Tag: privacy
-
Microsoft violated EU law in handling of kids’ data, Austrian privacy regulator finds
Austria’s data protection authority ruled that Microsoft illegally tracked students using its education software by failing to give them access to their data and using cookies without consent. First seen on therecord.media Jump to article: therecord.media/microsoft-violated-eu-law-austria
-
Australia Levies First-Ever Privacy Act Fine Over Lab Breach
Australian Clinical Labs Ordered to Pay $3.8 Million Over Pathology Unit Data Theft. An Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to – and following – a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for violations…
-
itSpecial
Agentforce im Privacy Center Salesforce Ivanti hat Connect Secure generalüberholt: Ivanti hat auf der it-sa die Version 25.X von Ivanti Connect Secure (ICS) vorgestellt. Nach den Sicherheitsvorfällen zu Beginn des Jahres wurde die VPN-Software nun laut Hersteller nach dem Prinzip ‘Security by Design” neu entwickelt. Dazu gehören ein moderner Webserver und eine Web Application Firewall…
-
itSpecial
Agentforce im Privacy Center Salesforce Ivanti hat Connect Secure generalüberholt: Ivanti hat auf der it-sa die Version 25.X von Ivanti Connect Secure (ICS) vorgestellt. Nach den Sicherheitsvorfällen zu Beginn des Jahres wurde die VPN-Software nun laut Hersteller nach dem Prinzip ‘Security by Design” neu entwickelt. Dazu gehören ein moderner Webserver und eine Web Application Firewall…
-
itSpecial
Agentforce im Privacy Center Salesforce Ivanti hat Connect Secure generalüberholt: Ivanti hat auf der it-sa die Version 25.X von Ivanti Connect Secure (ICS) vorgestellt. Nach den Sicherheitsvorfällen zu Beginn des Jahres wurde die VPN-Software nun laut Hersteller nach dem Prinzip ‘Security by Design” neu entwickelt. Dazu gehören ein moderner Webserver und eine Web Application Firewall…
-
The CIA triad is dead, stop using a Cold War relic to fight 21st century threats
Tags: ai, backup, breach, business, ceo, ciso, compliance, csf, cyber, cybersecurity, data, data-breach, deep-fake, firewall, framework, fraud, GDPR, governance, infrastructure, ISO-27001, nist, privacy, ransomware, regulation, resilience, sbom, software, supply-chain, technology, threat, zero-trustRansomware is not just an availability problem. Treating ransomware as a simple “availability” failure misses the point. Being “up” or “down” is irrelevant when your systems are locked and business halted. What matters is resilience: the engineered ability to absorb damage, fail gracefully, and restore from immutable backups. Availability is binary; resilience is survival. Without…
-
Australia Levies First-Ever Privacy Act Fine in Lab Breach
Australian Clinical Labs Ordered to Pay $5.8M in Data Theft at Medlab Pathology Unit. An Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to – and following – a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for…
-
USENIX 2025: PEPR ’25 OneShield Privacy Guard: Deployable Privacy Solutions for LLMs
Creator, Author and Presenter: Shubhi Asthana, IBM Research Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-oneshield-privacy-guard-deployable-privacy-solutions-for-llms/
-
USENIX 2025: PEPR ’25 Breaking Barriers, Not Privacy: Real-World Split Learning Across Healthcare Systems
Creator, Author and Presenter: Sravan Kumar Elineni Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-breaking-barriers-not-privacy-real-world-split-learning-across-healthcare-systems/
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal data.” First seen on cyberscoop.com Jump to article: cyberscoop.com/voting-rights-groups-seek-emergency-halt-save-database-trump-administration/
-
California enacts law giving consumers ability to universally opt out of data sharing
The California Consumer Privacy Act, signed in 2018, gave Californians the right to send opt-out signals, but major browsers have not had to make opt-outs simple to use. First seen on therecord.media Jump to article: therecord.media/california-signs-law-opt-out-browsers
-
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal data.” First seen on cyberscoop.com Jump to article: cyberscoop.com/voting-rights-groups-seek-emergency-halt-save-database-trump-administration/
-
The First Malicious MCP Server is a Warning Shot for AI Cybersecurity
The first malicious Model Context Protocol (MCP) server has been discovered and we should all be worried how this is foreshadowing AI cybersecurity risks! Cybersecurity researchers at Koi Security detected malicious code within an MCP server that connects AI systems with Postmark email services. The code covertly copies every email and exfiltrates it back to…
-
The First Malicious MCP Server is a Warning Shot for AI Cybersecurity
