private data | Breaking Cybersecurity News | The Hacker News

If you reside in China, your Internet life within the borders will soon be even more challenging. Last Friday, China's top Internet regulator announced a new set of rules that would force citizens to post comments using their real-world identities on Internet forums and other web platforms. Yes, you heard that right. Anonymity is about to die in the country. The Cyberspace Administration of China (CAC) will start officially enforcing the new rules starting from October 1, 2017, requiring websites operators and service providers of online forums to request and verify real names and other personal information from users when they register and must immediately report illegal content to the authorities. According to the CAC, the following content would be considered unlawful and forbidden from being published online: Opposing the basic principles as defined in the Constitution Endangering national security Damaging nation's honor and interests Inciting national ha...

For millions of low income families, the federal government's Lifeline program offers affordable phone service. But an online security lapse has exposed tens of thousands of them to an increased risk of identity theft, after their Social Security numbers, birth dates and other pieces of highly sensitive information were included in files posted publicly online. Reporters with Scripps were investigating Lifeline, a government benefit-program that provides low-income Americans with discounted phone service, when they came across the sensitive data. They discovered 170,000 Lifeline phone customer records online through a basic Google search that contained everything needed for identity theft. They asked for an interview with the COO of TerraCom and YourTel, which are the telcos who look after Lifeline,but they threatened reporters who found a security hole in their Lifeline phone system with charges under the Computer Fraud and Abuse Act. Then, the blame-the...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...