Search Results for: gdpr

Facebook is not a platform that's synonymous with privacy -- far from it. In addition to the things users purposefully share with the social network and the people they are connected to on it, there have been a seemingly endless string of scandals about unauthorized third parties being granted access to private data, data being shared between apps, and so on ad nauseum.

With today being Data Privacy Day, Facebook is trying -- apparently without a faintest hint of irony -- to jump on the bandwagon. Starting today, the company is launching a new Privacy and Data Use Business Hub, as well as inviting users to take a Privacy Checkup.

Continue reading →

According to a new survey, 85 percent of respondents are either very or somewhat confident in their organization's security program, yet 41 percent say their company has experienced a security breach and 20 percent more are unsure.

The study from big data specialist Syncsort finds the most common type of breaches are virus/malware attacks (76 percent) and phishing (72 percent). Interestingly, virus attacks came from internal sources roughly half the time while phishing usually came from external sources (78 percent).

Continue reading →

2018 is has come to a close. Many experts are making predictions for 2019, but I think it’s important to learn from the past.  Let’s take a look back at all of the major email industry events of 2018.

There were plenty of changes amongst mailbox providers that kept marketers and deliverability professionals busy. Providers like Gmail and Oath (AOL, Yahoo and Verizon mail) went through significant changes this year, including:

Continue reading →

Twitter has discovered what it describes as "unusual activity" stemming from China and Saudi Arabia. The social networking company says that it noticed a large number of enquiries involving a support API coming from individual IP addresses in the two countries.

The discovery came as Twitter investigated a bug in a support form. The problem, Twitter says, dates back to November 15, and it was fixed the next day, but a security researcher says he reported the issue two years ago. As a result of the bug, Twitter says that the country code of users' phone numbers could have been discovered by malicious actors.

Continue reading →

For those who like simple chronology, Twitter's insistence on delivering tweets in an algorithm powered order that is seemingly random has long been a source of frustration. Today, the social site launches a new way to switch between reverse chronological order or the algorithm-driven "top tweets" ordering.

To allow for easy switching between the two modes, Twitter is rolling out a new "sparkle" button to its mobile app. The change is being made available to iOS users first, but Android owners will not be far behind.

Continue reading →

When we looked at security predictions at this time last year some experts were predicting that we'd see attacks on cryptocurrencies and that we'd continue to see a rise in the scale and profile of attacks.

They've been proved right on both counts over the course of 2018, so what is next year going to have in store? We've canvassed the views of a number of industry figures to find out what they see as the key security issues for 2019.

Continue reading →

Another week and yet another in a seemingly endless stream of Facebook privacy issues. The social networking giant has found itself apologizing, yet again, for leaking users' private data. This time around, an API bug meant that private photos of millions of users may have been exposed to app developers.

The bug was present for nearly two weeks and it went further than simply giving developers access to photos users had posted to their accounts -- it also exposed photos that had been uploaded but not actually posted.

Continue reading →

There once was a time not all that long ago when security teams could plead ignorant to IT security risks, with minimal possible consequence in terms of any significant damage coming to the company. Those days are long gone. We’ve reached an era where the "I see nothing" perspective no longer works for network security. In today’s era of advanced cyberattacks, information security is too important an element of business success to dismiss.

In fact, ignorance of information security matters is prohibitively costly, as regulators can use it to justify the imposition of fines. Take GDPR’s penalty scheme, for example. Is ignorance of digital security worth €20 million or 4 percent of an organization’s global annual revenue? That’s just one data protection standard -- others such as Australia’s Notifiable Data Breaches (NDB) scheme and the NY Department of Financial Services (NYDFS) Cybersecurity Requirements for Financial Institutions come with their own fines and penalties. Given that we’re also in the era of insufficient resources, the challenge for security teams is how to deploy limited resources to have the greatest impact. As the title of this post makes clear, the obvious answer is to stop spending time on the wrong things.

Continue reading →

Twitter has confirmed the removal of thousands of accounts for not only discouraging people from voting in next week's US elections, but also falsely appearing to originate from the Democratic Party.

In all, over 10,000 accounts were deleted in September and October, for targeting key demographics and encouraging them to withhold their vote. While the removals are pretty small-scale, they still serve to demonstrate how Twitter is being used to try to subvert the outcomes of elections.

Continue reading →

Stolen login details are highly prized by cybercriminals, whether they are used to penetrate corporate networks or to make extortion emails look more convincing.

But often breached companies are slow to let users know their credentials have been stolen. This has begun to change in Europe thanks to GDPR, but in the US there is, as yet, no federal law regulating what companies must do if their users' information is stolen or compromised.

Continue reading →

In recent years, APIs have encouraged the emergence of new services by facilitating collaboration between applications and databases of one or more companies. Beyond catalyzing innovation, APIs have also revolutionized the customer-company relationship, allowing it to provide an accurate and detailed picture of the consumer at a time when a quality customer experience now counts as much as the price or capabilities of the product.

Over the years, customer relationship channels have multiplied with consumers who can interact with their brands through stores, voice, email, mobile applications, the web or chatbots. The multiple points of interaction used by customers have made its journey more complex, forcing companies to consider data from these many channels to deliver the most seamless customer experience possible. To do this, they must synchronize data from one channel to another and cross-reference data related to its history with the brand. This is where APIs come into play. These interfaces allow data processing to refine customer knowledge and deliver a personalized experience.

Continue reading →

The UK Information Commissioner's Office (ICO) has penalized Facebook for the Cambridge Analytica data scandal by fining it the maximum amount permissible under law.

But the fine is unlikely to make Facebook break a sweat. At just £500,000 ($645,000) the sum represents a miniscule percentage of the social network's income. There will undoubtedly be arguments that this is little more than a rap on the knuckles for failing to protect the private data of at least a million Facebook users in the UK.

Continue reading →

Endpoints make the enterprise run, whether they are laptops or desktops running macOS, Windows or Linux; smartphones or tablets running iOS or Android; virtual machines or IoT devices. They’re found driving business on local networks, in remote offices and in the hands of traveling users.

However, endpoints also make the enterprise vulnerable. They are a favorite target of criminals who launch cyberattacks via ransomware, spyware, phishing and other malicious software. Over the past year alone, critical endpoint vulnerabilities have been discovered in popular OSs and applications and then exploited by WannaCry, Meltdown, Spectre, Petya, Fireball, Bad Rabbit and other harmful code. The challenge facing enterprises, then, is how to minimize the vulnerability of their endpoints and simultaneously maximize their value. While endpoint management is already a widely adopted IT practice, now is the time for IT teams to expand their efforts to include endpoint security. As we’ll see below, combining endpoint management and security can solve some of your most pressing issues.

Continue reading →

It's the butt of many jokes, but your search history -- as well as your browsing history -- can be hugely revealing about you. While it is possible to quickly clear the record of searches that your browser stores, it is not so easy to delete the records stored by Google. At least that used to be true.

Google has just announced a new option that enables you to view and delete your Google search history, making it possible to take control of some of the data stored on the company's servers. Contrary to what you might expect, the option is not being hidden away, but will instead be accessible from a Google search. What's more, the company says that similar options will be coming to Google Maps and other Google services next year.

Continue reading →

Speaking at the International Conference of Data Protection and Privacy Commissioners in Brussels, Apple CEO Tim Cook praised Europe's GDPR (General Data Protection Regulation) and said the US needs to fight back against the weaponization of personal data.

In a strongly-worded speech, Cook avoided explicitly naming the likes of Google and Facebook for trading in private information, but it was clear who he was referring to when he said data was being misused. He added: "We shouldn't sugar-coat the consequences. This is surveillance".

Continue reading →