In the wake of the biggest breach in history, DomainTools’ new survey on “The Impact of the SolarWinds Breach on Cybersecurity” aims to capture the effects felt by 200 security researchers and analysts, threat hunters, managers, C-suite executives and those whose organizations join the collateral damage left in the fallout.
Malaysia Airlines has confirmed it has suffered a "data security incident" via a third-party IT service provider. The company also said the breach had not affected its carrier's core IT infrastructure and systems.
On Feb. 22, 2021, the “Minnesota Consumer Data Privacy Act” (MCDPA) was introduced in the Minnesota House of Representatives. The MCDPA is now the primary candidate to become Minnesota’s omnibus consumer privacy law. To learn more about the MCDPA and privacy regulations, Security magazine spoke to attorney Nadeem Schwen, from Winthrop & Weinstine, who has been at the forefront of this bill’s creation and leads data privacy work for the firm.
The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance.
Audio-based social app Clubhouse has allegedly suffered a data breach, as a third-party developer designed an open-source app that allowed Android smartphone users to access the invite-only, iPhone-only service. The app, which launched in March 2020, has quickly gained popularity, raising $100 million in funding in January.
The WebsitePlanet research team in cooperation with security researcher Jeremiah Fowler discovered a non-password protected database that contained more than 1.5 billion records. The database belonged to American cable and internet giant Comcast, and the publicly visible records included dashboard permissions, logging, client IPs, @comcast email addresses, and hashed passwords.
Among the “The State of API Security – Q1 2021” findings, 66% of organizations admit to having slowed the rollout of a new application into production because of API security concerns. In addition, 54% of organizations running production APIs have at best only a basic strategy for API security, with 27% having no strategy at all.
New research reveals 66% of home workers in the U.K. are potentially breaching GDPR regulations by printing work related documents at home, including meeting notes, contracts, commercial documents, payroll documents, CVs and more. Many are aware of GDPR rules, however, say they have no choice but to print such documents while working remotely.
