Articles about Privacy

Microsoft has addressed a serious flaw in Azure Active Directory which was dubbed BingBang by the security researchers that discovered it.

The vulnerability not only made it possible to manipulate Bing search results, but also to access private data from Outlook, Office 365 and Teams. The issue stemmed from an Azure misconfiguration; it dates back to January this year, but Microsoft has only just plugged the hole.

Continue reading →

Allowing people to use their own devices for work comes with risks. A new report from SlashNext shows that 43 percent of employees were found to have been the target of a work-related phishing attack on their personal devices.

When it comes to securing BYOD hardware, 90 percent of security leaders say that protecting employees' personal devices is a top priority, but only 63 percent say they definitely have the tools to do so adequately.

Continue reading →

Following the discovery of serious vulnerabilities in the Snipping Tool app for Windows 11 and Snip & Sketch in Windows 10, Microsoft has released out-of-band updates to plug the security holes.

The flaws are similar to the recently discovered aCropalypse bug affecting Pixel mobiles, making it possible to "uncrop" cropped images and potentially expose sensitive information. Having briefly tested updates with Windows Insiders, Microsoft has now made fixes available to all Windows 10 and Windows 11 users.

Continue reading →

Earlier this week we learned about a worrying security and privacy flaw in Windows 11's Snipping Tool screen capture app. The way the software saves cropped screengrabs means that it is possible to "uncrop" images, potentially exposing sensitive information.

Acting quickly to address the problem, Microsoft has fixed the vulnerability with a new update. There is just one problem -- the update is not available to everyone, leaving unknown numbers of users at risk.

Continue reading →

Microsoft Snipping Tool utility has been found to have a vulnerability that means that screenshots that have been cropped can be very easily uncropped, potentially exposing sensitive information.

The Snipping Tool is one of the most useful tools to be found in Windows 11, making it easy to take a variety of screenshots -- and, more recently, record screen activity -- without the need for third-party software. But the way in which the app crops images means that edited images are really just the original screengrab; 'cropped' parts are simply hidden and easily restored.

Continue reading →

The online world means that there is more information available about individuals than ever before. At the same time, however, there's growing concern around tracking and privacy.

A new SaaS platform launched this week by Qudo uses 'zero-party' data shared by consumers in anonymous online surveys, rather than rely on first- and third-party data collected via cookies.

Continue reading →

The UK's new Data Protection and Digital Information Bill is set to reduce costs and burdens for British businesses and charities, and remove barriers to international trade.

We know from when it was first brought before parliament last summer that it will also cut the number of repetitive data collection and cookie pop-ups online.

Continue reading →

Web scraping, automatically harvesting and extracting data from websites, can be a useful tool for businesses to learn about their customers.

But it's easy to fall into the trap of harvesting data just because it's there, leading to information overload not to mention privacy concerns for the consumer. To find out more about web scraping and how it can be used in an ethical way we spoke to founder and CEO of Rayobyte, Neil Emeigh.

Continue reading →

Sharing is caring, as the saying goes, but when it comes to business data oversharing is a big problem. A new report from Concentric AI shows the number of overshared files rose 60 percent in 2022 compared to 2021.

Largely this is down to the impact of hybrid remote work, cloud migration and information sprawl across on-premises and cloud data, as well as email and messaging environments on data security.

Continue reading →

A new report finds that even as internet users spend around a third of their lives online, most feel risks are increasing, and cybersecurity is too complex.

The report from F-Secure finds three out of four internet users worry about their safety online, while almost seven out of ten (69 percent) of those surveyed said they don't know who to trust online.

Continue reading →

Google is using today's Safer Internet Day to announce a number of new security and privacy initiatives.

Among these are new ways to fill out passwords easily and securely in Chrome, more privacy protection for the Google app, improvements to Google Password Manger, and an expansion of SafeSearch to protect against explicit images.

Continue reading →

In the middle of last month, Microsoft released the KB5021751 update to help the company "identify the number of users running out-of-support (or soon to be out-of-support) versions of Office".

Privacy advocates voiced concern about the update, which Microsoft said "will run one time silently without installing anything on the user's device" because of worries about exactly what the slightly secretive check was doing. Now the company has updated support documentation for the KB5021751 update, insisting that there is nothing nefarious about it.

Continue reading →

Privacy Day is of extra importance this year because of a dramatic increase in attacks designed to get around measures that make account log-ins more secure, and therefore protect our privacy.

For example, in mid-September, Uber reported a network breach that led to shutting down some of its internal communications and locking its codebase to prevent any new code changes. The attacker reportedly targeted a contractor by repeatedly sending multi-factor authentication login messages until the contractor accepted and gave the attacker access, according to Uber. Several days later, video game maker Rockstar Games announced it also had suffered a network intrusion from an unauthorised third party. The company says the attacker was able to gain confidential information, including early development footage for its upcoming and much anticipated game, Grand Theft Auto VI.

Continue reading →

These days no important topic is worthy of the name if it doesn't have a day devoted to it. Today (January 28) it's the turn of data privacy -- or data protection depending on who you talk to -- to take its turn in the spotlight.

As organizations gather ever more data, concerns around how it is stored and used have grown which has led to legislators taking an interest too.

Continue reading →

A new study from Cisco finds that 92 percent of organizations believe they need to do more to reassure customers about how their data is used in AI.

The 2023 Data Privacy Benchmark Study shows that in spite of the difficult economic environment, organizations continue to invest in privacy, with spending up significantly from $1.2 million just three years ago to $2.7 million this year.

Continue reading →