Security News

At one time, executive protection meant providing bodyguards and secure transit and fortifying executive offices against external threats. Executives are particularly at risk for "Whaling" attacks, where a criminal impersonates an executive via email or another means of communication and asks the target for money and/or information.

Regulatory bodies are taking potential data privacy violations much more seriously this year after a relatively quiet period that followed the enactment of regulations such as the General Data Protection Regulation and the California Consumer Privacy Act. In this Help Net Security video, Kris Lahiri, CSO at Egnyte, believes data privacy violations cast a long shadow and takes a closer look at the lasting consequences.

Microsoft has agreed to pay a $20 million fine and change data privacy procedures for children to settle Federal Trade Commission charges over Children's Online Privacy Protection Act violations. COPPA is a U.S. federal law designed to protect the privacy of children under the age of 13 on the internet by requiring parental consent, the ability to review and ask for the deletion of the child's personal information, the ability to refuse data collection, implement security protections for the collected information, and more when registering online accounts.

Zoom has introduced a new range of privacy enhancements and tools to make sure users have control over their data and their privacy preferences. One of the notable general privacy enhancements is the implementation of a data subject access requests tool.

The intersection of LLMs with corporate security and privacy warrants a deeper dive. Techniques like differential privacy can ensure that LLMs learn from data without exposing individual information.

The U.S. Federal Trade Commission has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. Amazon has also agreed to fork out an additional $5.8 million in consumer refunds for breaching users' privacy by permitting any employee or contractor to gain broad and unfettered access to private videos recorded using Ring cameras.

Amazon will pay $30 million in fines to settle allegations of privacy violations related to the operation of its Ring video doorbell and Alexa virtual assistant services. According to a proposed order, Ring will have to pay $5.8 million in refunds to consumers and will be barred from profiting from unlawfully obtained consumer videos.

Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up to eight. No private right of action in any of those, which means it's up to the states to enforce the laws.

Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024.

A new-ish messaging service that claims to put users' privacy first has changed its tune - and the end-to-end encryption claims on its website - as well as pulling its app from both the Apple and Google app stores after being called out online. Converso - a comms app launched in September 2022 - billed itself as a "Next-generation messaging app that keeps your conversations completely private." This, according to the developer's website, included "Proprietary state-of-the-art end-to-end encryption technology," no storage of messages on servers, and "Absolutely no use of user data." It claimed it could stand up to the likes of Signal and WhatsApp in the security stakes.