dcsimg
January 25, 2021

A week in security (January 18 – January 24)

Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking, studied the vulnerabilities in dnsmasq called DNSpooq, asked if TikTok’s new settings are enough to keep … [Read more...]

Filed Under: a week in security, bec, Brave, chrome, Cisco, dnsmasq, dnspooq, ema, gamarue, IoT, kindle, Malwarebytes news, messenger scam, passwords, phishing, QNAP, singapore, solarwinds, tiktok, whatsapp, zerologon, zoom
May 7, 2020

Data privacy law updates eyed by Singapore

In early 2019, Singapore’s data privacy regulators proposed that the country’s data privacy law could use two new updates—a data breach notification requirement and a right of data portability for the country’s residents. The proposed additions are commonplace in several data privacy laws around the world, including, most notably, the European Union General Data Protection Regulation, or GDPR, … [Read more...]

Filed Under: California, California Consumer Privacy Act, data breach notification, data breach notification law, data breach notification requirement, data portability, data privacy law, data privacy laws, data privacy legislation, EU, European Union, GDPR, general data protection regulation, Malwarebytes news, PDPA, PDPC, Personal Data Protection Act, Personal Data Protection Commission, privacy, singapore
April 15, 2020

Mass surveillance alone will not save us from coronavirus

As the pattern-shattering truth of our new lives drains heavy—as coronavirus rends routines, raids our wellbeing, and whiplashes us between anxiety and fear—we should not look to mass digital surveillance to bring us back to normal. Already, governments have cast vast digital nets. South Koreans are tracked through GPS location history, credit card transactions, and surveillance camera … [Read more...]

Filed Under: Apple, Austria, bluetooth, Bluetooth contact tracing, Bluetooth proximity, California, china, Clearview, Clearview AI, contact tracing, coronavirus, covid-19, Data privacy, Ebola, El Salvador, Google, Hubei, Ireland, Israel, Italy, Lombardy, MERS, Middle East Respiratory Syndrome, National Security Agency, NSA, NSO Group, Opinion, privacy, Privacy International, Section 215, singapore, South Korea, TraceTogether, Tunisia, West Africa
April 7, 2020

Cybersecurity labeling scheme introduced to help users choose safe IoT devices

The Internet of Things (IoT) is a term used to describe a wide variety of devices that are connected to the Internet to improve user experience. For example, a doorbell becomes part of the IoT when it connects to the Internet and allows users to see visitors outside their door. But the way in which some of these IoT devices connect invites serious security and privacy concerns. This has led to … [Read more...]

Filed Under: apac, cls, cybersecurity labeling scheme, IoT, passwords, routers, security labeling scheme, security labelling scheme, singapore, smart home, smart home assistant, smart home hubs
April 2, 2019

The global data privacy roadmap: a question of risk

For most American businesses, complying with US data privacy laws follows a somewhat linear, albeit lengthy, path. Set up a privacy policy, don’t lie to the consumer, and check the specific rules if you’re a health care provider, video streaming company, or kids’ app maker. For American businesses that want to expand to a new market, though, complying with global data privacy laws is more akin to … [Read more...]

Filed Under: Africa, amazon, Argentina, asia, Bahrain, Brazil, china, CNIL, Data privacy, data privacy laws, data protection authority, europe, European Union, GDPR, general data protection regulation, global data privacy, Google, Microsoft, Middle East, National Data Protection Commission, Personal Information Protection Act, privacy, Qatar, singapore, South Korea, whitelist
January 24, 2018

Singapore government gets into the network defense game

There is a common assumption in the infosec community that enormous breaches like those at Equifax, Anthem, and Target are the new norm. That the next mega breach is simply a matter of time. This is because large companies loathe spending money on things that are not directly profitable like secure infrastructure or quality training for employees. Further, there isn’t really any external pressure … [Read more...]

Filed Under: breach, Government, law, privacy, Security world, singapore