HackDig : Dig high-quality web security articles

Why Security Pros Can’t Ignore Big Data Monopolies

The rise of the cloud didn’t free us from concerns over who stores our data. Where matters, and major cloud providers and big data monopolies host a huge percentage of the world’s data. Thousands of organizations that store and manage personal, business and government data use big-name cloud providers. Smartphone platform companies house an
Publish At:2021-04-15 13:01 | Read:113 | Comments:0 | Tags:Data Protection Risk Management Big Data Big Data Security D

Don’t Stop At ‘Delete:’ How Privacy Needs Are Shaping Data Destruction

It’s just part of the job: at some point in a device’s lifecycle, data must be destroyed. While deleting files may mean users and apps can’t access them, simple deletion isn’t enough to truly destroy the data. To be most effective, secure data destruction has to be complete. This is especially true when your organization needs to sta
Publish At:2021-04-14 17:26 | Read:114 | Comments:0 | Tags:Data Protection Compliance Data Data Privacy Privacy

Nude photo theft offers lessons in selfie security

Two former college graduates are in a lot of trouble after breaking into other students’ accounts and stealing sensitive personal data. They’re facing some serious charges with restitution payments of $35,430, potential jail time, and the threat of very big fines thrown into the mix. What happened? A man from New York has pleaded guilty to one co
Publish At:2021-02-12 13:00 | Read:388 | Comments:0 | Tags:Privacy compromise court data email guilty hacking photograp

A week in security (February 1 – February 7)

Last week on Malwarebytes Labs, we dug into a load of security events. We first peered into how Fonix ransomware was giving up the ghost, swearing off a life of crime and even apologizing for past actions. We looked at a credit card skimmer that found opportunity in the latest Magento 1 hacking spree, we warned about the risks of browser sync, and we pondere
Publish At:2021-02-08 15:24 | Read:436 | Comments:0 | Tags:A week in security data emulator hackers lock and code podca

Zoom watermarking: pros and cons

Metadata, which gives background information on pieces of data, is typically hidden. It becomes a problem when accidentally revealed. Often tied to photography mishaps, it can be timestamps. It might be location. In some cases, it can be log analysis. Many tutorials exist to strip this information out. This is because it can reveal more than intended when it
Publish At:2021-01-20 19:00 | Read:422 | Comments:0 | Tags:Privacy audio data embed leak privacy recording The Intercep

What’s up with WhatsApp’s privacy policy?

WhatsApp has been in the news recently after changes to its privacy policy caused a surge of interest in rival messaging app Signal. Initial reports may have worried a lot of folks, leading to inevitable clarifications and corrections. But what, you may ask, actually happened? Is there a problem? Are you at risk? Or should you keep using your apps as you wer
Publish At:2021-01-18 12:24 | Read:464 | Comments:0 | Tags:Privacy data data collection encryption facebook messaging p

Best Practices for Securing Modern Data Architecture

Today’s cloud-native data management platforms can help businesses unlock the potential of their data. These modern data management and storage platforms are designed to deliver lean, high-performance architecture for agile application teams to ensure solid business outcomes, such as rapid time to market. Modern platforms, built for the cloud and in t
Publish At:2021-01-04 14:17 | Read:454 | Comments:0 | Tags:Data Protection Security Services Data Data Management

Data Destruction: Importance and Best Practices

As discussed in an earlier piece, data should be treated as a valuable currency. But there is another aspect to data handling that needs to be considered: data as a liability. Having your data fall into the wrong hands can be incredibly damaging to you and your team, which is all the more reason to have a sound and secure data destruction policy for the las
Publish At:2020-11-19 10:41 | Read:647 | Comments:0 | Tags:Data Protection Data Data Management

Connected Data Stores Elevate the Requirements of Data Security and Governance Platforms

Since it is highly unlikely that my wife will read a blog on data security, I think I can safely share that she is a snoop around birthdays, anniversaries and holidays. My wife cannot stand the suspense of not knowing what gift might be in store. The gift’s value is not relevant; it is the not knowing that kills her. My strategy is to hide her gifts i
Publish At:2020-10-23 15:10 | Read:975 | Comments:0 | Tags:Data Protection Security Services Data Data Security Governa

The 5 Best Ways to Handle Sensitive Data

There are two significant trends occurring right now that shouldn’t be a surprise to anyone reading this post. First, businesses are gathering and leveraging more and more data to improve their core services. Second, more compliance and regulatory standards are popping up from governments and private organizations. As these businesses realize that collecting
Publish At:2020-10-22 00:01 | Read:1021 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data data

Achieving Compliance with Qatar’s National Information Assurance Policy

Qatar is one of the wealthiest countries in the world. Finances Online, Global Finance Magazine and others consider it to be the wealthiest nation. This is because the country has a small population of under 3 million but relies on oil for the majority of its exports and Gross Domestic Product (GDP). These two factors helped to push the country’s GDP measure
Publish At:2020-10-08 01:01 | Read:837 | Comments:0 | Tags:Featured Articles Regulatory Compliance Complaince data Info

Thinking Outside the Dox: What IT Security Can Learn From Doxing

Doxing is rightfully regarded as a dangerous threat, potentially exposing personal information where it shouldn’t be. But, defenses derived from doxing may strengthen corporate cybersecurity at scale.  Doxing is the dark side to widespread data dispersal and discovery. Data is leveraged to harm individuals or organizations, often as retaliation f
Publish At:2020-10-06 10:10 | Read:686 | Comments:0 | Tags:Data Protection Threat Intelligence Data Data Breach Persona

CORS: How to Use and Secure a CORS Policy with Origin

CORS (Cross-Origin Resource Sharing) enables resource sharing that pulls data from a lot of different sources. Like any relatively open aspect of the internet, it can be a risk. Learn how to test your web applications to create a secure CORS policy. Origins and Key Concepts CORS began as a way to make application resource sharing easier and more effective.
Publish At:2020-09-30 12:45 | Read:777 | Comments:0 | Tags:Application Security Security Services CORS Data

Preventing Shadow IT from Blindsiding your Zero Trust Plan

I’ve spoken before about Zero Trust approaches to security, but for many of those starting on their journey, there isn’t an obvious place to start with the model. With this post, I wanted to share an example approach I’ve seen working that many organisations already have in place and can be easily rolled into a larger program of Zero Trust hardening: underst
Publish At:2020-09-30 12:20 | Read:578 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Cloud data

When Your Heartbeat Becomes Data: Benefits and Risk of Biometrics

Knowing who your users are today is more important than ever. This explains, in part, why integrating biometric usage into identity and access management (IAM) appears appealing. Throw in some artificial intelligence (AI) to help manage all these data points, and the future of biometrics looks pretty wild. The appeal of using biometrics for identity and acc
Publish At:2020-08-21 08:25 | Read:912 | Comments:0 | Tags:Data Protection Identity & Access Biometric Security Biometr