Questions tagged [sensitive-data-exposure]
126 questions
0
votes
0 answers
Optus cyberattack could have exposed up to 9 million Australians, now what?
Optus cyberattack could have exposed up to 9 million Australians
Hackers have breached Optus’ systems in one of the largest
cyberattacks in Australian history, accessing names, dates of birth,
phone numbers, email addresses, physical addresses and…
user283127
- 1
- 1
0
votes
0 answers
sensitive data exposure from RAM memory
I have software written in C# and compiled as a .exe file.
How can I read sensitive data (like usernames, passwords, etc.) from RAM while it runs?
p.soheyli
- 1
- 1
0
votes
1 answer
Another browser opens URL without logging in
I was required to log in and pay an invoice but for some reason the website did not work with Safari due to a cookie issue as suggested by the alert banner and asked me to use a different browser. I grabbed the complete URL of the logged in page and…
SaraSato
- 3
- 1
0
votes
2 answers
How secure is R and RStudio?
I work at a clinic where we need to pseudonymize patient data. I wrote a small app for this using R (RStudio). R will be installed on computers with access to internet but my idea is to use R offline, i.e. fully blocking it with a firewall in order…
Igor stands with Ukraine
- 103
- 4
0
votes
2 answers
How to classify data sensitivity including accessibility & numbers
When classifying data sensitivity I generally run into a few standard categories such as:
Public
Internal
Confidential
Restricted
Which do generally cover the sensitivity levels but don't make it necessarily easier to categorize the data. I'm…
Light44
- 113
- 3
0
votes
1 answer
What hidden metadata might be embedded in a PDF that is not visible "to the naked eye"?
I have edited a PDF file in Acrobat, which left some metadata and I am wondering:
What metadata might be possible to discern from the end file if I were to send it to external parties?
What actions would be required to be taken to strip not…
Ohan
- 101
0
votes
1 answer
Can adblocker plus read your sensitive data or spy you?
Do adblockers read your sensitive data?
https://adblockplus.org/
I'm referring to this, its open-source but I feel worried.
Mekatoo
- 1
- 1
0
votes
1 answer
How to secure data on production environment
Question
Suppose you design a data lake with sensitive data. Due to immaturity of tools, dynamic data masking is unavailable. You have MFA, encryption at rest, audit logging, ETL processing data and people that develop/support/debug that ETL.
The…
VB_
- 215
- 2
- 9
0
votes
1 answer
How can I obliterate information on a defunct device, and should I?
I have old cell phones with problems that make them useless (non-responsive touch screen, black-on-black display, will not power up). I also have a bunch of solid-state USB memory devices that don't work (e.g. don't connect). I would like to dispose…
user6726
- 101
0
votes
1 answer
Should encryption key be stored remotely?
Consider the following scenarios of storing sensitive data locally on a network connected always-on device:
without any data encryption whatsoever
with encryption, the key stored locally in the device
with encryption, the key stored on a remote…
peter.babic
- 103
- 2
0
votes
0 answers
Web Browser Forgetting Between Users
I am planning to go door-to-door and host events in which people use a computer to login to the Arizona Secretary of State website, enter sensitive information (like address, social security number, driver's license number), to register to vote or…
Eliter
- 51
- 1
- 2
0
votes
1 answer
Is it good idea to re-authenticate a user to access sensitive actions and data?
In a web application there are several pages in which you have sensitvie data and actions like access controls or user management page. Is it a good idea to re-authenticate user to access those pages? If yes, should they be re-authenticated for each…
yenafaramn
- 3
- 2
0
votes
3 answers
What security concerns are there regarding website users inputting personal financial data without putting in personally identifying data?
I am a web developer, but I have only a rudimentary grasp of security, e.g., be careful to sanitize inputs, store as little user data as possible, encrypt passwords, keep up with security issues of libraries and packages, etc.
Today, I was…
user
- 103
- 3
0
votes
0 answers
Ionic local storage store sensitive data for private app
I'm new to the ionic framework and have some basics of it and currently I'm developing a private app for my family only that store some sensitive information in the localstorage. I used some crypto libraries to encrypt the whole data to prevent…
hacek
- 1
0
votes
1 answer
What kind of local information are desktop applications capable to retrieve (and use) from my computer?
I've already seen on Windows what kind of information the Steam application is sending online: time, place and device of the connection, time passed playing the games, payments, mail, numbers, etc. All this data looks related to the use of that…
user223275