Security News

MemSQL announced that Thentia is launching MemSQL as the core operational database for its cloud-based regulatory licensing, assurance and enforcement technology. MemSQL's speed and scale will enable Thentia to achieve fast response times and automate a historically paper-based regulatory compliance process.

A group of academics from three German universities has decided to investigate whether and how mobile app vendors respond to subject access requests, and the results of their four-year undercover field study are dispiriting. "In three iterations between 2015 and 2019, we sent subject access requests to vendors of 225 mobile apps popular in Germany. Throughout the iterations, 19 to 26 % of the vendors were unreachable or did not reply at all. Our subject access requests were fulfilled in 15 to 53 % of the cases, with an unexpected decline between the GDPR enforcement date and the end of our study," they shared.

Sourcepoint has formed a relationship to help Oracle customers protect consumer privacy and manage compliance and user consent. Sourcepoint offers a fully customizable compliance management platform that allows companies to capture, manage, and optimize customer privacy preferences across a range of channels, including web, apps, AMP, and even emerging areas such as OTT and audio.

As part of the collaboration, Wipro will offer SIMM-in-a-box to financial institutions covered under Uncleared Margin Rules. The offering will allow financial institutions to calculate trade sensitivities, generate CRIF file and calculate initial margin in-house.

ACA Compliance Group announced the launch of the mobile app version of its ComplianceAlpha platform for risk and compliance management. Designed to provide financial services firms with an on-the-go hub for compliance management, communication, resources, thought leadership, and future ComplianceAlpha functionality, ACA's ComplianceAlpha mobile app provides both employees and compliance teams with an easier, more accessible compliance experience.

The enterprise-trusted, build-to-production container security solution now includes extensive compliance reporting and enforcement for PCI DSS, GDPR, and other industry and government standards, as well as new workflows specifically designed to make it easy for DevOps teams to track critical vulnerabilities and to ensure - and prove - compliance. With a single click, DevOps teams can enable NeuVector's pre-configured compliance templates to identify any potential industry compliance issues and generate audit reports for PCI DSS, GDPR, and other stringent - and often changing - data security regulations.

BDO USA announced the launch of a new integrated solution that helps organizations develop and maintain a comprehensive data governance, risk management and compliance program. BDO's Compliance Center allows companies to maximize the utility of their Microsoft suite by providing complementary services through each step of the compliance and information risk management process, from data discovery and initial gap assessments, to controls implementation, ongoing monitoring and enforcement.

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life and support on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and Magento Open Source 1. "If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance," Adobe warned.

ZL Technologies announced enhancements to the ZL UA Compliance platform that significantly strengthen the email review process for compliance departments. A flexible review pipeline for compliance departments, ensuring flagged communications are defensibly managed.

Organizations are creating the perfect storm by not implementing security basicsEuropean organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales. Average cost of DNS attacks hovering around $924,00079% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. PoC RCE exploit for SMBGhost Windows flaw releasedA security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.