Regulation | Breaking Cybersecurity News | The Hacker News

The U.K.'s Information Commissioner's Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country. To that end, the watchdog said it's probing how the ByteDance-owned video-sharing service uses the personal data of children in the age range to surface recommendations and deliver suggested content to their feeds. "This is in light of growing concerns about social media and video sharing platforms using data generated by children's online activity in their recommender systems, which could lead to young people being served inappropriate or harmful content," the ICO said . Separately, the data protection regulator said it's also looking into Imgur and Reddit to see how they are using children's information and the measures they are taking to assess the age of their users and tailor content based on that criteria. The ICO ...

Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data from being potentially accessed by the Chinese government. The complaints have been filed in Austria, Belgium, Greece, Italy, and the Netherlands. "Given that China is an authoritarian surveillance state, it is crystal clear that China doesn't offer the same level of data protection as the E.U.," Kleanthi Sardeli, data protection lawyer at noyb, said . "Transferring Europeans' personal data is clearly unlawful – and must be terminated immediately." Noyb noted that the companies have no choice but to comply with Chinese authorities' requests for access to d...

Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small. The question is, what can security teams do about it? Have no fear, because Identity Threat Detection and Response (ITDR) is here to save the day. It's essential to have the visibility and response mechanisms to stop attacks before they become breaches. Here's the super lineup that every team needs to stop SaaS identity threats. #1 Full coverage: cover every angle  Like Cap's shield, this defense should cover every angle. Traditional threat detection tools such as XDRs and EDRs fail to cover SaaS applications and leave organizations vulnerable. SaaS identity threat detection and re...