Data Protection Archives - Page 3 of 28

Traceable AI announces enhanced data security capabilities to address more specific types of API attacks

Issued by: Help Net Security

At Black Hat USA 2022, Traceable AI announced enhanced capabilities to address more specific types of API attacks, including API abuse and misuse, fraud and malicious API bots, all of which contribute to serious data security and compliance challenges within organizations today. These additional capabilities enable organizations to detect, stop and eliminate these types of…

Cloud Security

Data Security Firm Sotero Raises $8 Million in Seed Funding

Issued by: Security Week

The round was led by OurCrowd, with participation from existing investors Boston Seed Capital, Gutbrain Ventures, and PBJ Capital. Founded in 2017, the Burlington, MA-based Sotero provides a data-focused security platform that allows for the centralized management of data instances, applications, and security point solutions. Sotero’s cloud-native, zero trust solution provides auditability, visibility, governance, and…

Mobile Security

Microsoft Finds Major Security Flaws in Pre-Installed Android Apps

Issued by: Security Week

According to an advisory released Friday by the Microsoft 365 Defender Research Team, a total of four documented vulnerabilities were found – and fixed – in a mobile framework owned by mce Systems, an Israeli company that provides software to mobile carriers. “Coupled with the extensive system privileges that pre-installed apps have, these vulnerabilities could…

Software Security

Netskope Expands Data Protection Capabilities to Endpoint Devices and Private Apps

Issued by: Dark Reading

Netskope, the leader in Security Service Edge (SSE) and zero trust, today announced a key expansion of data protection capabilities to endpoint devices and private apps. The introduction of a patented endpoint data loss prevention (DLP) solution will enable Netskope Intelligent SSE customers to protect data everywhere it moves across the hybrid enterprise. Zero trust…

Malware & Threats

Titaniam Announces Completion of Product Suite

Issued by: Dark Reading

Titaniam, Inc., the industry’s most advanced data protection and cyber immunity platform, today announced its full product offering, the Titaniam Suite. These enhancements and the full set of products give Titaniam an edge as they push back on the larger ransomware problem happening ubiquitously across every industry. Ransomware and extortion-based cyber attacks occur at the…

Network Security

Web-Tracking ‘Cookies’ Meant to Protect Privacy: Inventor

Issued by: Security Week

California-based engineer and entrepreneur Lou Montulli said the original “cookie” he created decades ago was intended to make life online easier by letting websites remember visitors. Yet the technology has become a lightning rod, attacked for helping tech companies collect data on consumers’ habits key to the targeted web ad business that makes many billions…

Malware & Threats

Multi-Factor Authentication Bypass Led to Box Account Takeover

Issued by: Security Week

Because of the vulnerability – which was addressed in November 2021 – an attacker only needed stolen credentials to access an organization’s Box account and steal sensitive data, provided that the account has SMS-based MFA enabled (which has long been proven insecure). Box, which claims that close to 100,000 companies use its platform, allows users…

Software Security

Apache Foundation Calls Out Open-Source Leechers

Issued by: Security Week

“[The] community is defined by those who show up and do the work. Companies that build open source into their products rarely participate in their continued maintenance,” the ASF said in a position paper published ahead of a high-level White House meeting on open-source software security. “Only a tiny percentage of downstream companies (reusing the…

Network Security

Europol Ordered to Delete Data Not Linked With Crime

Issued by: Security Week

The European Data Protection Supervisor said Monday that Europol was notified of the order on Jan. 3 following an inquiry that started in 2019. As part of the investigation, the EDPS said it reprimanded Europol two years ago “for the continued storage of large volumes” of such data, “which poses a risk to individuals’ fundamental…

Malware & Threats

Attackers Hitting VMWare Horizon Servers With Log4j Exploits

Issued by: Security Week

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…