The first malicious Model Context Protocol (MCP) server has been discovered and we should all be worried how this is foreshadowing AI cybersecurity risks! Cybersecurity researchers at Koi Security detected malicious code within an MCP server that connects AI systems with Postmark email services. The code covertly copies every email and exfiltrates it back to…
-
USENIX 2025: PEPR ’25 When Privacy Guarantees Meet Pre-Trained LLMs: A Case Study In Synthetic Data
Creators, Authors and Presenters: Yash Maurya and Aman Priyanshu, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-when-privacy-guarantees-meet-pre-trained-llms-a-case-study-in-synthetic-data/
-
USENIX 2025: PEPR ’25 When Privacy Guarantees Meet Pre-Trained LLMs: A Case Study In Synthetic Data
Creators, Authors and Presenters: Yash Maurya and Aman Priyanshu, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-when-privacy-guarantees-meet-pre-trained-llms-a-case-study-in-synthetic-data/
-
USENIX 2025: PEPR ’25 When Privacy Guarantees Meet Pre-Trained LLMs: A Case Study In Synthetic Data
Creators, Authors and Presenters: Yash Maurya and Aman Priyanshu, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-when-privacy-guarantees-meet-pre-trained-llms-a-case-study-in-synthetic-data/
-
California enacts law giving consumers ability to universally opt out of data sharing
The California Consumer Privacy Act, signed in 2018, gave Californians the right to send opt-out signals, but major browsers have not had to make opt-outs simple to use. First seen on therecord.media Jump to article: therecord.media/california-signs-law-opt-out-browsers
-
German government says it will oppose EU mass-scanning proposal
Despite fears from privacy advocates, officials from the ruling party said mass-scanning proposals like Chat Control should be “taboo in a constitutional state.” First seen on cyberscoop.com Jump to article: cyberscoop.com/germany-opposes-eu-chat-control-mass-scanning-privacy/
-
German government says it will oppose EU mass-scanning proposal
Despite fears from privacy advocates, officials from the ruling party said mass-scanning proposals like Chat Control should be “taboo in a constitutional state.” First seen on cyberscoop.com Jump to article: cyberscoop.com/germany-opposes-eu-chat-control-mass-scanning-privacy/
-
Turn Compliance into a Competitive Advantage: How to Scale Privacy-Aligned Services
Learn how MSSPs can transform compliance from a burden into a competitive advantage by scaling privacy-aligned services with DSPM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/turn-compliance-into-a-competitive-advantage-how-to-scale-privacy-aligned-services/
-
Turn Compliance into a Competitive Advantage: How to Scale Privacy-Aligned Services
Learn how MSSPs can transform compliance from a burden into a competitive advantage by scaling privacy-aligned services with DSPM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/turn-compliance-into-a-competitive-advantage-how-to-scale-privacy-aligned-services/
-
USENIX 2025: PEPR ’25 Panel: How Privacy Engineers Can Shape The Coming Wave Of AI Governance
Moderator, Panelists: Moderator – Zachary Kilhoffer, Dynatrace; Panelists: Hoang Bao, Axon; Masooda Bashir, University of Illinois at Urbana-Champaign; Debra Farber, Lumin Digital; Sarah Lewis Cortes, Netflix and NIST; Akhilesh Srivastava, IOPD Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com…
-
Germany Under Pressure to Oppose EU Chat Control Proposal
Signal and Rights Groups Urge Berlin to Reject CSAM Proposal Ahead of Key EU Vote. The German federal government is under pressure to withdraw support for a European Union content scanning proposal that critics argue poses large-scale privacy risks. The EU Justice and Home Affairs Council is set to vote Oct. 14 on a regulation…
-
USENIX 2025: PEPR ’25 Building Privacy Products: Field Notes
Creator, Author and Presenter: Miguel Guevara, Google Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-building-privacy-products-field-notes/
-
USENIX 2025: PEPR ’25 Building Privacy Products: Field Notes
Creator, Author and Presenter: Miguel Guevara, Google Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-building-privacy-products-field-notes/
-
Discord Vendor Hack Exposes ID Data in Ransom Bid
Proliferating Age Verification Systems a Hacker Target. A vendor breach linked to Discord exposed government ID uploads used in age verification, raising alarms among privacy experts who warn that third-party data collection systems are becoming high-value targets amid rising legislative mandates for online age checks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/discord-vendor-hack-exposes-id-data-in-ransom-bid-a-29661