Tag: privacy

NDSS 2025 A Key-Driven Framework For Identity-Preserving Face Anonymization

Nov 21, 2025 10:49 PM

Tags: authentication, conference, framework, identity, Internet, network, privacy

SESSION Session 3D: Al Safety ———– ———– Authors, Creators & Presenters: Miaomiao Wang (Shanghai University), Guang Hua (Singapore Institute of Technology), Sheng Li (Fudan University), Guorui Feng (Shanghai University) ———– PAPER A Key-Driven Framework for Identity-Preserving Face Anonymization Virtual faces are crucial content in the metaverse. Recently, attempts have been made to generate virtual faces…
Privacy group sues feds over talks with tech companies on ICE raid trackers

Nov 21, 2025 10:49 PM

Tags: group, privacy

The lawsuit concerns the removal of apps like ICEBlock, Red Dot and DeICER from online playstores that provide real-time tracking of immigration raids. First seen on cyberscoop.com Jump to article: cyberscoop.com/eff-sues-government-app-removals-ice-tracking-free-speech/
Privacy group sues feds over talks with tech companies on ICE raid trackers

Nov 21, 2025 10:49 PM

Tags: group, privacy

The lawsuit concerns the removal of apps like ICEBlock, Red Dot and DeICER from online playstores that provide real-time tracking of immigration raids. First seen on cyberscoop.com Jump to article: cyberscoop.com/eff-sues-government-app-removals-ice-tracking-free-speech/
Protecting User Data While Boosting Visibility: Secure SEO Strategies for Manufacturers

Nov 21, 2025 7:49 PM

Tags: authentication, data, privacy, strategy

Learn how manufacturers can boost visibility while protecting user data with secure SEO, passwordless authentication, and privacy-first digital strategies. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/protecting-user-data-while-boosting-visibility-secure-seo-strategies-for-manufacturers/
Protecting User Data While Boosting Visibility: Secure SEO Strategies for Manufacturers

Nov 21, 2025 7:49 PM

Tags: authentication, data, privacy, strategy

Learn how manufacturers can boost visibility while protecting user data with secure SEO, passwordless authentication, and privacy-first digital strategies. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/protecting-user-data-while-boosting-visibility-secure-seo-strategies-for-manufacturers/
Privacy oversight board finds FBI does not buy real-time location data

Nov 20, 2025 11:49 PM

Tags: data, open-source, privacy

The report, which is based on an investigation begun by the Privacy and Civil Liberties Oversight Board (PCLOB) in 2017, provides an overview of what open-source information the FBI consults in such investigations. First seen on therecord.media Jump to article: therecord.media/pclob-finds-fbi-does-not-use-real-time-location-data
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?

Nov 20, 2025 9:49 PM

Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerability

The Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?

Nov 20, 2025 9:49 PM

Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerability

The Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
NDSS 2025 Detecting And Interpreting Inconsistencies In App Behaviors

Nov 20, 2025 6:49 PM

Tags: android, china, computer, google, Internet, malware, mobile, network, privacy, risk, risk-analysis, tool, unauthorized

SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Jun Dai, Xiaoyan Sun (Department of Computer Science,…
NDSS 2025 Detecting And Interpreting Inconsistencies In App Behaviors

Nov 20, 2025 6:49 PM

Tags: android, china, computer, google, Internet, malware, mobile, network, privacy, risk, risk-analysis, tool, unauthorized

SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Jun Dai, Xiaoyan Sun (Department of Computer Science,…
Education boards left gates wide open for PowerSchool mega-breach, say watchdogs

Nov 20, 2025 4:49 PM

Tags: attack, breach, privacy

Privacy cops say attack wasn’t just bad luck but a result of sloppy homework First seen on theregister.com Jump to article: www.theregister.com/2025/11/20/powerschool_breach_reports/
Google Play Store’s privacy practices still confuse Android users

Nov 20, 2025 7:49 AM

Tags: android, GDPR, google, privacy

Privacy rules like GDPR and CCPA are meant to help app stores be clearer about how apps use your data. But in the Google Play Store, those privacy sections often leave people … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/20/google-play-store-privacy-practices/
NDSS 2025 Understanding Miniapp Malware: Identification, Dissection, And Characterization

