Aggregator

Christian Dior Couture, the luxury fashion house owned by Louis Vuitton, has begun notifying customers of a major cybersecurity incident that exposed sensitive personal information of clients.  The breach, discovered in May 2025, involved unauthorized access to customer databases containing personal data including names, addresses, dates of birth, and in some cases, Social Security numbers. […]

The post Dior, a Louis Vuitton Brand, Alerts Customers Following Cyber Attack appeared first on Cyber Security News.

根据《个人信息保护法》《个人信息保护合规审计管理办法》等法律法规规章规定，现就开展个人信息保护负责人信息报送工作有关事项公告如下：

一、信息报送要求

根据《个人信息保护法》第五十二条、《个人信息保护合规审计管理办法》第十二条规定，处理100万人以上个人信息的个人信息处理者，应当向所在地设区的市级网信部门履行个人信息保护负责人信息报送手续。

二、信息报送时间

（一）自本公告发布之日起，个人信息处理者处理个人信息达到100万人的，应当自数量达到之日起30个工作日内完成信息报送。

（二）本公告发布前，个人信息处理者处理个人信息数量已经达到100万人的，应当在2025年8月29日前完成信息报送。

（三）报送信息发生实质性变更的，应当在变更之日起30个工作日内办理信息变更手续。

三、信息报送方式

个人信息保护负责人信息报送工作采用线上方式。请直接访问“个人信息保护业务系统”（https://grxxbh.cacdtsc.cn），按照系统首页提供的《个人信息保护负责人信息报送系统填报说明（第一版）》，准备相关材料并履行信息报送手续，也可从中国网信网（https://www.cac.gov.cn）首页“全国网信政务办事大厅”栏目访问“个人信息保护业务系统”。

四、法律责任

未按照《个人信息保护法》《个人信息保护合规审计管理办法》等法律法规规章的规定履行信息报送手续的，依照有关法律法规规章的规定处理。

特此公告。

国家互联网信息办公室

2025年7月18日

来源：“网信中国”微信公众号

新型信息基础设施加速布局，互联网基础资源持续丰富，为互联网普及和数字经济发展提供了坚实支撑。CNNIC第56次报告数据显示，截至今年6月，我国网民规模已达11.23亿人，互联网普及率达79.7%，移动用户上网流量连续6个月实现两位数增长。与此同时，人工智能应用场景不断深化，构建起覆盖多领域的智能应用生态，APP已深度融入公众日常工作与生活的方方面面。

然而，伴随国家监管体系日趋严格与用户隐私保护意识的显著增强，企业正面临前所未有的复杂合规挑战：

·APP业务场景日益多元化、功能组件持续复杂化，如何精准界定并确保信息采集的合规性与合理性？

·面对层出不穷的监管手段和日益精细化的技术合规要求，如何清晰洞察并验证集成的第三方软件数据是否合规？

·加之检测标准与法律条文的多头化，如何将抽象条款中的具体检测事项有效落地执行？

以上构成了当前企业移动应用合规管理的核心困境。梆梆安全建议企业亟需完善移动应用全生命周期的合规检测能力。通过构建常态化、持续化的安全合规机制，赋能企业在动态变化的监管环境中精准识别风险、高效落实要求，将合规压力转化为内生动力，筑牢企业发展的安全基石。

移动应用合规检测框架

梆梆安全依托十余年深耕移动安全领域的技术沉淀与实践经验，系统性搭建了专业的移动应用合规检测框架，通过覆盖应用全生命周期的自动化检测与深度分析，精准识别隐私合规性问题并输出风险评估报告及整改建议，助力企业高效构建合规防线。

1.个人信息隐私合规评估及咨询

依托多年技术沉淀，以为“自动化检测+人工审查”形式，根据企业用户业务场景，提供从合规检测、风险评估到整改落地的一站式安全服务。

2. 个人信息保护合规审计

依据法律法规及监管要求提供合规审计服务，包括管理制度审计、安全措施有效性审计、个人信息处理活动合规审计、法律文件合规审计，涵盖数据处理、跨境传输、安全措施等17项检测大类，助力企业识别风险、建立或完善合规体系，有效规避或降低监管风险、高效处置消费者投诉。

3. 移动应用合规平台

借助深度定制化的检测沙箱、利用自动化脱壳、应用自动化遍历及人工深度辅助测试等技术，全面发现应用权限信息、集成第三方SDK信息，动态行为信息、通过场景化分析，发现应用潜在的隐私合规问题，帮助用户发现应用违规行为并输出合规评估报告及整改建议。

Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft confirmed over the weekend that threat actors are actively exploiting two zero-day vulnerabilities in on-premises SharePoint servers, designated CVE-2025-53770 and CVE-2025-53771. The attacks, dubbed “ToolShell” by security researchers, have compromised dozens of […]

The post Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day appeared first on Cyber Security News.

Data breaches seem to pop up in the news every other week, so it’s no surprise that keeping sensitive information safe has jumped to the top of the priority list for just about every industry. Hardware-encrypted drives like the iStorage diskAshur PRO3 address this need by offering physical security combined with convenience and flexibility. I’ve been trying out the 2TB SSD version of the diskAshur PRO3 to see how it holds up in everyday use. … More →

The post Product showcase: iStorage diskAshur PRO³ appeared first on Help Net Security.

A single compromised password has been identified as the catalyst that destroyed a century-old transport company and displaced 700 employees, highlighting the devastating impact of cybersecurity vulnerabilities on British businesses. The case of KNP, a Northamptonshire-based logistics firm, represents a stark warning about the growing ransomware threat facing UK enterprises. KNP, which had operated for […]

The post Weak Password Enables Ransomware Attack on 158-Year-Old Firm appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In this Help Net Security video, Chad Humphries, Solution Consultant, Networks & Cyber Security at Rockwell Automation, explores how cyber risk quantification is becoming essential for modern organizations. He breaks down global legal frameworks, AI’s growing role in dispute resolution, and how regulatory changes are redefining liability. Learn why understanding technical debt, fiduciary obligations, and “secure by design” standards is crucial for protecting your business and making informed cybersecurity investment decisions.

The post What the law says about your next data breach appeared first on Help Net Security.

Dell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breach, which occurred earlier this month, represents another high-profile attack by the newly rebranded threat actor formerly known as Hunters International. […]

The post Dell Data Breach – World Leaks Group Hacks Test Lab Platform appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A financially motivated threat group dubbed Greedy Sponge has been systematically targeting Mexican financial institutions and organizations since 2021 with a heavily modified version of the AllaKore remote access trojan (RAT). The campaign represents a sophisticated evolution of cybercriminal tactics, combining traditional social engineering with advanced technical capabilities designed specifically for financial fraud operations. The […]

The post Greedy Sponge Hackers Attacking Financial Institutions With Modified Version of AllaKore RAT appeared first on Cyber Security News.

Printer platform security is often overlooked in enterprise security strategies, creating security gaps, according to HP Wolf Security. By addressing security at every stage, organizations can strengthen their defenses and ensure their print infrastructure remains a trusted part of their IT ecosystem. The report reveals that during the ongoing management stage, just 36% of IT and security decision-makers (ITSDMs) apply firmware updates promptly. This is despite IT teams spending 3.5 hours per printer per month … More →

The post Enterprise printer security fails at every stage appeared first on Help Net Security.