#data-transfer-security
#data-transfer-security

Apple stops weirdly storing data that let cops spy on Signal chats

Signal's patch deletes preserved notifications and prevents future preservation for deleted apps, but user concerns about privacy remain.

fromThe Local Germany

11 hours ago

As phishing attacks hit Germany - how secure is Signal messenging app?

Signal, a secure messaging app, faces phishing attacks linked to Russian groups, raising concerns about its security despite its end-to-end encryption.

Apple

Apple stops weirdly storing data that let cops spy on Signal chats

Signal's patch deletes preserved notifications and prevents future preservation for deleted apps, but user concerns about privacy remain.

How to Know Where Your Security Threat Is Before It's Too Late

Organizations winning the security talent war operationalize key questions to prevent knowledge loss and enhance cybersecurity resilience.

fromMail Online

Privacy technologies

How to create secure passwords - it might be time to switch to passkey

DevOps

The Security Metric That's Failing You

What is a passkey, how does it work and why is it better than a password?

The UK's National Cyber Security Centre recommends using passkeys instead of passwords for secure digital logins.

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.

fromWIRED

Discord Sleuths Gained Unauthorized Access to Anthropic's Mythos

Mozilla used Anthropic's Mythos Preview to fix 271 vulnerabilities in Firefox 150, while North Korean hackers exploited AI for cybercrime.

Careers

How to Know Where Your Security Threat Is Before It's Too Late

Organizations winning the security talent war operationalize key questions to prevent knowledge loss and enhance cybersecurity resilience.

fromMail Online

How to create secure passwords - it might be time to switch to passkey

Using unique passwords and transitioning to passkeys enhances online security and reduces the risk of cyber threats.

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.

What is a passkey, how does it work and why is it better than a password?

The UK's National Cyber Security Centre recommends using passkeys instead of passwords for secure digital logins.

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.

fromWIRED

Discord Sleuths Gained Unauthorized Access to Anthropic's Mythos

Mozilla used Anthropic's Mythos Preview to fix 271 vulnerabilities in Firefox 150, while North Korean hackers exploited AI for cybercrime.

What is Cloud Security? Fundamental Guide

Cloud security requires specialized processes and technologies to protect assets and data from evolving threats in a dynamic environment.

12 hours ago

How to audit what ChatGPT knows about you - and reclaim your data privacy

Re-evaluate personal information shared with ChatGPT to enhance privacy and security.

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

fromFuturism

6 hours ago

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

more#ransomware

Business intelligence

The Hidden Data Liability Every Leader Needs to Address Now

Data is no longer endlessly renewable; companies face a 'data liability gap' affecting AI systems and data recovery responsibilities.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

fromAP News

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but comes with privacy and security risks when working in public spaces.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

fromAP News

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but comes with privacy and security risks when working in public spaces.

more#remote-work

Cryptocurrency

fromThe Village Voice

Which VPN makes sense for crypto traders in 2026? - The Village Voice

Crypto traders must choose VPNs based on technical fundamentals like protocol choices, logging policies, and security features to protect their activities.

#agentic-ai

Government adoption of AI agents could outpace the private sector

Agentic AI adoption in government is a leadership mandate, with 82% already using it and 71% planning to increase usage by 2026-2027.

Software development

fromDevOps.com

Agentic AI for Defense: How Checkmarx Turns Security into a Coding Partner - DevOps.com

Agentic AI proactively identifies and addresses security vulnerabilities in real-time during code development, enhancing application security significantly.

Information security

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Government adoption of AI agents could outpace the private sector

Agentic AI adoption in government is a leadership mandate, with 82% already using it and 71% planning to increase usage by 2026-2027.

Software development

fromDevOps.com

Agentic AI for Defense: How Checkmarx Turns Security into a Coding Partner - DevOps.com

Agentic AI proactively identifies and addresses security vulnerabilities in real-time during code development, enhancing application security significantly.

