In a stark call to action at Mandiant’s mWise conference, Jen Easterly, the head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), condemned technology vendors for a pervasive issue of delivering faulty and insecure software. Her remarks underscored a growing concern within the cybersecurity landscape, where the quality of software is crucial in the […]
Telegram Security Breach Exposes Medical Data: A Wake-Up Call for Digital Privacy
In an alarming incident that has reignited concerns over digital security and privacy, a hacker known as xenZen has claimed responsibility for leaking over 7 terabytes of sensitive medical data from Star Health, one of India’s largest health insurers. This data breach, facilitated through Telegram chatbots, has put millions of customers’ medical information at risk, […]
US FTC Highlights Privacy Concerns with Social Media Data
A recent report by the US Federal Trade Commission (FTC) raises significant alarm regarding the data practices of prominent social media platforms, including Meta, TikTok, and Twitch. The findings reveal that these companies lack transparency in how they gather, store, and manage user data, resulting in substantial privacy concerns for individuals, especially vulnerable groups like […]
Brazil Introduces Comprehensive Regulations for International Data Transfers
In an increasingly interconnected world, data privacy and protection have become top priorities for countries across the globe. Brazil recently stepped up its efforts to safeguard personal data by implementing new regulations that govern international data transfers. The Brazilian Data Protection Authority (ANPD) has released Resolution 19/2024, which builds upon the existing framework established by […]
China's New Guidelines Aim to Secure Sensitive Personal Data
China’s recent initiatives in data governance mark a significant step towards enhancing data protection within its jurisdiction. On September 20, 2024, the National Information Security Standardization Technical Committee (TC260) released new guidelines titled “Cybersecurity Standard Practice Guidelines – Sensitive Personal Information Identification.” This document aims to clarify what constitutes sensitive personal information and establish a […]
US CISA Urges Action on Vulnerable Ivanti Appliance
The Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm for federal agencies to take immediate action regarding a critical vulnerability in Ivanti’s Cloud Service Appliance (CSA). Known as CVE-2024-8190, this flaw has already been exploited in recent cyberattacks. The urgency of the situation is reflected in CISA’s directive for all federal civilian agencies […]