cybersecurity Archives

Arkansas AG Sues Temu for Data Theft and Privacy Violations

apps, cybersecurity, Enforcement, United States | July 7, 2024

Arkansas Attorney General Tim Griffin sued Chinese e-commerce company Temu for violating the Arkansas Deceptive Trade Practices Act and the Arkansas Personal Information Protection Act. Griffin described Temu as a data-theft business disguised as an online marketplace, alleging it illegally accessed users’ personal information and monetized the data without authorization. The lawsuit targets Temu’s parent companies, PDD Holdings Inc. and WhaleCo Inc., seeking to halt their deceptive practices, impose civil penalties, and provide monetary and equitable relief to affected Arkansas residents.

Arkansas AG Sues Temu for Data Theft and Privacy Violations Read More »

Sweden's PTS Launches E-Service for Cyber Security Act Compliance

Sweden’s Post and Telecom Authority Launches E-Service for Cyber Security Act Compliance

cybersecurity, EU law, Sweden | July 7, 2024

On 24 June 2024, the Swedish Post and Telecom Authority (PTS) introduced an e-service, ‘Are we covered by the CSL?’, to help companies determine if they fall under the new Cyber Security Act, effective 1 January 2025. The Act, which implements the NIS 2 Directive, mandates companies in digital infrastructure, ICT services management, space, postal and courier services, and digital supply to register with PTS. This tool is advisory and assists in evaluating compliance, though final responsibility lies with the companies.

Sweden’s Post and Telecom Authority Launches E-Service for Cyber Security Act Compliance Read More »

Cyber Security Agency of Singapore Publishes IoT Device Security Advisory

cybersecurity, IoT, Singapore | June 19, 2024

The Cyber Security Agency of Singapore (CSA) issued an advisory on securing Internet of Things (IoT) devices. With IoT devices revolutionizing daily life and business, they also attract cyber threats. Common vulnerabilities include weak passwords, insecure network services, and outdated software. The advisory provides measures to protect these devices, such as using strong passphrases, enabling automatic updates, buying from reputable manufacturers, and implementing physical access controls. CSA also advises on steps to take if IoT devices are compromised.

Cyber Security Agency of Singapore Publishes IoT Device Security Advisory Read More »

New Security-Focused Software Testing Measure Added to Danish DPA’s Catalogue

cybersecurity | June 18, 2024

The Danish Data Protection Agency (Datatilsynet) added a new security-focused software testing measure to its catalogue of recommended security actions. This measure aims to identify vulnerabilities in newly developed software, and includes various types of tests, such as vulnerability and penetration tests, ensuring comprehensive security coverage during software development.

New Security-Focused Software Testing Measure Added to Danish DPA’s Catalogue Read More »

CNIL Updates Its Practice Guide for the Security of Personal Data

CNIL, cybersecurity | April 4, 2024

🚀 CNIL’s 2024 update to the Guide on Security of Personal Data is out and here are some key points:

🎓 Aimed at DPOs, CISOs, computer scientists, and privacy lawyers, the guide provides actionable advice for implementing effective security measures in compliance with GDPR Article 32.
🛠️ It offers a structured approach across five key areas: users, IT and equipment, data control, incident preparedness, and and specialized topics, simplifying navigation and understanding of complex security requirements.
🔄 New factsheets on cloud computing, mobile apps, AI, APIs, and data management have been added, reflecting the latest advancements in technology and data security challenges, aiming to provide a comprehensive resource for implementing effective data security measures.

💡Deeper dive in the article! 🔐

CNIL Updates Its Practice Guide for the Security of Personal Data Read More »