data compromised | Breaking Cybersecurity News | The Hacker News

Just last month, the most popular messaging app WhatsApp updated its privacy policy and T&Cs to start sharing its user data with its parent company, and now both the companies are in trouble, at least in Germany and India. Both Facebook, as well as WhatsApp, have been told to immediately stop collecting and storing data on roughly 35 Million WhatsApp users in Germany. The Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar even ordered Facebook on Tuesday to delete all data that has already been forwarded to WhatsApp since August. Also in India, the Delhi High Court on September 23 ordered WhatsApp to delete all users' data from its servers up until September 25 when the company's new privacy policy came into effect. When Facebook first acquired WhatsApp for $19 billion in cash in 2014, WhatsApp made a promise that its users' data would not be shared between both companies. But now apparently this has changed, which, according to Caspa...

U.S. intelligence agencies traced a recent cyber intrusion into U.S. Army database that holds sensitive information about vulnerabilities in U.S. dams.  The U.S. Army Corps of Engineers National Inventory of Dams contains information about 79,000 dams throughout the country and tracks such information as the number of estimated deaths that could occur if a specific dam failed. The database also holds sensitive information, including vulnerabilities, of every major dam throughout the country. Michelle Van Cleave, a former consultant to the CIA, told the Beacon that the data breach appeared to be part of a greater effort to collect vulnerability and targeting data for future cyber or military attacks. The Corps of Engineers National Inventory of Dams was hacked by an unauthorized user believed to be from Chinese government or military cyber warriors, beginning in January and uncovered earlier this month. " In the wrong hands, the Army Corps of Engineers...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...