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Agentic AI is transforming cybersecurity, presenting both opportunities for defenders and risks for attackers, necessitating a strategic response from the industry.

more#agentic-ai

fromTNW | Eu

EU data protection

EU child safety push stalls as ePrivacy derogation expires, age verification app hacked, and CSA Regulation stuck in trilogue

Europe's child protection efforts conflict with privacy laws, complicating the detection of online child exploitation.

#ai

fromComputerworld

European startups

Germany's sovereign AI hope changes hands

fromThe Hill

Can AI agents protect our privacy?

AI is transforming the web, increasing privacy risks while offering opportunities to improve data protection.

fromwww.cbc.ca

Anthropic's latest AI model is sparking fears from cybersecurity experts and the banking sector. Here's why. | CBC News

Mythos, Anthropic's advanced AI model, poses cybersecurity risks by uncovering vulnerabilities faster than they can be fixed.

fromMedium

Artificial intelligence

How to mitigate the risk of AI implementation in enterprise environments

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromHarvard Gazette

Got personal financial, medical data you'd like to keep private? Good luck.Got personal financial, medical data you'd like to keep private? Good luck. - Harvard Gazette

New AI models may increase the risk of cybercriminals breaching secure systems, exposing personal data.

European startups

fromComputerworld

Germany's sovereign AI hope changes hands

Aleph Alpha is merging with Canada's Cohere to create a powerful AI entity amid Europe's push for technological independence from US vendors.

fromThe Hill

Can AI agents protect our privacy?

AI is transforming the web, increasing privacy risks while offering opportunities to improve data protection.

fromwww.cbc.ca

Anthropic's latest AI model is sparking fears from cybersecurity experts and the banking sector. Here's why. | CBC News

Mythos, Anthropic's advanced AI model, poses cybersecurity risks by uncovering vulnerabilities faster than they can be fixed.

fromMedium

How to mitigate the risk of AI implementation in enterprise environments

Only about 5% of AI projects deliver measurable business value despite high expectations.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromHarvard Gazette

Got personal financial, medical data you'd like to keep private? Good luck.Got personal financial, medical data you'd like to keep private? Good luck. - Harvard Gazette

New AI models may increase the risk of cybercriminals breaching secure systems, exposing personal data.

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.

Digital life

fromThe New Yorker

The Anguish of Data Loss

Data preservation is crucial, yet digital devices are fragile and often treated carelessly, leading to significant loss when data is not backed up.

Marketing tech

fromThedrum

The GumGum Platform Achieves Global SOC 2 Compliance, Setting Standards for Data Security

GumGum achieved SOC 2 compliance, enhancing data security and system reliability for partners and customers globally.

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.

France news

fromEngadget

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.

France news

fromTechCrunch

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.

France news

fromEngadget

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.

Addressing the challenges of unstructured data governance for AI

Enterprises must enhance data governance for unstructured data as AI transforms data management practices.

Fundraising

fromIndependent

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.

Remote Desktop security beefed up with hard-to-read messages

Microsoft's Remote Desktop update has a bug preventing security warnings from displaying correctly for some users.

Business intelligence

How Physical Security Data Is Supporting Public Safety Challenges

Physical security data is primarily used for officer safety, situational awareness, and responding to public safety emergencies.

Some Interrail travellers told to cancel passports as hacked data posted online

Holidaymakers in Europe must replace passports after personal data was hacked and sold on the dark web, causing stress and financial burden.

Deliverability

fromWordtothewise

DKIM2: What it means for the future of email

DKIM2 is a new email authentication protocol in development, improving security and reliability over DKIM and addressing issues from previous methods.

fromNature

Researchers: here's how to audit your fragmented digital identity

A search for 'Guo Wei' in ORCID returned 616 profiles, none affiliated with the Jiangsu University of Science and Technology, highlighting the difficulty in verifying academic identities.

