Remove tag disclosure
Remove Data Remove Information Security Remove Security
article thumbnail

Zimbra zero-day exploited to steal government emails by four groups

Security Affairs

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The experts observed that most of the attacks took place after the public disclosure of the patch for this vulnerability. ” reads the advisory published by Google TAG.

article thumbnail

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. The order also requires that the company destroy personal data for which it had not received consent and to create a document retention and destruction policy.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Security Affairs newsletter Round 359 by Pierluigi Paganini

Security Affairs

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 359 by Pierluigi Paganini appeared first on Security Affairs. And how to prevent it? Pierluigi Paganini.

article thumbnail

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm.

IT 107
article thumbnail

Google addressed 3 actively exploited flaws in Android

Security Affairs

Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. ” reads the security bulletin. .

article thumbnail

Newly Proposed SEC Cybersecurity Risk Management and Governance Rules and Amendments for Public Companies

Data Matters

Securities and Exchange Commission (SEC) proposed new cybersecurity rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed rules includes a nonexclusive list of cybersecurity events that may require disclosure, such as.

article thumbnail

Microsoft February 2022 Patch Tuesday security updates fix a zero-day

Security Affairs

Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products, including a zero-day bug. As usual, let me suggest reading “ THE FEBRUARY 2022 SECURITY UPDATE REVIEW ” published by the Zero Day Initiative, five of the bugs were addressed through the ZDI program.