An engineer changed his Expersian account at Experian with a strong password in 2020 to place a security freeze on a credit file. Two years later he received an email from Experian saying the email address on his account had been changed. Experian’s password reset process was useless at that point because any password reset […]
Hackers duped a senior engineer at Axie Infinity into applying for a job at a fictitious company. The scheme resulted in the loss of $540 million in crypto earlier this year. Details of how the hack was carried out are being reported for the first time by The Block.
Google is using deceptive design, unclear language and misleading choices when consumers sign up to a Google account to encourage more extensive and invasive data processing. Instead of giving them privacy by design and by default as required by the General Data Protection Regulation (GDPR)Contrary to its claims, the tech giant is thwarting consumers who […]
The processing of location data is unnecessary, such as Windows 10’s location setting being automatically enabled violates the “data protection by default” requirement under Article 25(2) GDPR. The DPA noted that the principle of “data protection by default” requires that the controller, when using third-party software or firmware, ensures that functions for which there is […]
The 2022 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list demonstrates the currently most common and impactful software weaknesses. Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working.
The Australian government advises citizens in the country to set up a secure passphrase for each email account. “Passwords are passé. It’s time to use passphrases,” said the Australian Cyber Security Center (ACSC). A passphrase is a password that consists of several words. This makes it easier for users to remember, but more difficult for […]
A website using Google Analytics (GA) without the safeguards set out in the EU GDPR violates data protection law because it transfers users’ data to the USA, which is a country without an adequate level of data protection. The set of data collected in this connection included the user device IP address along with information […]
75% of the most popular websites on the web allow weak passwords such as 12345678, abc123456, and P@$$w0rd. In addition, nearly half of these sites tax users by requiring a special character in their password. This is the result of research by Princeton University into the password policies of popular websites. For the study, the […]
The Chinese Hikvision’s products can be found anywhere from police surveillance systems to baby monitors with 4.8 million networks of Hikvision devices in more than 191 countries. Hikvision could be sanctioned for aiding the Chinese government’s human rights violations in Xinjiang. The US Treasury is reportedly considering adding Hikvision to the Specially Designated Nationals and […]
With remote working now the norm agent-based scanning is becoming a must, while network-based scanning is an optional extra.External vulnerability scanning can give a great overview of what you look like to a hacker, the information that can be gleaned without access to your systems can be limited. Internal vulnerability scanning is about protecting the […]