Higher education

fromThe Hacker News

Toxic Combinations: When Cross-App Permissions Stack into Risk

Moltbook's database exposure revealed significant security risks, including unencrypted credentials and API tokens, due to poor oversight of AI agent integrations.

fromIT Brew

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.

#privacy

fromAdExchanger

Privacy professionals

Does The New Federal Data Privacy Bill Have A Snowball's Chance Of Passing? | AdExchanger

Privacy professionals

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

fromMIT Technology Review

Building trust in the AI era with privacy-led UX

Well-designed consent experiences enhance trust and business performance, evolving privacy into an ongoing relationship rather than a one-time transaction.

Privacy technologies

Claude Desktop changes software permissions without consent

Privacy technologies

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Information security

Strong Privacy Requires Strong Security - and GenAI Raises the Stakes

fromAdExchanger

Does The New Federal Data Privacy Bill Have A Snowball's Chance Of Passing? | AdExchanger

House Republicans introduced the SECURE Data Act to create a national privacy standard that preempts state laws, targeting large data-handling companies.

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.

fromMIT Technology Review

Building trust in the AI era with privacy-led UX

Well-designed consent experiences enhance trust and business performance, evolving privacy into an ongoing relationship rather than a one-time transaction.

Claude Desktop changes software permissions without consent

Claude Desktop installs files affecting other apps without consent, violating privacy laws and raising concerns about its classification as spyware.

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.

fromPrivacy International

Information security

Strong Privacy Requires Strong Security - and GenAI Raises the Stakes

more#privacy

US news

2 weeks ago

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

#uk-biobank

Private health records of half a million Britons offered for sale on Chinese website

Confidential health records of 500,000 UK Biobank volunteers were found for sale on Alibaba, raising security concerns.

Medical data of half a million Britons on sale in China after Biobank breach | Computer Weekly

Medical data of 500,000 British citizens was offered for sale on a Chinese website after a breach at UK Biobank.

Private health records of half a million Britons offered for sale on Chinese website

Confidential health records of 500,000 UK Biobank volunteers were found for sale on Alibaba, raising security concerns.

Medical data of half a million Britons on sale in China after Biobank breach | Computer Weekly

Medical data of 500,000 British citizens was offered for sale on a Chinese website after a breach at UK Biobank.

more#uk-biobank

Business intelligence

Scaling agentic AI demands a strong data foundation - 4 steps to take first

Trusted quality data is essential for scaling agentic AI adoption in organizations.

Proton CEO: Age checks turn internet into ID checkpoint

Age verification risks transforming the internet into a system requiring identification for all users, compromising anonymity and security.

fromInfoQ

Cloudflare Outlines MCP Architecture as Enterprises Confront Security and Governance Risks

Centralized governance and remote infrastructure are essential for secure Model Context Protocol deployments, addressing risks like prompt injection and supply chain attacks.

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Universities often neglect DNS record maintenance, leading to hijacked subdomains that can appear in search results.

The future of data, privacy and ethics

Misleading practices in e-commerce, such as false stock availability, are regulated by the European Commission to protect consumers.

fromThe Verge

fromElectronic Frontier Foundation

Privacy professionals

A new Republican privacy bill could be 'worse than no standard at all'

Privacy technologies

How ICE Got My Data | EFFector 38.8

I tried to wipe my digital footprint without paying for a data removal service - 5 free ways

Most sensitive information online is legally collected and aggregated by brokers, but removal is possible with effort and available tools.

Privacy professionals

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

fromThedrum

The future of data, privacy and ethics

Misleading practices in e-commerce, such as false stock availability, are regulated by the European Commission to protect consumers.

fromThe Verge

A new Republican privacy bill could be 'worse than no standard at all'

Congress is attempting to pass a national data privacy law that may weaken protections in some states while strengthening them in others.

fromElectronic Frontier Foundation

How ICE Got My Data | EFFector 38.8

Tech companies may compromise user data when pressured by the government, as seen in a case involving Google and ICE.

