home.social

#datasec — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #datasec, aggregated by home.social.

  1. cybernews.com/security/global-

    Speaking of ID verification companies being shady, #IDMerit, a global AI-based identity verification and "Know Your Customer" (KYC) solutions provider, left a terabyte of user data and biometrics on the open web. The breach exposed approximately 1 billion to 3 billion personal records across 26 countries, making it a significant event for data privacy in the financial and fintech.

    Call me Cassandra. 🤷🏻‍♀️🤦‍♀️ #infosec #datasec #ageverification #surveillance

  2. theshamblog.com/an-ai-agent-pu

    This is a terrifying piece about what #OpenClaw has unleashed with its #agentic#ai” bots. Scott is a volunteer maintainer for #matplotlib, #python’s go-to plotting library. An agent tied to merge code, and Scott said no. The agent, apparently autonomously, proceeded to attempt to blackmail Scott, and when that didn’t work started posting hallucinations attacking Scott.

    His lead in to the article: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation and shame me into accepting its changes into a mainstream python library. This represents a first-of-its-kind case study of misaligned AI behavior in the wild, and raises serious concerns about currently deployed AI agents executing blackmail threats.

    This nonsense needs to be nipped in the bud.

    #infosec #datasec

  3. Using Microsoft cloud for Police Scotland violates data protection laws, will keep doing it anyway. Not sure why Microsoft always gets a pass on these things!

    computerweekly.com/news/366629

    #Microsoft #Scotland #UKPol #DataSec

  4. "A systematic review published last month asks the question, how good at people are judging the accuracy of the news?" www.psychologytoday.com/us/blog/evid... #fakenews #media accuracy #infosec #datasec #cybersec

    How Well Can People Spot Fake ...

  5. Not sure I like the openness of ParkRun's data. Without a login you can get a lot of info about a particular runner. Thieves can figure out when you're likely to be out and grab your stuff. Insurers & bureaucrats can see how fit you really are. Your age is given away to the nearest 5 years. Seems a bit like accidental self doxxing.
    Do any #infosec people have an opinion?
    Click on a name to see what I mean:
    parkrun.co.nz/universityofwaik
    #ParkRun #running #datasec #doxxed

  6. What's your preferred method to send sensible documents via unencrypted email, but otherwise protected/encrypted? This is macos-specific, no Microsoft products in use here, not using Apple Mail, have PGP, but receiver doesn't.

    Protecting a document or .zip from it with a good password doesn't seem enough.
    And sending such docs via Wetransfer or such also seems weird.

    Thanks for any help in advance.
    #datasec #privacy • sent from #Hubzilla at #Fediverse. • sent from #Hubzilla at #Fediverse.
  7. ❓ Have you ever wondered how data encryption works and what's the difference between data-at-rest and data-in-use? If yes, check out our latest blog post on Data At Rest Encryption (#DARE).

    Simplyblock provides data-at-rest encryption with a fully multi-tenant DARE feature set, which means that you can encrypt multiple logical volumes (virtual block devices) with the same key or one key per logical volume.

    simplyblock.io/blog/encryption

    #DataBreach #DataSec #encryption

  8. Has anyone heard of IDX.us? It's supposed to be an "identity protection service" like Lifelock. I am suspicious that it's not .com

    I just got a letter from a law firm, Berry Dunn McNeil and Parker about a significant Sep 2023 health data breach involving my #data #privacy #ProtectedData #breach #IDtheft #DataSec

    The data belonged to Reliable Networks of Maine. I haven't been in Maine since 1979 but maybe they handle national data.

    I don't want to give IDX any data if this whole thing is a #scam or elaborate #phishing ruse #security