What today is a dataset without personal data or with anonymized data, no longer has to be that way tomorrow and it is crucial to know how to protect personal data. Due to the wider availability of open data and new technologies, data can easily be combined with other data. For example, the dataset can […]
“The Council adopted legislation for a high common level of cybersecurity across the Union, to further improve the resilience and incident response capacities of both the public and private sector and the EU as a whole. The new directive, called ‘NIS2’, will replace the current directive on security of network and information systems (the NIS […]
The records of Twitter contain either a private email address or phone number, and public scraped data, including the account’s Twitter ID, name, screen name, verified status, location, URL, description, follower count, account creation date, friends count, favorites count, statuses count, and profile image URLs.
The Irish privacy regulator DPC has imposed a GDPR fine of 265 million euros, around a €0.5 fine per leaked dataset, on Meta for a major data breach at Facebook that left the data of 533 million users on the street. Last year, Ireland’s data protection authority launched an investigation after media reported about a […]
German privacy regulators have ruled that the use Microsoft 365 by governments, companies and educational institutions is in violation of GDPR. Only by taking additional technical measures is it possible to use the software in Germany. This was the opinion of the German regulators during the Datenschutzkonferenz (DSK) that took place last week (see below […]
Someone is allegedly selling up-to-date mobile phone numbers of nearly 500 million WhatsApp users. A data sample investigated by Cybernews likely confirms this to be true.
Worldwide, a total of 890,000 computers were infected and more than fifty million passwords were stolen. This is the conclusion of security company Group-IB based on its own research. Investigators from the company identified 34 gangs behind the attacks using known malware such as RedLine and Raccoon Infostealer. This malware is capable of stealing login […]
Online gambling platform DraftKings has been hit by a credential stuffing attack in which attackers managed to break into users’ accounts and steal some $300,000. Credential stuffing uses previously leaked email addresses and passwords to gain automated account access. Attackers check whether they can also log in to website B with credentials stolen from website […]
Free service offers such as Office365 and Google Workspace are excluded from public procurement according to the French Ministry. Their position reflects ongoing European concerns about cloud data sovereignty, competition, and privacy rules. Paid versions of these cloud services might be an option if they hadn’t already been disallowed based on worries about data safety. […]
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections. Stealing session cookies has become one of the most common ways that attackers circumvent multifactor authentication. For unmanaged devices, they recommend conditional access policies and strong controls.