Zoom, the widely used video conferencing platform, is facing scrutiny over recent changes to its terms of service (TOS) that grant the company the right to scrape customer accounts for AI data collection. While Zoom has made partial concessions in response to user backlash, experts are questioning whether the new terms may still be in violation of European Union (EU) regulations governing data privacy.
The rapid rise of connected vehicles has led to a new era of convenience and functionality in the automotive industry, but it has also ignited a debate over data privacy. With the proliferation of internet-enabled features in cars, concerns are mounting that personal information collected by car manufacturers may potentially violate California's strict privacy laws.
The European Parliament has released an extensive briefing on the Network and Information Security (NIS) Directive's successor, the NIS2 Directive. The briefing, published on August 2nd, outlines the key provisions and objectives of the NIS2 Directive, marking a crucial step in fortifying the EU's cybersecurity framework.
In a joint effort to enhance cybersecurity awareness and preparedness, the cybersecurity authorities of the Five Eyes (FVEY) intelligence alliance, including the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA, have released a list of the top 12 most exploited vulnerabilities throughout 2022. This publication sheds light on cybercriminals' preference for targeting older unpatched security flaws to carry out their malicious activities.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has introduced its comprehensive Cybersecurity Strategic Plan for the fiscal years 2024-2026, outlining a new vision for fortified cybersecurity that emphasizes collaboration, innovation, and accountability. The plan is aligned with the National Cybersecurity Strategy and embedded within CISA's 2023-2025 Strategic Plan, establishing a roadmap for the agency to navigate towards a future marked by infrequent cyber intrusions, bolstered organizational security and resilience, and technology products designed and default-secured for safety.
A new breed of virtual assistant software has surfaced in underground forums, catering to "black hat" hackers seeking illicit gains. These emerging tools, harnessing the power of generative AI models akin to those behind ChatGPT, have adopted monikers such as "FraudGPT" and "WormGPT," promising functionalities spanning from crafting malicious software and phishing emails to constructing attack sites and pinpointing vulnerabilities. Notably, their effectiveness shines in facilitating business email compromise (BEC) attacks.
The Dubai International Financial Centre (DIFC) has taken a significant step in data protection by issuing an adequacy determination that establishes the equivalence of the California Consumer Privacy Act of 2018 (CCPA) with the DIFC's Data Protection Law. This recognition underscores the importance of strong consumer privacy rights in the digital age and highlights the CCPA's leadership in shaping commercial privacy laws.