Nov 19, 2025 11:49 PM

Tags: computing, detection, finance, Internet, malicious, malware, mobile, network, privacy, risk, service, threat, unauthorized

———– SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Yuqing Yang (The Ohio State University), Yue Zhang (Drexel University), Zhiqiang Lin (The Ohio State University) ———– PAPER Understanding Miniapp Malware: Identification, Dissection, and Characterization Super apps, serving as centralized platforms that manage user information and integrate third-party miniapps, have revolutionized mobile computing…
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform

Nov 19, 2025 11:49 PM

Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windows

Hey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform

Nov 19, 2025 11:49 PM

Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windows

Hey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
WIRED Roundup: DHS’s Privacy Breach, AI Romantic Affairs, and Google Sues Text Scammers

Nov 19, 2025 11:49 PM

Tags: ai, breach, data, google, privacy, scam

In this episode of Uncanny Valley, we discuss our scoop about how the Department of Homeland Security illegally collected Chicago residents’ data for month, as well as the news of the week. First seen on wired.com Jump to article: www.wired.com/story/uncanny-valley-podcast-wired-roundup-dhs-privacy-breach-ai-romantic-affairs-google-sues-text-scammers/
Canadian privacy regulators say schools share blame for PowerSchool hack

Nov 19, 2025 7:49 PM

Tags: privacy, software

The Ontario and Alberta information and privacy commissioners’ reports fault the school systems for several missteps, including not putting privacy and security related provisions in their contracts with the education software firm. First seen on therecord.media Jump to article: therecord.media/canadian-privacy-regulators-say-schools-share-blame-powerschool-hack
Everest Ransomware Alleges Major Data Breach Targeting Under Armour

Nov 18, 2025 9:50 PM

Tags: breach, data, data-breach, privacy, ransomware

The alleged Everest ransomware breach could expose millions of Under Armour customers to serious security and privacy risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/everest-ransomware-alleges-major-data-breach-targeting-under-armour/
Tenable Cloud Vulnerability Management: Reducing Vulnerability Risk in the Cloud Era

Nov 18, 2025 8:50 PM

Tags: access, ai, api, attack, ciso, cloud, compliance, container, data, exploit, flaw, google, identity, infrastructure, intelligence, oracle, privacy, risk, risk-assessment, service, software, technology, threat, training, vulnerability, vulnerability-management

Tenable has launched Tenable Cloud Vulnerability Management, a powerful new offering within Tenable One, to help vulnerability management leaders identify, prioritize, and remediate exposures across multi-cloud and hybrid environments. Key takeaways Agentless inventory and visibility: Achieve complete asset inventory and coverage across all existing virtual machines, virtual machine images and container images in AWS, Azure,…
Tenable Cloud Vulnerability Management: Reducing Vulnerability Risk in the Cloud Era

Nov 18, 2025 8:50 PM

Tags: access, ai, api, attack, ciso, cloud, compliance, container, data, exploit, flaw, google, identity, infrastructure, intelligence, oracle, privacy, risk, risk-assessment, service, software, technology, threat, training, vulnerability, vulnerability-management

Tenable has launched Tenable Cloud Vulnerability Management, a powerful new offering within Tenable One, to help vulnerability management leaders identify, prioritize, and remediate exposures across multi-cloud and hybrid environments. Key takeaways Agentless inventory and visibility: Achieve complete asset inventory and coverage across all existing virtual machines, virtual machine images and container images in AWS, Azure,…
The Data Privacy Risk Lurking in Paperless Government

Nov 18, 2025 5:49 PM

Tags: compliance, data, government, privacy, risk

The world is becoming increasingly paperless, and most organizations, including federal agencies, are following suit. Switching from paper-based processes to digital ones offers great benefits. However, the security and compliance challenges that come with this shift aren’t to be taken lightly. As the federal government goes paperless to cut costs and modernize operational processes, a..…
Understanding India’s Digital Personal Data Potection Act 2025: A Complete Overview

Nov 18, 2025 12:48 PM

Tags: country, data, india, privacy

India’s Digital Personal Data Protection Act (DPDP), 2023, signaled the country’s commitment to building a modern and globally aligned privacy framework. But as with any legislation, the true operational impact becomes clear only when detailed rules are published. With the release of the Digital Personal Data Protection Rules (DPDP), 2025, organisations now have a clear,……
The privacy panic around machine learning is overblown

