Birth Certificate Data Laid Bare on the Web in Multiple States

A third-party government supplier has exposed hundreds of thousands of applications containing birth-certificate data. The trove of information is owned by a company that provides an online platform to state governments – including California, New York and Texas – that allows residents to request...

CVE-2019-11255

Technical details for CVE-2019-11255 are not publicly available in the provided documents. Monitor for updates in the official sources to obtain affected components, root cause, impact, and remediation.

Flawed Implementation of RCS Standard putting data of millions at risk

By Waqas The Rich Communication Services RCS messaging standard is used by almost every phone carrier around the globe... This is a post from HackRead.com Read the original post: Flawed Implementation of RCS Standard putting data of millions at risk...

DHS Plans to Expand Facial Recognition Border Checks

The Department of Homeland Security plans to extend facial recognition checks to all travelers entering and leaving the U.S. – including previously-exempt U.S. citizens. The proposed ruling, outlined in a recent filing that was first reported this week by TechCrunch, signifies a rapid expansion o...

Mitigating Modern Insider Threats in FIs

More and more financial institutions FI are migrating to the cloud—increasing efficiencies and access to services. With this move, however, comes a new degree of risk. Without the right levels of protection and visibility, you leave yourself open not only to attacks by external actors but interna...

naukriguru.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1029064 Security Researcher g0bl1nsec Helped patch 3766 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting naukriguru.com website an...

SDKs Misused to Scrape Twitter, Facebook Account Info

Twitter and Facebook are warning of software development kits SDKs that could be embedded within a mobile application and used to harvest personal user information. The SDKs, which the tech giants said are maintained by oneAudience and MobiBurn, could be used by mobile app developers to craft...

Would ‘Medicare for All’ help secure health data?

DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up ...

Deployment Isn’t the Final Step – Monitoring Machine Learning Models in Production

Unless you’ve been living in a cave for the last decade, you’ve probably heard of the concept of a machine learning system at least once in your life. Whether it’s auto-translation, auto-completion, face or voice recognition, recommendation systems or autonomous driving, AI-based systems can be...

National Tax Security Awareness Week is December 2–6

The Internal Revenue Service IRS has released an article announcing that National Tax Security Awareness Week will be held December 2–6. The annual recognition event will feature a series of resources and tips to help taxpayers and tax professionals protect their data and identities against...

Americans Concerned and Confused Over Privacy, Survey Reveals

Call it a case of Facebook privacy breach fatigue. When asked, Americans say companies do a worse job than the government when it comes to protecting data collected on their behalf. They also complain potential risks they face because of data collection by companies outweigh the benefits. The...

Stalkerware’s legal enforcement problem

Content warning: This piece contains brief descriptions of domestic violence and assault against women and children. In the past five years, only two stalkerware developers, both of whom designed, marketed, and sold tools favored by domestic abusers to pry into victims’ private lives, have faced...

‘Wildly Different’ Privacy Regulations Causing Compliance Chaos

From the General Data Protection Regulations GDPR to the California Consumer Privacy Act CCPA, the security landscape is becoming increasingly fraught with regulatory efforts. While privacy regulation has positive implications for data security, companies are finding themselves struggling to stay...

How to Lock Down Your Health and Fitness Data

Apps like FitBit and Apple Health collect some of the most sensitive data you have. Here's how to control what they can see and what they can do with it...

Download: The Comprehensive Compliance Guide

A large part of the CISO/CIO responsibility is ensuring compliance standards are met. As one of the main drivers of security product purchase and implementation, regulation comes in many different shapes and sizes. Some standards provide clear consequences for failure to meet them. Others provide...

Secure Your Digital Transformation

Digital transformation DX is on the mind, IT budget sheet, and board meeting agenda for the majority of enterprise-level organizations. The term digital transformation is becoming ubiquitous, but its definition can be ambiguous. Within the context of this blog, DX refers to how organizations...

Google's Plan to Crunch Health Data on Millions of Patients Draws Fire

Tech behemoth Google is using artificial intelligence to reportedly slice and dice personal healthcare details on millions of Americans. That has some researchers diagnosing the company with HIPAA violations and prescribing regulatory controls as a remedy. And, at least one federal regulator is...

imaginecasting.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1012440 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

REBA and VERGE 2019: Climate Action Through Partnership and Innovation

This October at the Renewable Energy Buyers Alliance REBA and Verge conferences in Oakland, California, Akamai had the opportunity to actively engage with 3,000 of our like-minded sustainability peers on making incremental environmental change. To no surprise, I witnessed passionate dialogue arou...

Potential data loss during Export Backup retention processing

Challenge In the environments using scale-out backup repository, Export Backup retention logic may delete the entire repository folder, if the required exported backup file has already been deleted manually prior to its set retention policy expiration. This issue affects Veeam Backup & Replicatio...