Loading

NoxPlayer Android Emulator Supply-Chain Attack

It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company’s…

Backdoor in Zyxel Firewalls and Gateways

This is bad: More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the…

Have you met the DSP Toolkit deadline?

Earlier this year, NHS Digital confirmed that it was extending the 2020/2021 compliance deadline for DSP (Data Security and Protection) Toolkit until 30 September in light of the COVID-19 pandemic. If you’re not already compliant,…

Your DPO questions answered

Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect earlier this year. For many, that has included the…

What is data loss and how does it…

Data loss refers to the destruction of sensitive information. It’s a specific type of data breach, falling into the ‘availability’ category of data security (the other two categories being ‘confidentiality’ and ‘integrity’). Data can be…

Loading

GDPR data transfer rules: what you need to…

If you’re transferring data outside of the EEA, the GDPR (General Data Protection Regulation) imposes some restrictions. These apply to all data transfers, no matter the size of the transfer or how often you carry them…

GDPR data subject access requests (DSARs): How to…

The GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. This is known as a DSAR (data subject access request). This is not a new concept, but the GDPR introduced several changes…