From lawsuit to logoff: Google's incognito mode makeover.
Apr 2, 2024
auto_awesome
Jeff Reich, Executive Director of IDSA, discusses identity security best practices, AI's impact, and upcoming events. Google settles class action lawsuit, NIST tackles NVD backlog, India rescues citizens from cybercrime, UK-US AI collaboration, FTC tracks impersonation fraud surge, breach exposes customer data, and Prudential Financial informs of data breach. Hotel chain vulnerability also discussed.
Google improves incognito mode to enhance user privacy.
NIST addresses backlog in vulnerability database processing.
India rescues citizens from cybercrime scams in Cambodia.
US and UK collaborate to evaluate AI safety risks.
FTC tracks rise in impersonation fraud, emphasizing financial losses.
Deep dives
Google's Settlement on Incognito Browsing Data Privacy
Google has resolved a lawsuit dating back to 2020 by agreeing to delete identifiable private browsing data, adjust incognito mode settings to block certain cookies, and remove any data that could make browsing identifiable. The settlement aims to address concerns about user privacy violations with incognito mode.
NIST's Backlog in Processing Vulnerabilities
The National Institute of Standards and Technology faces a backlog in processing vulnerabilities for its national vulnerability database, attributing the issue to increased software volumes and changes in interagency support. Efforts are underway to establish a consortium and prioritize critical vulnerabilities analysis to address concerns over the database's functionality and transparency.
Indian Citizens Rescued from Cybercrime Scam
The Indian government successfully repatriated 250 citizens from Cambodia who were coerced into cybercrime activities instead of promised jobs. Reports suggest thousands more may still be trapped in similar scams, underscoring the importance of international collaboration in combating cybercrime and ensuring cybersecurity standards.
British and American Collaboration on AI Safety
The UK and US have agreed to collaborate on evaluating emerging generative AI technologies for safety risks. This partnership aims to develop test suites, share knowledge, and enhance AI safety, aligning with broader regulatory efforts to safeguard against AI-related risks to national security and societal well-being.
FTC Reports on Tripled Impersonation Fraud Losses
The Federal Trade Commission notes a significant increase in impersonation fraud losses, reaching over $1.1 billion in 2023. The agency received numerous reports related to business and government impersonation scams, highlighting a shift in scam methods and the rising share of fraud involving bank transfers and cryptocurrency payments.
Panda-Bye Breach Exposes Customer Information
An online shopping platform breach exposed over 1.3 million customers' personal details, including user IDs, names, contact information, and addresses. While the breach was confirmed, the platform has not formally acknowledged it and faces scrutiny for potential concealment.
Prudential Financial Data Breach Notification
Prudential Financial informed over 36,000 individuals about a data breach involving unauthorized access to personal details. The breach, attributed to the Alfv Blackcat Ransomware Group, prompted enhanced security measures and two years of free credit monitoring for affected individuals.
Code 42's CEO on Safeguarding Sensitive Data
Code 42's CEO discusses the critical collaboration between IT security leaders and legal professionals in protecting sensitive data against insider threats. The focus on data protection strategies and GDPR compliance underscores the need for a unified approach to mitigate data risks and ensure comprehensive security.
Identity Security Best Practices Insights
Jeff Reich, Executive Director of the Identity Defined Security Alliance, shares insights on identity security best practices, emphasizing the importance of awareness and protection of identities across various stakeholders. The discussion highlights the need for a collaborative approach and standards for managing identities effectively and securely.
Google agrees to delete billions of user records. NIST addresses the NVD backlog. India rescues hundreds of citizens from scam jobs in Cambodia. The UK and US agree to collaborate on AI safety. The FTC tracks an explosion in impersonation fraud. A PandaBuy breach exposes over 1.3 million customers. Prudential Financial informs over 36,000 customers of a data breach. A look at safeguarding sensitive data. Our guest is Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), with insights on identity security best practices. A dash of curiosity reveals a hotel chain vulnerability.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
