An analysis of 10 highly popular Android apps found what researchers are calling the “out of control” sharing of potentially sensitive information with third parties, in some cases in likely violation of Europe’s GDPR privacy regulations. The findings, which were published in a report issued by the Norwegian Consumer Council (NCC), prompted a coalition of…
No longer just the concern of IT, cybersecurity is the bad boy headliner that dominates centerstage and all stages beyond. Teri Robinson reports. At the recent Lonestar Blues and Heritage Festival in, where else, Texas, fans bounced between the main stage where headliners strutted their stuff and the porch stage where more modest acts plucked their guitars – and…
Giant leaps, small steps It’s an unfortunate fact that no security firm came up with a silver bullet to protect endpoints, the cloud, networks, IoT and mobile devices from cyberattack, but that doesn’t mean there were no technological advances made.SC Media reached out to several industry insiders to see which 2019 advances they thought deserved…
After Jerry Brown signed the California Consumer Privacy Act (CCPA) paperwork in June 2018, shock waves reverberated throughout Silicon Valley. Lobbyists at the Information Technology Industry Council, a Google-backed think tank, quickly went to work drafting proposals for a federal law that would supersede the stringent California bill. Twelve states subsequently followed California’s lead and…
Dimitri Sirota, co-founder and CEO, BigIDSiri, Are You Listening? Overcollection of consumer data has been an issue for quite some time, but the introduction of smart home devices like Amazon’s Alexa and Google’s Nest have exponentially accelerated consumer data collection, much of which is superfluous and lacking in value. Large and small organizations alike are…
A leaky Amazon Web Services storage bucket has exposed more than 752,000 applications requesting copies of birth certificates. A report yesterday by TechCrunch said the unsecured data set dates back to late 2017, but was just recently discovered by U.K.-based penetration testing company Fidus Information Security. The data is managed by a company that helps…
Hundreds of thousands of cell phone bills and other documents belonging to AT&T, Verizon and T-Mobile customers were reportedly exposed after a Sprint contractor left them sitting on an open public server. The documents had been collected and stored in the first place as part a marketing effort to persuade subscribers of rival carrier services…
Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…
European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…
Data belonging to clients of shared workspace company WeWork was reportedly left exposed and accessible to the public via GitHub, while a web portal separately leaked information on prospective customers. Mossab Hussein, security researcher from Dubian-based spiderSilk, discovered the data mismanagement and reported it to Vice/Motherboard, which published a report on the findings today. The…
