Total GDPR fines for Q3 2021 amounted to over $1.1bn. Twenty times higher than the combined total of Q1 and Q2 in 2021, and triple the amount handed out in 2020.
The European Parliament wants a permanent ban on the use of automated facial recognition in public areas and at border crossings. Parliament also wants a ban on private facial recognition databases, social scoring systems of citizens and behavioral data-based ‘predictive policing’. A resolution calling for this was passed with 377 votes in favour, 248 against […]
Microsoft revealed new malware capable of transmitting sensitive information from a compromised AD FS server as well as receive and execute additional malicious payloads retrieved from a remote attacker-controlled server. This malware can also monitor all incoming HTTP GET and POST requests sent to the server from the intranet (or internet) and intercept HTTP requests […]
The Norwegian privacy regulator Datatilsynet has decided on the basis of research not to create a Facebook page because the privacy risks for users are too great. To the best of its knowledge, the regulator is the first organization to have carried out a risk analysis and a Data Protection Impact Assessment (DPIA) into the […]
Microsoft announced last week that users can now log in to their accounts without a password, partly because passwords are vulnerable, but it is precisely Microsoft that has broken passwords, says Kyle Rankin, chief security officer (cso) of computer and smartphone manufacturer Purism. Rankin argues that Microsoft’s poor password policies for Active Directory caused users […]
IP cameras from manufacturer Hikvision can be remotely taken over through a serious security vulnerability, after which the underlying network can be attacked. Hikvision has released firmware updates. In addition, the vulnerability is also present in IP cameras that Hikvision manufactures but that other manufacturers offer under their own name. It is unknown if updates […]
The introduction of a corona QR-ticket necessity for access catering, theaters and events with the exception of terraces will be implemented on the 25th of September in The Netherlands following EU countries like France and Italy. The members in favour have great concerns about security, privacy, freedom of choice but think the measure is proportionate […]
The Zero Trust approach means nothing inside or outside the company perimeter should be trusted. As a result, every user has to authenticate themselves and their identity with every login every time before they are granted access to company resources, applications and data. Components are: Multifactor authentication,IAM (identity and access management), Orchestration, AnalyticsEncryption, Scoring, File […]
Microsoft is dropping passwords to gain access to an account by leveraging a combination of factors such as your phone (something you have) and biometrics (something you are) for identification.
Organizations find it difficult to prepare for a ransomware attack. Reason for Microsft to share three steps that help prevent ransomware.1. Set up a recovery plan where no ransom is paid. Organizations must, among other things, map and backup their important data and systems, protect the backups and perform recovery tests with all systems offline. […]