Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking, studied the vulnerabilities in dnsmasq called DNSpooq, asked if TikTok’s new settings are enough to keep … [Read more...]
Data privacy law updates eyed by Singapore
In early 2019, Singapore’s data privacy regulators proposed that the country’s data privacy law could use two new updates—a data breach notification requirement and a right of data portability for the country’s residents. The proposed additions are commonplace in several data privacy laws around the world, including, most notably, the European Union General Data Protection Regulation, or GDPR, … [Read more...]
Cybersecurity labeling scheme introduced to help users choose safe IoT devices
The Internet of Things (IoT) is a term used to describe a wide variety of devices that are connected to the Internet to improve user experience. For example, a doorbell becomes part of the IoT when it connects to the Internet and allows users to see visitors outside their door. But the way in which some of these IoT devices connect invites serious security and privacy concerns. This has led to … [Read more...]
Singapore government gets into the network defense game
There is a common assumption in the infosec community that enormous breaches like those at Equifax, Anthem, and Target are the new norm. That the next mega breach is simply a matter of time. This is because large companies loathe spending money on things that are not directly profitable like secure infrastructure or quality training for employees. Further, there isn’t really any external pressure … [Read more...]