileges due to a hardcoded JWT secret. Veeam’s security bulletin suggests upgrading to patched versions and provides conditions required to … Read more
June 13, 2024 at 09:39AM Privacy campaigner noyb has filed a GDPR complaint against Google’s Privacy Sandbox, claiming that turning on a “Privacy Feature” in Chrome led to unwanted tracking. The Privacy Sandbox API, introduced in 2023 by Google, was meant to replace third-party tracking cookies with browser-based tracking. However, noyb alleges that this results … Read more
June 13, 2024 at 07:39AM The investigation into a data protection gaffe at the UK’s NHS revealed that a medical student mistakenly disposed of confidential medical data in bin bags, leading to its exposure in a suburban alley. The trust assured the public that the documents were recovered and those affected have been contacted. The … Read more
June 12, 2024 at 05:21PM Numerous vulnerabilities in a widely used biometric terminal raise concerns about unauthorized access, data manipulation, and malware deployment. Though biometric security is growing in popularity, these vulnerabilities pose significant risks, particularly in critical environments. However, experts emphasize the unique security features of biometrics and suggest strategies to fortify biometric systems. … Read more
June 12, 2024 at 03:30PM Fortinet is set to acquire Lacework, a cloud security firm, to bolster its secure access service edge (SASE) offerings with cloud-native security services. Lacework’s platform integrates artificial intelligence, machine learning, data collection, and code security tools to safeguard cloud workflows. The deal is expected to be completed in the second … Read more
June 12, 2024 at 12:45PM AI-powered data security company Cyberhaven raised $88 million in a Series C funding round led by Adams Street Partners and Khosla Ventures, with participation from other investors. Its total funding now exceeds $136 million, valuing the company at $488 million. The investment will be used to expand product offerings and … Read more
June 12, 2024 at 10:04AM The evolving threat landscape and staff challenges make effective cybersecurity crucial. In 2024, $215 billion will be spent on risk management and cybersecurity. CIOs aim for streamlined efficiency, while CISOs focus on securing organizations. Aligning IT and security can lead to financial optimization, heightened resilience, and improved engagement. Communicate, define … Read more
June 11, 2024 at 04:54PM Canada and the UK are conducting a joint investigation into a 23andMe data breach after a threat actor posted 4 million company records on the Dark Web. 23andMe confirmed the breach affected 7 million people due to a credential-stuffing attack. The investigation aims to protect individuals’ privacy rights and scrutinizes … Read more
June 11, 2024 at 09:33AM The UK and Canada data protection watchdogs are collaborating to investigate the 23andMe data breach. The probe will assess any customer harm, safeguards in place, and transparency with regulators. The breach affected nearly 7 million individuals, with attackers targeting users’ genetic information. 23andMe’s delayed implementation of 2FA is also under … Read more