Security News

The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee access to users in the region, minimize data flows outside of it, and store the information locally. "Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the U.S. remote access to TikTok European user data," the company said.

Attempts to reorganize supply chains to cut out China and foil its attempts to build a high-tech chip industry will be costly and may simply cause the Middle Kingdom to redouble its efforts, says memory maker Kioxia. Flores said China would likely retaliate against the recently announced US export controls by ramping up domestic investment in NAND as a long-term solution to its chip supply issues.

Microsoft has acknowledged a known issue where copying files/shortcuts using Group Policy Preferences on Windows client devices might not work as expected after installing recent Windows cumulative updates released during this month's Patch Tuesday. On affected systems, files or shortcuts will not copy to the target drives or end up as zero-byte files when using Group Policy file operations.

The Windows 10 KB5017308 cumulative update released this Patch Tuesday is reportedly causing Group Policy Object issues, according to admin reports. "Running Windows Update Standalone Installer with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation."

The new Microsoft Edge 105 is not starting for many Windows users due to a deprecated group policy used to disable reporting of usage and crash-related data to Microsoft. On Thursday, Microsoft Edge 105 was released with numerous enhancements, including enhanced security mode improvements and new group policies.

GitHub to add non-essential cookies on marketing pages. "GitHub is introducing non-essential cookies on web pages that market our products to businesses," explains Olivia Holder, GitHub's Senior Privacy Counsel.

The reversal, reported by TechCrunch, comes a day after the Italian data protection authority - the Garante per la Protezione dei Dati Personali - warned the company against the change, citing violations of data protection laws. "The personal data stored in users' devices may not be used to profile those users and send personalized ads without their explicit consent," the Garante said.

Pure IR retainers typically don't offer security leaders flexibility to maximize their investment, but by being permitted to use credits toward preparedness, testing, simulations and so forth, cyber risk can be mitigated. There are three key elements to achieving an effective cyber risk retainer: negotiation, structure and execution.

Even if an organization has already brought its password policy in line with NIST's recommendations, it is a good idea to periodically revisit those recommendations since they do change over time. Not surprisingly, NIST no longer recommends scheduled password changes.

Google has expanded its policies to allow doxxing victims to remove more of their personally identifiable information from search engine results starting earlier this week. While people already had the option to request the removal of personal data that could be used in financial fraud, such as credit card and bank account info, before this update, Google now also allows demands to delete contact information.