7MS #294: GDPR Me ASAP
7 Minute Security18 Tammi 2018

7MS #294: GDPR Me ASAP

GDPR in a nutshell

GDPR, in a nutshell, is a set of legal regulations focused on the privacy of personal information for EU citizens - no matter where they are. Entities that store and/or process personal information about EU citizens must clearly explain to the citizens what data is being stored and processed, and any parties the data is being shared with. The citizens must opt-in and agree to each instance or reason that their data is being stored and processed. The citizens also must be able to, at any time, request a copy of the data or request that it be deleted.

How does GDPR define "personal data"

As “any information relating to an identified or identifiable natural person."

When do GDPR regulations start being enforced?

May 25, 2018.

What are the key roles organizations need to be aware of as it relates to handling data under GDPR regulations?

Two primary roles:

Controller

An entity that determines the purposes, conditions and means of the processing of personal data

Processor

An entity which processes personal data on behalf of the controller

What are the GDPR lawful basis for processing data?

  • Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

  • Contract

  • Legal obligation

  • Vital interests

  • Public task

  • Legitimate interests

Are there any good step-by-step guides to GDPR compliance?

This site lays things out at a high level with a 12-step program, if you will.

How can I learn more about GDPR?

This http://gdprandyou.ie/ site is a great GDPR primer, and this PDF from Imperva is good as well. I also googled GDPR for dummies and found some good results too :-)

Jaksot(689)

7MS #658: WPA3 Downgrade Attacks

7MS #658: WPA3 Downgrade Attacks

Hey friends, today we cover: The shiny new 7MinSec Club BPATTY updates A talk-through of the WPA3 downgrade attack, complemented by the YouTube livestream

17 Tammi 32min

7MS #657: Writing Rad Security Documentation with Retype

7MS #657: Writing Rad Security Documentation with Retype

Hello friends!  Today we’re talking about a neat and quick-to-setup documentation service called Retype.  In a nutshell, you can get Retype installed on GitHub pages in about 5 minutes and be writing beautiful markdown pages (with built-in search) immediately.  I still absolutely love Docusaurus, but I think Retype definitely gives it a run for its money.

10 Tammi 20min

7MS #656: How to Succeed in Business Without Really Crying - Part 21

7MS #656: How to Succeed in Business Without Really Crying - Part 21

Happy new year friends! Today we talk about business/personal resolutions, including: New year’s resolution on the 7MinSec biz side to have a better work/life balance New training offering in the works Considering Substack as a communications platform A mental health booster that I came across mostly by accident

3 Tammi 45min

7MS #655: Happy Hacking Holidays

7MS #655: Happy Hacking Holidays

Today we’re doing a milkshake of several topics: wireless pentest pwnage, automating the boring pentest stuff with cursor.ai, and some closing business thoughts at 7MinSec celebrates its 7th year as a security consultancy.  Links discussed today: AWUS036ACH wifi card (not my favorite anymore) Panda PAU09 N600 (love this one!) The very important Github issue that helped me better understand BPFs and WPA3 attacks TrustedSec article on WPA3 downgrade attacks

30 Joulu 202458min

7MS #654: Tales of Pentest Pwnage – Part 67

7MS #654: Tales of Pentest Pwnage – Part 67

Today we’ve got some super cool stuff to cover today!  First up, BPATTY v1.4 is out and has a slug of cool things: A whole new section on old-school wifi tools like airmon-ng, aireplay-ng and airodump-ng Syntax on using two different tools to parse creds from Dehashed An updated tutorial on using Gophish for phishing campaigns The cocoa-flavored cherry on top is a tale of pentest pwnage that includes: Abusing SCCM Finding gold in SQL configuration/security audits

13 Joulu 202441min

7MS #653: How to Succeed in Business Without Really Crying – Part 20

7MS #653: How to Succeed in Business Without Really Crying – Part 20

Hey friends, today we’re talking about tips to effectively present your technical assessment to a variety of audiences – from lovely IT and security nerds to C-levels, the board and beyond!

6 Joulu 202449min

7MS #652: Securing Your Mental Health - Part 6

7MS #652: Securing Your Mental Health - Part 6

Today’s episode talks about some things that helped me get through a stressful and hospital-visit-filled Thanksgiving week, including: Journaling Meditation (An activity I’m ashamed of but has actually done wonders for my mental health)

2 Joulu 202441min

7MS #651: Tales of Pentest Pwnage – Part 66

7MS #651: Tales of Pentest Pwnage – Part 66

Hey friends, we’ve got a short but sweet tale of pentest pwnage for you today. Key lessons learned: Definitely consider BallisKit for your EDR-evasion needs If you get local admin to a box, enumerate, enumerate, enumerate!  There might be a delicious task or service set to run as a domain admin that can quickly escalate your privileges!

22 Marras 202431min

Suosittua kategoriassa Politiikka ja uutiset

ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
aikalisa
rss-podme-livebox
politiikan-puskaradio
rss-vaalirankkurit-podcast
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
rikosmyytit
rss-hyvaa-huomenta-bryssel
linda-maria
rss-sinivalkoinen-islam
the-ulkopolitist
rss-mina-ukkola
rss-raha-talous-ja-politiikka
rss-kaikki-uusiksi
aihe
radio-antro
rss-merja-mahkan-rahat
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset