Privacy & Compliance news & analysis | SC Media

Privacy & Compliance News and Analysis

Julian Assange

Trump offered Assange pardon to deny Russia behind DNC hack, lawyer tells court

The White House denied a claim made by WikiLeaks Founder Julian Assange Wednesday in a London court that President Trump offered Assange a pardon – via a U.S. lawmaker – in exchange for denying that Russia was involved in the 2016 hack of the Democratic National Committee (DNC). Attorney Edward Fitzgerald, referring to comments from…

Experts share new insight on Sandworm APT exploits, BlackEnergy malware

Ring mandating 2FA logins, ceases some third-party activity

Camera doorbell maker Ring is pushing through a new level of security by now making mandatory for all users to implement two-factor authentication when setting up their device. Two-factor authentication previously had been available as an option, but the company said going forward all users must go through this step when accessing their Ring account.…

French plastic surgery image repository left vulnerable but since corrected: report

The before and after photos of thousands of plastic surgery patients in Europe were recently left vulnerable but since rectified, researchers at vpnMentor wrote in a blog post. The researchers, led by Noam Rotem and Ran Locar, discovered on Jan. 24 that NextMotion did not secure or encrypt the body images and PII of people…

vote network security

Voatz mobile voting app vulnerable, MIT researchers say

On the heels of the voting app debacle during the Iowa Democratic caucuses, researchers at MIT have found multiple security- and privacy-related vulnerabilities in an online voting app, Voatz, used in West Virginia during the 2018 midterm elections and on track to be used again for the 2020 contests, according to a security audit released…

WordPress GDPR Cookie Consent plugin patched

A patch released this week for WordPress GDPR Cookie Consent plugin used by more than 700,000 websites fixed critical vulnerabilities that would let attackers change and delete content as well as inject malicious JavaScript code. The GDPR Cookie Consent plugin aids sites in complying with EU GDPR/Cookie Law regulations and is maintained by WebToffee. Noting…

antivirus

Czech authorities investigating Avast over recent data collection practices

The Czech Republic’s Office for Personal Data Protection (DPA) said in a brief statement today that it has launched a preliminary investigation into Avast Software s.r.o., following reports that the Prague-based antivirus company collected data from users of its free AV product and sold it via a separate business division. “At the moment we are…

Israel comes under cyber attack

Netanyahu’s Likud Party election app leaked personal info on Israel’s 6.4M voters

If the technology failure at the heart of the Iowa caucus debacle seemed bad, consider that an app used by Israeli Prime Minister Benjamin Netanyahu’s Likud Party just exposed personal data on more than 6.4 million Israelis – in other words, the entirety of the country’s voter database.  Likely at fault, according to a report…

Facial recognition tech questioned, defended at House committee hearing

The controversy over usage of facial recognition technology took center stage last week in Washington, D.C., as the House of Representatives’ Homeland Security Committee held a two-hour hearing, as opponents in the debate decry its racial bias and federal government’s quick rollout at U.S. airports without fully testing or acknowledging proven shortcomings. In his opening…

Hang-ups, hold-ups and hurdles passing federal privacy legislation

What are the biggest points of contention impeding passage of federal privacy legislation (and 3 other security laws)? Government at any level is infamous for moving at a snail’s pace, as politics, red tape and competing interests often get in the way of progress. Technology, on the other hand, moves at lightning speed.  Unfortunately, this…

Next post in Security News