Hunton Privacy

MARCH 11, 2022

On March 9, 2022, the Securities and Exchange Commission (“SEC”) held an open meeting and proposed new cybersecurity disclosure rules for public companies by a 3-1 vote. In proposing the rules, the SEC hopes to improve the consistency and comparability of cybersecurity disclosures among public companies.

Cybersecurity 108

Cybersecurity Risk Government Security 108

Security Affairs

FEBRUARY 9, 2022

Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products, including a zero-day bug. As usual, let me suggest reading “ THE FEBRUARY 2022 SECURITY UPDATE REVIEW ” published by the Zero Day Initiative, five of the bugs were addressed through the ZDI program.

Security 81

Security Libraries Access IT 81

Security Affairs

JULY 8, 2020

Unfortunately, threat actors in the wild were already using the bypass technique before its public disclosure. This issue is not exposed on the data plane; only the control plane is affected.”. F5 has released security updates to address the issue along with some mitigations that should prevent exploitation.

Education 121

Education Government Passwords Authentication 121

Security Affairs

JUNE 13, 2019

Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. Security experts at browser security firm Guardio discovered a critical universal cross-site scripting (XSS) vulnerability in the Evernote Web Clipper for Chrome.

Security 67

Security Access IT Information Security 67

Security Affairs

MARCH 8, 2022

Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including 3 zero-days. Three flaws addressed by the Microsoft March 2022 Patch Tuesday security updates are zero-day issues, and for two of them, CVE-2022-21990 and CVE-2022-24459, public exploits are available.

Libraries 99

Libraries IoT Cloud Security 99

Security Affairs

MAY 14, 2020

Search Console, Analytics, Tag Manager, PageSpeed Insights, Optimize, and AdSense), giving users authoritative and up-to-date advice on how to succeed on the web, it has over 300,000 active installations. The post Google WordPress Site Kit plugin grants attacker Search Console Access appeared first on Security Affairs.

Access 106

Access Authentication Analytics IT 106

Hunton Privacy

JANUARY 15, 2019

that, while in violation of the Cable Communications Policy Act, the retention of individual information alone, without information disclosure or sufficient risk of information disclosure, did not confer Article III standing. Time Warner Cable, Inc. Regarding collection, the court considered (1) Patel v.

Communications 54

Communications Privacy Risk IT 54

Data Matters

AUGUST 19, 2020

The Regulation requires that Covered Entities establish and maintain a cybersecurity program designed to protect the confidentiality, integrity, and availability of its information systems and its customers’ NPI as defined in 23 NYCRR §§ 500.01(e) e) and 500.01(g), g), respectively. In May 2019, FAST contained over 850 million documents.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Data Protection Report

AUGUST 27, 2018

This is the Data Protection Report’s third blog in a series of blogs that will break down the major elements of the CCPA which will culminate in a webinar on the CCPA in October. This blog focuses on the CCPA’s broad definition of Personal Information. While the definition of PI is sweeping, the Act does set out several carve outs.

GDPR 40

GDPR Privacy Data breaches Sales 40

AIIM

NOVEMBER 2, 2017

Data privacy breaches have been in the news again and again this year, eliciting increased concern from regulators and legislative bodies. We can be sure that issues like the Equifax breach and Yahoo’s recent disclosure of the scope of the 2013 breach will remain topics of discussion and litigation for some time to come.

GDPR 86

GDPR Privacy Compliance Information architecture 86

ForAllSecure

NOVEMBER 13, 2020

In this episode, Stok talks about his beginnings in enterprise security and his transition into the top tier of bug bounty hunters. Vamosi: Like a lot of us, information security wasn’t necessarily our first line of work. But did you know there’s an elite group of bug bounty hunters that travel the world? and such.

Communications 40

Communications IT Security Mining 40

ForAllSecure

NOVEMBER 12, 2020

In this episode, Stok talks about his beginnings in enterprise security and his transition into the top tier of bug bounty hunters. Vamosi: Like a lot of us, information security wasn’t necessarily our first line of work. But did you know there’s an elite group of bug bounty hunters that travel the world? and such.

Communications 40

Communications IT Security Mining 40

ForAllSecure

NOVEMBER 12, 2020

In this episode, Stok talks about his beginnings in enterprise security and his transition into the top tier of bug bounty hunters. Vamosi: Like a lot of us, information security wasn’t necessarily our first line of work. But did you know there’s an elite group of bug bounty hunters that travel the world? and such.

Communications 40

Communications IT Security Mining 40

ForAllSecure

MAY 13, 2022

Smart Meters provide the data to support a cleaner future, showing how much energy is being used and how much this will cost you. Vamosi: But as someone who wrote a book questioning the security of our mass produced IoT devices, I wonder why no one bothered to test and certify these devices before they were installed?

Energy and Utilities 52

Energy and Utilities Computer and Electronics IT Communications 52