HackDig : Dig high-quality web security articles for hackers

22,900 MongoDB Databases Held to Ransom by Hacker Threatening to Report Firms for GDPR Violations

Hackers are once again finding unsecured MongoDB databases carelessly left exposed on the internet, wiping their contents, and leaving a ransom note demanding a cryptocurrency payment for the data’s safe return.As ZDNet reports, ransom notes have been left on almost 23,000 MongoDB databases that were let unprotected on the public internet without a pas
Publish At:2020-07-02 12:01 | Read:61 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data breac

Observing a Privacy Milestone: Expert Thoughts on GDPR’s 2nd Anniversary

May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions.What benefits have those organizations experienced in achieving compliance, for instance?
Publish At:2020-05-25 01:18 | Read:259 | Comments:0 | Tags:Featured Articles Regulatory Compliance data privacy data pr

Data privacy law updates eyed by Singapore

In early 2019, Singapore’s data privacy regulators proposed that the country’s data privacy law could use two new updates—a data breach notification requirement and a right of data portability for the country’s residents. The proposed additions are commonplace in several data privacy laws around the world, including, most notably, the European Union Gene
Publish At:2020-05-18 13:42 | Read:183 | Comments:0 | Tags:Malwarebytes news Privacy California California Consumer Pri

A week in security (March 30 – April 5)

Last week on Malwarebytes Labs, we offered readers tips for safe online shopping now that cybercriminals are ramping up Internet-based attacks, showed the impact that GDPR has around the world, and helped users understand how social media platforms mine their personal data. We also hosted our bi-weekly podcast, Lock and Code, with guest Adam Kujawa, who disc
Publish At:2020-04-06 15:45 | Read:399 | Comments:0 | Tags:A week in security covid-19 cyber volunteers draytek gdpr ho

GDPR: An impact around the world

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 cou
Publish At:2020-04-01 17:18 | Read:551 | Comments:0 | Tags:Government Malwarebytes news Privacy Security world Argentin

A week in security (March 2 – 8)

Last week on Malwarebytes Labs, we fired up part 1 of our series on child identity theft, asked how well law enforcement can deal with cybercriminals, and took a trip down the memory lane of moral panic. We also looked at the positives and negatives of VPNs and examined our own progress in the fight against stalkerware, spyware, and monitoring apps. Other cy
Publish At:2020-03-09 17:34 | Read:697 | Comments:0 | Tags:A week in security a week in security awis cathay pacific co

Enforcement of the GDPR will be strengthened in 2020

At the end of 2019, German data protection authorities indicated that they would intensify the use of the framework of sanctions of the GDPR in 2020. Initially, authorities focused primarily on monitoring, advising and supporting companies in the implementation of GDPR. Enforcement of fines In the past, we have reported on several record breaking fines. For
Publish At:2020-03-09 09:44 | Read:612 | Comments:0 | Tags:Business Security b2b data control gdpr Germany

What is ISO 27701?

If you have a familiarity with any information security frameworks and certifications, it’s more than likely you have heard of International Organisation for Standardisation (ISO) and possibly the International Electrotechnical Commission (IEC). From my experience, the most commonly referred to business-level security related certifications are ISO/IEC 27001
Publish At:2020-03-05 00:53 | Read:562 | Comments:0 | Tags:Regulatory Compliance GDPR ISO 27701 ISO27001 ISO27002

Cookie-nabbing app could have served users side helping of XSS

byDanny BradburyA popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to cookie-stealing cross-site scripting (XSS) attacks.The GDPR Cookie Consent plugin, created by WebToffee, claims over 700,000 users. The plug-in is a notification app that begs you to accept cookies when you first visi
Publish At:2020-02-15 12:43 | Read:631 | Comments:0 | Tags:Security threats Cookie consent cookies cross-site scripting

Fintech security: the challenges and fails of a new era

“I have no idea how this app from my bank works, and I don’t trust what I don’t understand.” Josh is not an old curmudgeon or luddite. He’s 42 with a decent understanding of technology. Nevertheless, the changes in fintech have come too fast for him. It’s not that he doesn’t trust his bank. He doesn’t trust him
Publish At:2020-02-05 16:55 | Read:542 | Comments:0 | Tags:Vital infrastructure cryptocurrency finacials fintech gdpr g

Washington Privacy Act welcomed by corporate and nonprofit actors

The steady parade of US data privacy legislation continued last month in Washington with the introduction of an improved bill that would grant state residents the rights to access, control, delete, and port their data, as well as opting out of data sales. The bill, called the Washington Privacy Act, also improves upon its earlier 2019 version, providing
Publish At:2020-02-04 16:50 | Read:1044 | Comments:0 | Tags:Privacy 2019 Washington Privacy Act 2020 Washington Privacy

Dating apps are leaking some of your most sensitive data

Meeting new people has never been particularly easy, which is why dating apps have become so popular. Using carefully calculated computer algorithms, these services match our interests and preferences with other people who have similar tastes. We can then arrange a date – and hopefully find love in the process. But in order to make matches, each service coll
Publish At:2020-01-17 09:15 | Read:777 | Comments:0 | Tags:Mobile News privacy apps gdpr tinder

Explained: data enrichment

How do your favorite brands know to use your first name in the subject line of their emails? Why do you seem to get discounts and special offers on products you’ve recently purchased? Businesses are able to personalize their marketing messages thanks to data enrichment. Data enrichment applies to the process of enhancing, refining, and improving on
Publish At:2020-01-16 16:50 | Read:641 | Comments:0 | Tags:Explained contact enrichment data cleaning data enrichment g

Online privacy in 2019: a legislative review

For decades, the United States treated data privacy like an aging home, patching individual leaks and drafts only when a new storm hit. The country passed a law protecting healthcare-related information, and not much else. It then passed a law protecting video rental information, and not much else. It continued this way, repeatedly passing sector-specific la
Publish At:2019-12-23 16:50 | Read:11793 | Comments:0 | Tags:Privacy ACCESS Act California Consumer Privacy Act comprehen

The GDPR in 2019: the year of the million euro fine

The GDPR came into force in May 2018. This European regulation revolutionized personal data protection, and helped increase awareness of this important subject. The regulation sets out hefty fines of up to 4% of a company’s global annual turnover, or up to €20 million, for organizations that infringe the rules. Although we started to see  a few sanctions und
Publish At:2019-12-18 10:35 | Read:1056 | Comments:0 | Tags:Business Security data breach data control gdpr

Announce

Share high-quality web security related articles with you:)

Tools