I tried to wipe my digital footprint without paying for a data removal service - 5 free ways

Most sensitive information online is legally collected and aggregated by brokers, but removal is possible with effort and available tools.

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

#ai-security

fromTechRepublic

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.

fromFortune

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

AI systems are becoming attractive targets for adversaries, with vulnerabilities discovered faster than developers can respond.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

fromTechRepublic

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.

fromFortune

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

AI systems are becoming attractive targets for adversaries, with vulnerabilities discovered faster than developers can respond.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

more#ai-security

fromwww.bankingdive.com

How proactive DEX strengthens IT compliance in financial services

Proactive DEX management helps financial services organizations address compliance challenges by continuously monitoring and improving the digital workplace.

fromTechRepublic

The Top 8 Enterprise VPN Solutions

Secure remote connections are critical for businesses to prevent data breaches, with enterprise VPN solutions being a top priority.

#data-security

fromwww.bbc.com

Biobank data incident caused by 'a few bad apples', boss says

BBC Datasets containing de-identified volunteer information were found for sale on Alibaba, prompting scrutiny and temporary suspension of access to the research platform.

Information security

How to Keep Your Company's Data Out of the Wrong Hands

fromwww.bbc.com

Biobank data incident caused by 'a few bad apples', boss says

BBC Datasets containing de-identified volunteer information were found for sale on Alibaba, prompting scrutiny and temporary suspension of access to the research platform.

Information security

How to Keep Your Company's Data Out of the Wrong Hands

more#data-security

Meta tracking employee keystrokes to train AI is probably legal. Experts say that doesn't make it ethical

Meta Platforms is implementing software to track employee computer usage to train AI models, raising privacy concerns amid potential layoffs.

fromnews.bitcoin.com

Beyond the Breach: Why rsETH's Depegging Demands a New Standard for Bridge Security

KelpDAO's rsETH depegged after a breach, highlighting the need for improved bridge security in collateral risk management.

fromTechzine Global

Lovable under fire over data breach

Lovable faced criticism for a vulnerability that exposed users' sensitive data, including source code and chat history, due to insufficient access controls.

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.

fromComputerworld

CISA last in line for access to Anthropic Mythos

CISA lacks access to Anthropic's AI model Claude Mythos, while unauthorized users have gained access, raising cybersecurity concerns.

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

Security Leaders Discuss the Claude Mythos Breach

Security leaders emphasize the urgent need for AI-enabled cybersecurity measures in response to the Claude Mythos breach.

1Password sees AI as both threat and tool

AI presents both risks and opportunities for password management, requiring firms to balance security with the potential for careless app development.

fromInfoWorld

Offer customers passkeys by default, UK's NCSC tells enterprises

Passkeys are recommended as the primary authentication method due to their security against phishing and credential reuse.

fromInfoWorld

1 month ago

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

Anthropic's Mythos raises the stakes for security validation | Computer Weekly

The rise of autonomous AI in security introduces unpredictability, complicating the validation of defenses against evolving threats.

fromFortune

The Mythos meeting focused on the wrong AI risk to banks. Here's the one nobody is talking about | Fortune

Artificial intelligence is transforming fraud into a machine-driven, scalable threat, posing risks beyond traditional cyber attacks.

fromMedCity News

1 month ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

fromThe Hacker News

2 weeks ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

AI Can Delete Your Data. Here's Your Prevention Plan.

Never feel that you are totally safe. In July 2025, one company learned the hard way after an AI coding assistant it dearly trusted from Replit ended up breaching a "code freeze" and implemented a command that ended up deleting its entire product database. This was a huge blow to the staff. It effectively meant that months of extremely hard work, comprising 1,200 executive records and 1,196 company records, ended up going away.

Artificial intelligence

1 month ago

Age verification isn't sage verification inside OSes

California's Digital Age Assurance Act attempts age verification for minors but is vague, incoherent, and creates liability risks without clearly defining compliance requirements or addressing practical implementation across diverse computing devices.

3 weeks ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

fromCoindesk