Nov 18, 2025 6:49 AM

Tags: privacy, training

We often hear warnings about how machine learning (ML) models may expose sensitive information tied to their training data. The concern is understandable. If a model was … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/18/machine-learning-privacy-risk-training-data/
The privacy panic around machine learning is overblown

Nov 18, 2025 6:49 AM

Tags: privacy, training

We often hear warnings about how machine learning (ML) models may expose sensitive information tied to their training data. The concern is understandable. If a model was … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/18/machine-learning-privacy-risk-training-data/
Pre-Installed Spyware Found on Samsung Galaxy Devices and Cannot Be Removed

Nov 17, 2025 9:49 PM

Tags: cyber, data, privacy, spyware

Samsung users across West Asia and North Africa are raising serious privacy concerns over AppCloud. This pre-installed bloatware application collects sensitive personal data without consent. It cannot be easily removed from Galaxy A and M series smartphones. AppCloud, developed by ironSource, an Israeli-founded company now owned by American tech firm Unity, has been embedded into…
India’s new data privacy rules turn privacy compliance into an engineering challenge

Nov 17, 2025 1:49 PM

Tags: ai, automation, backup, cloud, compliance, data, encryption, india, monitoring, nist, privacy, saas, tool

Architectural changes required: Analysts point out that meeting erasure deadlines and purpose-based storage limits will require deeper architectural changes.”Architectural changes include deploying encryption, masking, and tokenization for secure storage, implementing consent managers, and integrating erasure standards like NIST 800-88 or IEEE 2883 for IT asset sanitization,” Mahapatra said. “Cloud-native architectures with granular data classification and…
The rise of the chief trust officer: Where does the CISO fit?

Nov 17, 2025 8:49 AM

Tags: ai, business, ceo, ciso, compliance, control, credentials, cybersecurity, data, governance, grc, jobs, marketplace, metric, office, privacy, risk, soc, strategy, technology, vulnerability

CISO and CTrO: A model for a working partnership?: As customers, partners and regulators demand greater openness and assurance, those in the role say building trust, not just security, is the answer. Trust is touted as a differentiator for organizations looking to strengthen customer confidence and find a competitive advantage. Trust cuts across security, privacy,…
How shadow IT leaves every industry in the dark

Nov 15, 2025 12:49 AM

Tags: access, ai, breach, cloud, compliance, computer, control, data, data-breach, fintech, group, healthcare, infrastructure, insurance, Internet, mobile, network, privacy, regulation, risk, saas, service, technology, tool, unauthorized, vulnerability

Industry Examples of Shadow IT and Shadow AI Healthcare Consumer messaging, unapproved storage of medical imaging files, certificate challenges due to specialized portals for specific healthcare groups, department-run electronic health record (EHR) environments, unapproved telehealth platforms, AI for note summarization Insurance Custom applications for new insurance policy introductions, certificate challenges, maintenance issues, unsanctioned SaaS for…
How shadow IT leaves every industry in the dark

Nov 15, 2025 12:49 AM

Tags: access, ai, breach, cloud, compliance, computer, control, data, data-breach, fintech, group, healthcare, infrastructure, insurance, Internet, mobile, network, privacy, regulation, risk, saas, service, technology, tool, unauthorized, vulnerability

Industry Examples of Shadow IT and Shadow AI Healthcare Consumer messaging, unapproved storage of medical imaging files, certificate challenges due to specialized portals for specific healthcare groups, department-run electronic health record (EHR) environments, unapproved telehealth platforms, AI for note summarization Insurance Custom applications for new insurance policy introductions, certificate challenges, maintenance issues, unsanctioned SaaS for…
ISMG Editors: What Comes Next After US Government Shutdown?

Nov 14, 2025 8:49 PM

Tags: government, privacy, service, startup

Also: Insights From ISMG’s Global Events, Tenzai’s $75 Million Seed Round. In this week’s panel, ISMG editors broke down the mounting pressure on the Department of Health and Human Services and its privacy and security operations, the $75 million seed round for autonomous pen testing startup Tenzai and key themes from ISMG’s recent global summits…