Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S. https://firewall.firm.in/wp-content/uploads/2024/08/Uber.png Aug 26, 2024Ravie LakshmananGDPR / Data Protection The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S. “The Dutch DPA ...

Microsoft informs customers that Russian hackers spied on emails – ET CISO https://etimg.etb2bimg.com/thumb/msid-111356087,imgsize-62402,width-1200,height=765,overlay-etciso/data-breaches/microsoft-informs-customers-that-russian-hackers-spied-on-emails.jpg Russian hackers who broke into Microsoft’s systems and spied on staff inboxes earlier this year also stole emails from its customers, the tech giant said on Thursday, around six months after it first disclosed the intrusion. The disclosure underscores the breadth of the breach as Microsoft faces ...

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access https://firewall.firm.in/wp-content/uploads/2024/08/sonic.jpg Aug 26, 2024Ravie LakshmananVulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control ...

EU vs Big Tech: the cases keep mounting – ET CISO https://etimg.etb2bimg.com/thumb/msid-111558319,imgsize-163662,width-1200,height=765,overlay-etciso/data-breaches/eu-vs-big-tech-the-cases-keep-mounting.jpg The European Union (EU) has launched multiple probes and complaints against Big Tech and their handling of user data and maintaining privacy. Let’s take a look at the latest tiffs: AmazonOn Friday, the European Commission (EC) asked Amazon to provide detailed information by July 26 on the measures ...

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September https://firewall.firm.in/wp-content/uploads/2024/08/cisa.png Aug 24, 2024Ravie LakshmananVulnerability / Government Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of ...

Data security experts urge govt to set up nodal body to confirm breaches – ET CISO https://etimg.etb2bimg.com/thumb/msid-111557082,imgsize-12516,width-1200,height=765,overlay-etciso/data-breaches/data-security-experts-urge-govt-to-set-up-nodal-body-to-confirm-breaches.jpg In light of alleged claims of hacking of Airtel data, security researchers have asked the govt to implement the data protection Act as under it the responsibility of informing/ confirming such breaches would be with the data protection authority, which, however, has not ...

The Facts About Continuous Penetration Testing and Why It’s Important https://firewall.firm.in/wp-content/uploads/2024/08/code.png What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization’s digital assets to identify and mitigate security vulnerabilities. CASPT is designed for ...

Ola founder on India’s data being sold back to country – ET CISO https://etimg.etb2bimg.com/thumb/msid-111557069,imgsize-22000,width-1200,height=765,overlay-etciso/data-breaches/ola-founder-on-indias-data-being-sold-back-to-country.jpg Ola founder coins term ‘techno-colonialism’ to describe phenomenon where India’s data is exported abroad, processed, sold back to India Ola founder and CEO Bhavish Aggarwal has coined the term “techno-colonialism” to describe a modern phenomenon where India’s data is exported to global data centers, processed, and ...

New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer https://firewall.firm.in/wp-content/uploads/2024/08/aws.gif Aug 22, 2024Ravie LakshmananCloud Security / Application Security As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications. That’s according to findings from Israeli cybersecurity ...

‘Obamacare’: Why and how this may be the biggest password leak ever – ET CISO https://etimg.etb2bimg.com/thumb/msid-111592680,imgsize-117696,width-1200,height=765,overlay-etciso/data-breaches/obamacare-why-and-how-this-may-be-the-biggest-password-leak-ever.jpg Security researchers from Cybernews have reportedly discovered the RockYou2024 database on BreachForums containing an astounding 9,948,575,739 unique passwords. It is claimed to be the biggest collection of stolen and leaked credentials ever seen on the BreachForums criminal underground forum, reports Forbes. Hacker named ObamaCare ...