#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Tech Regulation | Breaking Cybersecurity News | The Hacker News

Category — Tech Regulation
South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers

South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers

Nov 06, 2024 Data Privacy / Tech Regulation
Meta has been fined 21.62 billion won ($15.67 million) by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The country's Personal Information Protection Commission (PIPC) said Meta gathered information such as religious affiliations, political views, and same-sex marital status of about 980,000 domestic Facebook users and shared it with 4,000 advertisers. "Specifically, it was found that behavioral information, such as the pages that users 'liked' on Facebook and the ads they clicked on, was analyzed to create and operate advertising topics related to sensitive information," the PIPC said in a press statement. These topics categorized users as following a certain religion, identifying them as a gay or transgender person, or being a defector from North Korea, it added.  T...
LinkedIn Halts AI Data Processing in U.K. Amid Privacy Concerns Raised by ICO

LinkedIn Halts AI Data Processing in U.K. Amid Privacy Concerns Raised by ICO

Sep 21, 2024 Privacy / Artificial Intelligence
The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in the country to train its artificial intelligence (AI) models. "We are pleased that LinkedIn has reflected on the concerns we raised about its approach to training generative AI models with information relating to its U.K. users," Stephen Almond, executive director of regulatory risk, said . "We welcome LinkedIn's confirmation that it has suspended such model training pending further engagement with the ICO." Almond also said the ICO intends to closely keep an eye on companies that offer generative AI capabilities, including Microsoft and LinkedIn, to ensure that they have adequate safeguards in place and take steps to protect the information rights of U.K. users. The development comes after the Microsoft-owned company admitted to training its own AI on users' data without seeking their exp...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

Sep 12, 2024 Regulatory Compliance / Data Protection
The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. "The statutory inquiry concerns the question of whether Google has complied with any obligations that it may have had to undertake an assessment, pursuant to Article 35[2] of the General Data Protection Regulation (Data Protection Impact Assessment), prior to engaging in the processing of the personal data of E.U./E.E.A. data subjects associated with the development of its foundational AI model, Pathways Language Model 2 (PaLM 2)," the DPC said . PaLM 2 is Google's state-of-the-art language model with improved multilingual, reasoning, and coding capabilities. It was unveiled by the company in May 2023. With Google's European headqu...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Meta Halts AI Use in Brazil Following Data Protection Authority's Ban

Meta Halts AI Use in Brazil Following Data Protection Authority's Ban

Jul 18, 2024 Artificial Intelligence / Data Protection
Meta has suspended the use of generative artificial intelligence (GenAI) in Brazil after the country's data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the tools while it is in talks with Brazil's National Data Protection Authority (ANPD) to address the agency's concerns over its use of GenAI technology. Earlier this month, ANPD halted with immediate effect the social media giant's new privacy policy that granted the company access to users' personal data to train its GenAI systems. The decision stems from "the imminent risk of serious and irreparable damage or difficult-to-repair damage to the fundamental rights of the affected data subjects," the agency said. It further set a daily fine of 50,000 reais (about $9,100 as of July 18) in case of non-compliance. Last week, it gave Meta "five more days to p...
Expert Insights / Articles Videos
Cybersecurity Resources