HackDig : Dig high-quality web security articles

FTC Looking at Rules to Corral Tech Firms' Data Collection

Whether it’s the fitness tracker on your wrist, the “smart” home appliances in your house or the latest kids’ fad going viral in online videos, they all produce a trove of personal data for big tech companies.How that data is being used and protected has led to growing public concern and officials’ outrage. And now federal regulators are looking at drafting
Publish At:2022-08-12 12:04 | Read:59 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Compliance Privacy &

Researchers Find Stolen Algorithms in Commercial Cybersecurity Products

LAS VEGAS - BLACK HAT USA 2022 - An analysis conducted by two researchers has revealed that some commercial cybersecurity products rely on algorithms that have been taken from other security tools without authorization.The results of the research will be presented on Thursday at the Black Hat conference in Las Vegas by Tom McGuire, instructor at Johns Hopkin
Publish At:2022-08-11 12:04 | Read:104 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security C

Privya Emerges From Stealth With Data Privacy Code Scanning Platform

Privya emerged from stealth mode on Tuesday with a data privacy-focused code scanning platform and $6 million in seed funding.Founded in 2021, the Tel Aviv-based startup takes a ‘shift left’ approach to data privacy, offering a code scanning platform designed to identify data protection issues and violations during the development process, before they make i
Publish At:2022-08-09 16:14 | Read:112 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Priva

Twilio Hacked After Employees Tricked Into Giving Up Login Credentials

Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.The San Francisco company fessed up to the breach in an online notice that describes a sophisticated threat actor with clever social engineering
Publish At:2022-08-08 12:04 | Read:122 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

Slack Forces Password Resets After Discovering Software Flaw

Workplace productivity software giant Slack on Friday forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials.Slack's security response team alerted users to the issue via email and followed up with a blog post warning about the risk of passwords leaking to a skilled attacker."We have no r
Publish At:2022-08-05 16:14 | Read:267 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Ghost Security Snags $15M Investment for API Security Tech

Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.The Austin-based company emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures."We believe the explosive growth of microservices and APIs in the
Publish At:2022-08-05 16:14 | Read:262 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

Compliance Automation Startup RegScale Scores $20 Million Investment

RegScale, a Virginia startup building technology to manage continuous compliance automation tasks, has attracted $20 million in early-stage venture capital funding.The Series A round was led by SYN Ventures with participation from SineWave Ventures, VIPC’s Virginia Venture Partners and SecureOctane.RegScale, which maintains headquarters in Tyson’s Corner, Vi
Publish At:2022-08-03 20:12 | Read:285 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

Robinhood Crypto Penalized $30M for Violating NY Cybersecurity Regulations

The cryptocurrency division of Robinhood has been slapped with a $30 million penalty by New York's Department of Financial Services for significant violations of cybersecurity and money laundering regulations.The $30 million penalty, announced late Tuesday via a consent order, adds to a litany of problems at Robinhood that range from security breaches, to on
Publish At:2022-08-03 16:14 | Read:298 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

VMware Ships Urgent Patch for Authentication Bypass Security Hole

Virtualization technology giant VMware on Tuesday shipped an urgent, high-priority patch to address an authentication bypass vulnerability in its Workspace ONE Access, Identity Manager and vRealize Automation products.The vulnerability carries VMware’s highest severity rating (CVSSv3 base score of 9.8) and should be remediated without delay, the company said
Publish At:2022-08-02 16:13 | Read:375 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

France Closes 'Cookies' Case Against Facebook

French privacy regulators on Thursday closed a case against Facebook after determining the US tech giant had changed the way it collected user data to comply with the law.Facebook was slapped with a 60-million-euro ($61-million) fine last December when the French regulator CNIL ruled it was failing to allow users to easily opt out of cookies, tiny data files
Publish At:2022-07-28 08:05 | Read:337 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Track

Microsoft Catches Austrian Company Exploiting Windows, Adobe Zero-Days

Malware hunters at Microsoft have caught an Austrian hack-for-hire company exploiting zero-day flaws in Windows and Adobe software products in "limited and targeted attacks" against European and Central American computer users.The company, called DSIRF, has been linked to a malware suite called ‘Subzero’ that has been deployed over the last two years via zer
Publish At:2022-07-27 16:13 | Read:391 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

AWS Announces Enhancements to Cloud Security, Privacy, Compliance

Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements to its security offerings.Security, privacy, compliance and identityAWS has announced a new Customer Incident Response Team (CIRT), whose goal is to provide assistance to customers during active security
Publish At:2022-07-27 12:03 | Read:333 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Incident Response Compliance Ris

IBM Security: Cost of Data Breach Hitting All-Time Highs

A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher.The study, which was conducted in partnership with the Ponemon Institute, notes that global average breach costs have cli
Publish At:2022-07-27 12:03 | Read:321 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Cybersecurity Needs to Work Even When Employees Aren’t on Board

Goldman Sachs leadership didn’t get the response they expected from their return to the office (RTO) order. In fact, Fortune reported that only about half of the company’s employees showed up. With today’s tight labor market and many employers allowing remote work, employees have firm ground to stand on. How do you secure a workforce that
Publish At:2022-07-26 13:09 | Read:356 | Comments:0 | Tags:Zero Trust Risk Management zero trust Zero Trust Framework h

PrestaShop Confirms Zero Day Attacks Hitting eCommerce Servers

The team behind the open source PrestaShop ecommerce platform has issued a public advisory to warn of zero day SQL injection attacks hitting merchant servers and planting code capable of stealing customer payment information.An urgent advisory from PrestaShop warned that hackers are exploiting a "combination of known and unknown security vulnerabilities" to
Publish At:2022-07-25 20:11 | Read:303 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud