Schneier on Security

AUGUST 25, 2020

reproduce those results and extend the original work to detail the privacy risk posed by the aggregation of browsing histories. Our dataset consists of two weeks of browsing data from ~52,000 Firefox users. The original work demonstrated that browsing profiles are highly distinctive and stable.We

Data collection 260

Data collection Risk 260

Cisco Security

JUNE 1, 2021

However, back then, although these occasional gaps in visibility did naturally result in minor and temporary increased organizational risks, the overall volume of non-VPN-connected remote work that took place was so low and infrequent that it was considered to be negligible and ignored. With release 7.3.2, Has anyone “gone rogue”?

Data collection 102

Data collection Firewall VPN Threat Detection 102

Malwarebytes

JANUARY 20, 2025

This is nothing new, we’ve seen numerous times that insurance companies are very interested in our lifestyle and will happily charge more or even refuse to take us in as customers if they think were too much of a risk. Probably the most shocking thing is the type of information that could be involved.

Surveillance 120

Surveillance Artificial Intelligence Consumer Protection Retail 120

The Last Watchdog

MARCH 14, 2019

So they began inundating their third-party suppliers with “bespoke assessments” – customized cyber risk audits that were time consuming and redundant. Kneip also painted the wider context about why effective third-party cyber risk management is an essential ingredient to baking-in security at a foundational level. We take that away.

Cyber Risk 165

Cyber Risk Risk Digital transformation Accountability 165

Schneier on Security

SEPTEMBER 15, 2023

Claude’s reply: Here’s a brief summary of the key themes and arguments made in security expert Bruce Schneier’s book Beyond Fear: Thinking Sensibly About Security in an Uncertain World : Central Themes: Effective security requires realistic risk assessment, not fear-driven responses. Focus only on proportional responses.

Data collection 233

Data collection Risk Surveillance Manufacturing 233

CyberSecurity Insiders

DECEMBER 18, 2021

It’s never been more important to protect employees from cyber-attacks while also mitigating the risk they pose as trusted insiders. Dtex’s Workforce Cyber Intelligence Platform enables organizations better understand their workforce, protect their data and make human-centric operational investments.

Risk 134

Risk Social Engineering Surveillance Data collection 134

Malwarebytes

JANUARY 24, 2025

In April of 2024, Texas Attorney General Ken Paxton sent civil investigative demands to Kia, General Motors, Subaru and Mitsubishi seeking details of their data collection and sharing practices. And in August, Paxton sued General Motors for selling customer driving data to third parties.

Manufacturing 113

Manufacturing Insurance Data collection Data privacy 113

NetSpi Technical

NOVEMBER 14, 2024

It focuses on distilling data related to shares configured with excessive privileges to better understand their relationships and risk. The Results directory houses csv files containing all the computer, share, file, and permission data collected, including things like excessive privileges and stored secret samples.

Passwords 145

Passwords Risk Data collection Backups 145

Centraleyes

MARCH 25, 2024

Let’s discuss an acronym reshaping the business world: Vendor Risk Management , or VRM. With supply chains extending across multiple regions and involving numerous third-party vendors, organizations face unprecedented challenges in managing vendor risks effectively. What risks are you facing?

Risk 111

Risk Data collection Architecture Government 111

eSecurity Planet

NOVEMBER 29, 2022

In a recent study of 1,237 Chrome extensions with a minimum of 1,000 downloads, Incogni researchers found that nearly half ask for permissions that could potentially expose personally identifiable information (PII), distribute adware and malware , or even log everything users do online, including accessing passwords and financial data.

Risk 116

Risk Adware Data collection Passwords 116

Schneier on Security

JANUARY 14, 2020

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Eavesdropping is also a risk, although efforts to listen in would almost certainly be detectable. What's more, U.S. Again, near-term self-interest has so far triumphed over society's long-term best interests.

Data collection 279

Data collection Software Marketing Government 279

The Last Watchdog

MAY 21, 2020

Kernel The privacy risks associated with online or browser fingerprinting today are real. Advertisers are amassing a huge amount of data and creating a comprehensive profile on you as an internet user. Intrinsic risks Device fingerprinting does reveal a lot about who you are.

Advertising 290

Advertising Internet Internet Accountability 290

Security Affairs

FEBRUARY 2, 2025

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Last week, Italys data protection watchdog blocked Chinese artificial intelligence (AI) firm DeepSeek s chatbot service within the country, citing a lack of information on its use of users personal data.

Government 76

Government Artificial Intelligence Media Data collection 76

CSO Magazine

AUGUST 15, 2022

have questioned its data collection practices and potential ties to the Chinese state. The concerns have deepened after Buzzfeed published a report saying that data of some American users had been repeatedly accessed from China. The short-video platform TikTok has come under fire in recent months.

Data collection 112

Data collection Risk Government 112

Schneier on Security

MARCH 12, 2019

Touted as useful management tools, they can augment biased and discriminatory practices in workplace evaluations and segment workforces into risk categories based on patterns of behavior. Gamification and algorithmic management of work activities through continuous data collection.

Surveillance 224

Surveillance Data collection Technology Risk 224

Security Affairs

MARCH 27, 2025

In January, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. ” concludes the alert.

Malware 66

Malware Data collection Advertising Media 66

Joseph Steinberg

APRIL 20, 2021

In some cases, Voice-over-IP numbers are not acceptable as cellphone numbers either – meaning that registrants must increase their cyber-risk by providing their actual cellphone numbers to a party that has offered no information about how that data will be protected. Provide as little information as possible to vaccinators.

Healthcare 233

Healthcare Insurance Computers and Electronics Data collection 233

Adam Shostack

JANUARY 2, 2025

I recall "Computers at Risk," the National Cyber Leap Year report, and the Bellovin & Neumann editorial in IEEE S&P. In particular, what I'm looking for are calls like this one in Computers at Risk (National Academies Press, 1991): 3a. Build a repository of incident data. Oh, and "The New School of Information Security."

Data collection 130

Data collection Risk Information Security 130

Schneier on Security

SEPTEMBER 26, 2019

There is definitely a national security risk in buying computer infrastructure from a country you don't trust. The risk of discovery is too great, and the payoff would be too low. But we need to make these decisions to protect ourselves deliberately and rationally, recognizing both the risks and the costs.

Surveillance 257

Surveillance Wireless Government Internet 257

Troy Hunt

NOVEMBER 25, 2020

The vulnerability Context Security discovered meant exposing the Wi-Fi credentials of the network the device was attached to, which is significant because it demonstrates that IoT vulnerabilities can put other devices on the network at risk as well. Are these examples actually risks in IoT?

IoT 362

IoT Firmware Risk Manufacturing 362

TrustArc

MARCH 3, 2022

Your Privacy Spreadsheets Might be Putting Your Organization at Risk Years ago, it was possible to manage a privacy program using spreadsheets. However, with the massive increase in data collection and new privacy regulations, those privacy spreadsheets are starting to add up. A […].

Data collection 116

Data collection Risk 116

The Last Watchdog

JULY 27, 2023

However, contrary to popular belief, data collected by the CrowdSec network indicates that VPNs and proxies play a far less significant role in cybercriminal activities. Low MD translates to a lower risk for a business to inherit a machine that has been flagged as malevolent.

VPN 246

VPN Data collection Cybersecurity Threat Detection 246

Security Affairs

JANUARY 30, 2025

Italys data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italys Data Protection Authority Garante has asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data.

Artificial Intelligence 70

Artificial Intelligence Data collection Data privacy DDOS 70

CSO Magazine

NOVEMBER 4, 2021

SIEM products and services combine log data collection and reporting with real-time analysis of security alerts generated by applications and network hardware. To read this article in full, please click here

Data collection 114

Data collection Software Risk 114

CyberSecurity Insiders

AUGUST 20, 2021

According to a media update released by the Cyberspace Administration of China (CAC) the new law called the Personal Information Protection Law(PIPL) will come into force from October 26th,2021 and will aim to standardize solutions pertaining to data security risks in automobile sector.

Manufacturing 142

Manufacturing Data collection Media Risk 142

Adam Levin

JUNE 24, 2020

269 gigabytes of potentially sensitive data collected from more than 200 police departments across the country were leaked online last week. Cybersecurity experts and law enforcement officials have expressed concern about the potentially sensitive nature of some of the data.

Data collection 189

Data collection VPN Accountability Risk 189

Security Affairs

JUNE 16, 2020

On Friday, the Norwegian Data Protection Authority (Norwegian: Datatilsynet) issued a warning that it would stop the Norwegian Institute of Public Health from handling data collected via Smittestopp contact tracing app. Only 600,000 citizens out of Norway’s 5.4 million inhabitants had been using the contact tracing app.

Data collection 137

Data collection Advertising Government Technology 137

eSecurity Planet

APRIL 8, 2021

Researchers now believe that the rapid adoption of these skills could have implications for information security as they could open Alexa users up to phishing or invasive data collection. The post Amazon Alexa Skills Present Security Risks appeared first on eSecurityPlanet. What is an Amazon Alexa Skill?

Risk 96

Risk Phishing Data collection Cyber threats 96

Security Affairs

DECEMBER 2, 2023

While WeMystic has since closed the database, researchers said that the data was accessible for at least five days. One of the data collections in the exposed instance, named “users,” contained a whopping 13.3 Do you want to know the risks faced by users whose data has been exposed? million records.

Data collection 139

Data collection Risk Hacking Information Security 139

BH Consulting

MARCH 26, 2025

This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. It classifies AI systems by risk and imposes obligations accordingly, aiming to ensure safety, fundamental rights, and trustworthy innovation. How should boards approach digital risks?

Government 52

Government Artificial Intelligence Risk Digital transformation 52

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Mobile 136

Mobile Government Data collection Antivirus 136

Security Affairs

OCTOBER 23, 2023

The Philippine defense warned of the risks of using AI-based applications to generate personal portraits and ordered its personnel to stop using them. The order remarks that these AI-based applications pose significant privacy and security risks. On October 14, Defense Secretary Gilberto Teodoro Jr. issued the order in an Oct.

Identity Theft 134

Identity Theft Social Engineering Data collection Risk 134

Security Boulevard

APRIL 27, 2023

Why Overthinking Risk Will Turn You into Stone Risk is an enabler of Analysis Paralysis. Organizations invest vast amounts of money, time, and human capital in identifying, analyzing, and reporting potential risks within their domain. Risk exists no matter what an organization is involved in.

Risk 64

Risk Data collection CISO Government 64

Schneier on Security

APRIL 10, 2023

But while it’s an easy experiment to run, it misses the real risk of large language models (LLMs) writing scam emails. This is due not only to AI advances, but to the business model of the internet—surveillance capitalism—which produces troves of data about all of us, available for purchase from data brokers.

Phishing 339

Phishing Scams Internet Internet 339

The Last Watchdog

DECEMBER 7, 2021

A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating data collected from live settings. Digital twins enable simulations to be run without risking harm to the physical entity; they help inform efficiency gains made in factories and assure the reliability of jet engines, for instance.

Engineering 244

Engineering Data collection Artificial Intelligence Technology 244

Malwarebytes

AUGUST 20, 2024

The AG accuses GM of installing technology that allegedly improves the safety, functionality, and operability of its vehicles, but at the same time this technology gathers driving data about the vehicle’s usage. The driving data collected and sold by GM included trip details like speed, seatbelt status, and driven distance.

Insurance 108

Insurance Accountability Data collection Surveillance 108

Centraleyes

NOVEMBER 9, 2024

These protections extend to sensitive data such as health, financial, and biometric information. For businesses, the DPDPA sets clear data privacy standards, helping them to build trust with customers, reduce the risk of data breaches, and protect their reputation.

Data privacy 52

Data privacy Data collection Risk Accountability 52