Schneier on Security

JANUARY 30, 2024

It finally admitted to buying bulk data on Americans from data brokers, in response to a query by Senator Weyden. Some news articles. This is almost certainly illegal, although the NSA maintains that it is legal until it’s told otherwise.

Surveillance 326

Surveillance Data collection Data privacy 326

Security Boulevard

JUNE 19, 2023

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post Debunking the Misconception That CRQ Requires a Lot of Data Collection appeared first on Security Boulevard.

Data collection 59

Data collection Cyber Risk Risk 59

Adam Levin

DECEMBER 12, 2018

T]he explanations people see when prompted to give permission are often incomplete or misleading,” the Times explained in the article. “An An app may tell users that granting access to their location will help them get traffic information, but not mention that the data will be shared and sold. Read the Times article here.

Mobile 192

Mobile Advertising Data collection Marketing 192

Schneier on Security

JANUARY 19, 2022

The companies will keep making money for the rapid tests they collect, he said. Read the article for the messy details. “You guys will continue making the $28.50 you’re making for the rapid test,” Syed said in the video. Or take a job and see for yourself.

Insurance 356

Insurance Marketing Government Software 356

Schneier on Security

NOVEMBER 19, 2020

Vice has a long article about how the US military buys commercial location data worldwide. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.

Government 313

Government Data collection 313

Schneier on Security

JANUARY 21, 2022

News article : It’s not clear whether the security flaws were intentional or not, but the report speculated that proper encryption might interfere with some of China’s ubiquitous online surveillance tools, especially systems that allow local authorities to snoop on phones using public wireless networks or internet cafes.

Surveillance 360

Surveillance Encryption Wireless Government 360

CSO Magazine

APRIL 18, 2023

An analysis of customer data collected by content delivery network and internet services giant Akamai found that attacks targeting web applications rose by 137% over the course of last year, as the healthcare and manufacturing sectors in particular were targeted with an array of API and application-based intrusions.

Manufacturing 125

Manufacturing Healthcare Data collection Internet 125

Schneier on Security

SEPTEMBER 26, 2019

News articles talk about " spy trains ," and the possibility that the train cars might surreptitiously monitor their passengers' faces, movements, conversations or phone calls. But another part involves fears about national security. This is a complicated topic.

Surveillance 247

Surveillance Wireless Government Internet 247

CSO Magazine

NOVEMBER 18, 2022

The Indian federal government on Friday published a new draft of data privacy laws that would allow personal data transfer to other nations under certain conditions, and impose fines for breaches of data-transfer and data-collection regulations. To read this article in full, please click here

Data collection 117

Data collection Data privacy Banking Government 117

Schneier on Security

DECEMBER 19, 2023

Some articles are more nuanced , but there’s still a lot of confusion. There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. It seems not to be true. Dropbox isn’t sharing all of your documents with OpenAI.

Government 325

Government Banking Risk Internet 325

CSO Magazine

NOVEMBER 4, 2021

SIEM products and services combine log data collection and reporting with real-time analysis of security alerts generated by applications and network hardware. To read this article in full, please click here

Data collection 114

Data collection Software Risk 114

CSO Magazine

AUGUST 15, 2022

have questioned its data collection practices and potential ties to the Chinese state. The concerns have deepened after Buzzfeed published a report saying that data of some American users had been repeatedly accessed from China. To read this article in full, please click here Both lawmakers and citizens in the U.S.

Data collection 112

Data collection Risk Government 112

Security Affairs

MARCH 4, 2024

Consumer groups assert that Meta is not adhering to various rules established by the European privacy regulation GDPR: Fair Processing (Article 5(1)(a)): Personal data must be processed lawfully, fairly, and transparently. Consumer groups claim that Meta’s data collection is unfair and lacks transparency.

Data collection 130

Data collection Surveillance Hacking Information Security 130

The Last Watchdog

MAY 21, 2020

When that sensitive, granular data is leaked, regaining your online privacy becomes virtually impossible. The tracking methods used are also becoming more sophisticated and captures a lot more data than before. Privacy concerns As mentioned earlier in the article, the principles behind device or online fingerprinting are good.

Advertising 290

Advertising Internet Internet Accountability 290

CSO Magazine

MAY 26, 2023

Today, the convergence of operational technology (OT) and IT networks is accelerating because organizations can use the data collected by physical equipment and Industrial Internet of Things (IIoT) devices to identify issues and increase efficiency. To read this article in full, please click here

Technology 103

Technology Cybersecurity Data collection Internet 103

Schneier on Security

SEPTEMBER 8, 2022

EDITED TO ADD: Another article. These systems are so complex that no humans understand them anymore. That allows us to do things we couldn’t do otherwise, but it’s also a problem.

Engineering 255

Engineering Data collection Software 255

CSO Magazine

APRIL 5, 2022

This is made more challenging as the attack surface grows larger and more complex each day, demanding new requirements for data collection, processing, and analysis along with process automation. To read this article in full, please click here Unfortunately, these changes aren’t really happening—or at least not quickly enough.

Data collection 99

Data collection Risk 99

Joseph Steinberg

APRIL 20, 2021

It is also not uncommon for firms in the healthcare vertical to symbiotically share various types of information with one another; private healthcare-related data is also almost always shared during the M&A process – even before deals have closed.

Healthcare 233

Healthcare Insurance Computers and Electronics Data collection 233

CSO Magazine

AUGUST 22, 2022

The amount of relief sought isn’t specified, but the suit – in addition to asking for certification as a class action – demands a halt to Oracle’s data collection activities, as well as restitution of profits made from data collected without consent. To read this article in full, please click here

Surveillance 83

Surveillance Data collection 83

Security Affairs

OCTOBER 27, 2023

Then, the derived insights let you monitor market trends, customer behavior, competitor pricing, and other key data collected via market research. Successful extraction of public data from the internet can be a tricky process, especially when visited websites use protection algorithms. Why Choose Residential Proxies?

Marketing 127

Marketing Data collection Internet Internet 127

CSO Magazine

NOVEMBER 28, 2022

Marketers want to collect data about customers and their devices. Privacy officers want to ensure the data collection process is fully compliant with privacy regulations. To read this article in full, please click here

CSO 80

CSO Data collection Marketing Accountability 80

SecureWorld News

SEPTEMBER 3, 2024

Identity as the digital perimeter and data protection are mission critical to foster digital trust, enable service assurance, and minimize enterprise risk. These factors are illustrated and discussed in depth in my article, The Rise of Data Sovereignty and a Privacy Era. This gives rise to Network observability!

Technology 113

Technology Architecture Risk Data collection 113

Malwarebytes

JANUARY 18, 2021

What happens after that, is lots of articles appear explaining what to do if you want to switch to other services. Updated 19th January : Article amended to clarify which policies were displayed, and to whom]. Simply by having to explain the differences between forms of messaging, data collection is thrown into sharp relief.

Data collection 75

Data collection Encryption Accountability Passwords 75

The Last Watchdog

MAY 26, 2021

MFA adds another roadblock to accessing your account and is a simple, yet powerful way to strengthen data security. About the essayist: Chad Cragle is director of security and compliance at FormAssembly , which supplies an all-in-one online form builder and data collection platform.

Passwords 182

Passwords Password Management Accountability Authentication 182

Security Affairs

OCTOBER 17, 2023

Authentication data collected by POEMGATE can be used for lateral movement and other malicious activities on the compromised networks. At the final stage of an attack, the attackers were able to interfere with network equipment, as well as data storage systems.

Telecommunications 132

Telecommunications Authentication Data collection Passwords 132

IT Security Guru

AUGUST 7, 2024

Progressive Profiling : Progressive Profiling, or the gradual collection of customer information over time, allows insurance entities to develop comprehensive profiles without overwhelming the customer with long forms, while also respecting customer privacy preferences.

Insurance 124

Insurance Data collection Authentication Technology 124

Security Affairs

JUNE 9, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 125

Data breaches Banking Hacking Malware 125

CyberSecurity Insiders

SEPTEMBER 11, 2021

Analysts find dealing with data collected from numerous hosts within an enterprise to be a daunting task. The time necessary to acquire security data, the rigidity around how the data can be analyzed, and the speed at which data can be processed make these tools less useful than they should be.

Threat Detection 126

Threat Detection Data collection Software Engineering 126

Security Affairs

NOVEMBER 15, 2022

The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”.

Consumer Protection 98

Consumer Protection Accountability Data collection Advertising 98

Security Affairs

MARCH 7, 2025

This article uses differential privacy in healthcare, finance, and government data analytics to explore the mathematical foundation, implementation strategies, and real-world applications of differential privacy. According to Erlingsson (2014), Google’s RAPPOR system collects user data while maintaining anonymity.

Artificial Intelligence 62

Artificial Intelligence Healthcare Data privacy Banking 62

Security Boulevard

NOVEMBER 25, 2021

Furthermore, they were primarily concerned with data collecting and processing, with little intelligence. In this article, [.]. In early IoT installations, networks of sensors, wireless sensor networks, and RFID (Radio Frequency Identification) devices were deployed in small to medium-size deployments within an enterprise.

IoT 59

IoT Wireless Data collection 59

eSecurity Planet

JUNE 8, 2022

Rapid7’s online documentation is very thorough, and their knowledge base articles helped us navigate a few configuration hiccups we ran into along the way. Once you are ready to install the collector role, first log into the InsightIDR portal : From the menu on the left side of the screen, click Data Collection.

DNS 109

DNS Data collection Marketing Passwords 109

SecureWorld News

NOVEMBER 30, 2022

The material issues in this inquiry concerned questions of compliance with the GDPR obligation for Data Protection by Design and Default.". The controller shall implement appropriate technical and organizational measures for ensuring that only personal data which are necessary for each specific purpose of the processing are processed.

Data breaches 98

Data breaches Data collection Media Cybersecurity 98

The Last Watchdog

MAY 20, 2022

As new data protection legislation (such as the GDPR and the CCPA) joins current laws, the regulatory environment becomes increasingly complex (like HIPAA and PCI DSS). An MSSP can assist with data collection and report generation to establish compliance during audits or in the aftermath of a possible incident.

Marketing 247

Marketing Digital transformation Technology Cybersecurity 247

Security Affairs

JANUARY 2, 2023

The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”.

Consumer Protection 98

Consumer Protection Surveillance Data collection Accountability 98

Malwarebytes

FEBRUARY 13, 2024

In 2022, we published an article about how photographs of children taken by a stalkerware-type app were found exposed on the internet because of poor cybersecurity practices by the app vendor. The stalkerware-type app involved, TheTruthSpy, has shown once again that the way in which it handles captured data shows no respect to its customers.

Spyware 141

Spyware Malware Data collection Hacking 141

TrustArc

NOVEMBER 1, 2022

If you are unsure about whether the GDPR applies to your data collection activities, TrustArc’s data experts have the answers to three common misconceptions.

Data collection 64

Data collection 64