Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization. [Read More]
GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
Microsoft patches a vulnerability in Azure Container Instances that could allow access to other customers’ information. [Read More]
Zoho confirms attacks against an authentication bypass vulnerability in its ADSelfService Plus product. [Read More]
Howard University closed its physical campus and canceled classes this week after experiencing a ransomware attack. [Read More]
The high severity vulnerability could be exploited by malicious actors on the local network to execute code remotely when the user attempts to send an HTTP request. [Read More]
Jenkins confirms the recent Confluence CVE-2021-26084 exploit was used to compromise one of its servers to deploy a cryptocurrency miner. [Read More]
The social media advertising giant has shared an updated payout guideline for vulnerability hunters to better understand its bounty decisions. [Read More]
Israel’s foreign minister has played down criticism of the country’s regulation of the cyberespionage firm NSO Group but vowed to step up efforts to ensure the company’s controversial spyware doesn’t fall into the wrong hands. [Read More]
- 1 of 77
- ››
FEATURES, INSIGHTS // Compliance
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Big companies can say they are GFPR compliant, but odds are their current structure will never allow them to find, identify, and categorize all the data that they have collected over time.
Despite the long ramp-up towards the GDPR compliance deadline, the effects of the new regulations are still very much in infancy.
GDPR is proving disruptive for European citizens who are no longer able to interact with services from outside the EU. And the compliance costs can be significant as well. But are there legitimate concerns of overreach?
Complying with GDPR was the immediate challenge, but now there is an opportunity to capture the good work that has been done and make data protection a top of mind focus for enterprises every day.
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security.
With domain name WHOIS data subject to the GDPR’s privacy requirements, the system will “go dark” until alternative preparations are made, creating a challenge for this who fight computer fraud and other criminal activity on the Internet.
Penalties for non-compliance with GDPR will be severe. For example, if your organization fails to report a data breach within 72 hours, expect a fine.
- 1 of 8
- ››
Get the Daily Briefing
- Credit Union's Legal Battle With Tech Giant Fiserv Rumbles On
- AMD Chipset Driver Vulnerability Can Allow Hackers to Obtain Sensitive Data
- Operator of 'DownThem' DDoS Attack Service Convicted
- Pakistani Man Involved in AT&T Hacking Scheme Sentenced to Prison in U.S.
- Mirai Botnet Starts Exploiting OMIGOD Flaw as Microsoft Issues More Guidance
- German Election Authority Confirms Likely Cyber Attack
- U.S. Agencies Warn of APTs Exploiting Recent ADSelfService Plus Zero-Day
- Court Rejects Lawsuit Against NSA on "State Secrets" Grounds
- Cybersecurity M&A Roundup for September 1-15, 2021
- Endpoint Security Platform Kolide Banks $17 Million Investment
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy