Tag: privacy
-
The CIA triad is dead, stop using a Cold War relic to fight 21st century threats
Tags: ai, backup, breach, business, ceo, ciso, compliance, csf, cyber, cybersecurity, data, data-breach, deep-fake, firewall, framework, fraud, GDPR, governance, infrastructure, ISO-27001, nist, privacy, ransomware, regulation, resilience, sbom, software, supply-chain, technology, threat, zero-trustRansomware is not just an availability problem. Treating ransomware as a simple “availability” failure misses the point. Being “up” or “down” is irrelevant when your systems are locked and business halted. What matters is resilience: the engineered ability to absorb damage, fail gracefully, and restore from immutable backups. Availability is binary; resilience is survival. Without…
-
Australia Levies First-Ever Privacy Act Fine in Lab Breach
Australian Clinical Labs Ordered to Pay $5.8M in Data Theft at Medlab Pathology Unit. An Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to – and following – a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for…
-
USENIX 2025: PEPR ’25 OneShield Privacy Guard: Deployable Privacy Solutions for LLMs
Creator, Author and Presenter: Shubhi Asthana, IBM Research Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-oneshield-privacy-guard-deployable-privacy-solutions-for-llms/
-
USENIX 2025: PEPR ’25 Breaking Barriers, Not Privacy: Real-World Split Learning Across Healthcare Systems
Creator, Author and Presenter: Sravan Kumar Elineni Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-breaking-barriers-not-privacy-real-world-split-learning-across-healthcare-systems/
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
The First Malicious MCP Server is a Warning Shot for AI Cybersecurity
The first malicious Model Context Protocol (MCP) server has been discovered and we should all be worried how this is foreshadowing AI cybersecurity risks! Cybersecurity researchers at Koi Security detected malicious code within an MCP server that connects AI systems with Postmark email services. The code covertly copies every email and exfiltrates it back to…
-
The First Malicious MCP Server is a Warning Shot for AI Cybersecurity
The first malicious Model Context Protocol (MCP) server has been discovered and we should all be worried how this is foreshadowing AI cybersecurity risks! Cybersecurity researchers at Koi Security detected malicious code within an MCP server that connects AI systems with Postmark email services. The code covertly copies every email and exfiltrates it back to…
-
USENIX 2025: PEPR ’25 When Privacy Guarantees Meet Pre-Trained LLMs: A Case Study In Synthetic Data
Creators, Authors and Presenters: Yash Maurya and Aman Priyanshu, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-when-privacy-guarantees-meet-pre-trained-llms-a-case-study-in-synthetic-data/
-
USENIX 2025: PEPR ’25 When Privacy Guarantees Meet Pre-Trained LLMs: A Case Study In Synthetic Data
Creators, Authors and Presenters: Yash Maurya and Aman Priyanshu, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-when-privacy-guarantees-meet-pre-trained-llms-a-case-study-in-synthetic-data/
-
USENIX 2025: PEPR ’25 When Privacy Guarantees Meet Pre-Trained LLMs: A Case Study In Synthetic Data
Creators, Authors and Presenters: Yash Maurya and Aman Priyanshu, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-when-privacy-guarantees-meet-pre-trained-llms-a-case-study-in-synthetic-data/
-
California enacts law giving consumers ability to universally opt out of data sharing
The California Consumer Privacy Act, signed in 2018, gave Californians the right to send opt-out signals, but major browsers have not had to make opt-outs simple to use. First seen on therecord.media Jump to article: therecord.media/california-signs-law-opt-out-browsers
-
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal data.” First seen on cyberscoop.com Jump to article: cyberscoop.com/voting-rights-groups-seek-emergency-halt-save-database-trump-administration/
-
California enacts law giving consumers ability to universally opt out of data sharing
The California Consumer Privacy Act, signed in 2018, gave Californians the right to send opt-out signals, but major browsers have not had to make opt-outs simple to use. First seen on therecord.media Jump to article: therecord.media/california-signs-law-opt-out-browsers
-
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal data.” First seen on cyberscoop.com Jump to article: cyberscoop.com/voting-rights-groups-seek-emergency-halt-save-database-trump-administration/
-
German government says it will oppose EU mass-scanning proposal
Despite fears from privacy advocates, officials from the ruling party said mass-scanning proposals like Chat Control should be “taboo in a constitutional state.” First seen on cyberscoop.com Jump to article: cyberscoop.com/germany-opposes-eu-chat-control-mass-scanning-privacy/
-
German government says it will oppose EU mass-scanning proposal
Despite fears from privacy advocates, officials from the ruling party said mass-scanning proposals like Chat Control should be “taboo in a constitutional state.” First seen on cyberscoop.com Jump to article: cyberscoop.com/germany-opposes-eu-chat-control-mass-scanning-privacy/
-
Turn Compliance into a Competitive Advantage: How to Scale Privacy-Aligned Services
Learn how MSSPs can transform compliance from a burden into a competitive advantage by scaling privacy-aligned services with DSPM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/turn-compliance-into-a-competitive-advantage-how-to-scale-privacy-aligned-services/
-
Turn Compliance into a Competitive Advantage: How to Scale Privacy-Aligned Services
Learn how MSSPs can transform compliance from a burden into a competitive advantage by scaling privacy-aligned services with DSPM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/turn-compliance-into-a-competitive-advantage-how-to-scale-privacy-aligned-services/
-
USENIX 2025: PEPR ’25 Panel: How Privacy Engineers Can Shape The Coming Wave Of AI Governance
Moderator, Panelists: Moderator – Zachary Kilhoffer, Dynatrace; Panelists: Hoang Bao, Axon; Masooda Bashir, University of Illinois at Urbana-Champaign; Debra Farber, Lumin Digital; Sarah Lewis Cortes, Netflix and NIST; Akhilesh Srivastava, IOPD Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com…
-
Germany Under Pressure to Oppose EU Chat Control Proposal
Signal and Rights Groups Urge Berlin to Reject CSAM Proposal Ahead of Key EU Vote. The German federal government is under pressure to withdraw support for a European Union content scanning proposal that critics argue poses large-scale privacy risks. The EU Justice and Home Affairs Council is set to vote Oct. 14 on a regulation…
-
USENIX 2025: PEPR ’25 Building Privacy Products: Field Notes
Creator, Author and Presenter: Miguel Guevara, Google Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-building-privacy-products-field-notes/
-
USENIX 2025: PEPR ’25 Building Privacy Products: Field Notes
Creator, Author and Presenter: Miguel Guevara, Google Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-building-privacy-products-field-notes/
-
Discord Vendor Hack Exposes ID Data in Ransom Bid
Proliferating Age Verification Systems a Hacker Target. A vendor breach linked to Discord exposed government ID uploads used in age verification, raising alarms among privacy experts who warn that third-party data collection systems are becoming high-value targets amid rising legislative mandates for online age checks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/discord-vendor-hack-exposes-id-data-in-ransom-bid-a-29661
-
Cloud Monitor Provides Affordable Visibility and Control at Western Reserve Academy
Western Reserve Academy Balances Security and Privacy in Google Workspace and Microsoft 365 Western Reserve Academy is an independent boarding and day school in Hudson, Ohio that prides itself on providing a top-tier learning environment supported by modern technology. Matt Gerber, Chief Information Officer, and Brian Schwartz, Director of Network Administration, lead the school’s technology…
-
USENIX 2025: PEPR ’25 Career Advice For Privacy Engineers: From Resume To Interview To Finding The Next Job
Creator, Author And Presenters: Jason A. Novak, Google Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/usenix-2025-pepr-25-career-advice-for-privacy-engineers-from-resume-to-interview-to-finding-the-next-job/
-
Cybersecurity Concerns as Blockchain Lands in Global Finance
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) and over 30 banks servicing 200 countries, have announced they will develop a blockchain global shared digital ledger to support global payments. SWIFT will integrate the blockchain with legacy systems and continue innovating to deliver more capable financial services. I am a fan of blockchain technology, the…
-
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. First seen on hackread.com Jump to article: hackread.com/studyfree-ios-android-vpn-apps-leak-data/
-
Secure Email Finder Tools: Ensuring Privacy in 2025
Email finder tools are not all the same. Some focus on speed, while others give more attention to safety and accuracy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/secure-email-finder-tools-ensuring-privacy-in-2025/