South Korea has suspended new downloads of the Chinese AI chatbot DeepSeek, effective February 15, 2025, due to concerns over its compliance with the country’s data protection laws. The Personal Information Protection Commission (PIPC) cited issues with the app's communication functions and its handling of personal data, particularly in relation to third-party services.

While the app remains accessible via the web, existing users have been warned not to input personal information until necessary changes are made. DeepSeek acknowledged its failure to fully consider South Korea's privacy laws upon launch and agreed to make adjustments to meet the country’s data protection standards.

The National Intelligence Service (NIS) has also raised concerns over DeepSeek's excessive data collection, including vulnerabilities in the Android and iOS versions that transmit unencrypted data. The PIPC will continue to monitor the situation to ensure compliance, and the suspension will...

Be mindful when screen-sharing during video calls, whether in meetings or casual conversations, as it can unintentionally expose sensitive company data or personal information. Before sharing your screen, double-check that no confidential details are visible. To minimize risks, always opt to share only specific windows or applications rather than your entire desktop. This helps protect both personal and business-sensitive information during virtual meetings. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Why It Matters:
Software and systems eventually reach their End-of-Life (EOL), after which they no longer receive security updates, exposing your systems to vulnerabilities and cyberattacks.

Key Actions:

• Track EOL Dates: Keep a record of when each software/system will reach EOL.
• Plan for Upgrades: Transition to supported versions before EOL for continued protection.

Benefits of Upgrading:

• Ongoing Security Updates: Receive timely patches and improvements.
• Better Protection: Minimize the risk of breaches and data loss.

Stay ahead of potential threats. Track,...

Traditional passwords can be easily cracked or stolen. To enhance your security, consider using biometric methods such as fingerprint or facial recognition. These methods provide an extra layer of protection. By setting up biometric login on your devices, you reduce reliance on passwords. This makes it harder for unauthorized users to access your information. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

If you use security questions for your accounts, avoid reusing answers across sites. It’s safer to use a variety of questions and create random, memorable answers that only you know, rather than using easily guessable information like pet names or family details. This makes it harder for attackers to access your accounts and helps protect your personal information.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Before forwarding emails, be mindful of any sensitive information or attachments included. Accidentally sending these to the wrong recipient can expose confidential data. Always review the email carefully to ensure you’re not unintentionally sharing anything private. A quick check can prevent potential security risks and protect sensitive information. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

To protect your privacy, turn off the "always listening" feature on your voice assistant when not in use. Assistants like Siri, Alexa, and Google Assistant can pick up unintended conversations. Disable this feature or mute the microphone to reduce the risk of sensitive information being overheard.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

North Korean hackers are behind the Contagious Interview campaign, which targets victims with fake job interviews. The hackers send a link that causes an error, prompting users to install fake software (like VCam or CameraAccess) for the interview. This leads to the installation of malware called BeaverTail, which steals sensitive data and can install a backdoor named InvisibleFerret.

Discovered in late 2023, the campaign uses fake video-conferencing apps and npm packages to spread malware. In late 2024, new tactics emerged, including tricking macOS users into running harmful commands via the Terminal app to fix camera or microphone issues. The malware can also persist on the system through a LaunchAgent.

The hackers have expanded their targets to include developers by posting fake issues on GitHub and distributing malicious npm packages like postcss-optimizer. They’ve also been linked to phishing attacks spreading the RokRAT malware via malicious...

Avoid downloading apps or software from untrusted sources, as they may contain malicious software or compromise your data. Stick to verified sources like official app stores or company-approved platforms. Always check reviews and verify the source before installing to protect your devices and personal information. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Security is a shared responsibility, and everyone in the organization plays a crucial role. Stay vigilant by constantly being aware of potential threats, both online and offline. Proactively identify risks, and if you notice something suspicious, report it immediately to help prevent potential breaches. Together, we can create a stronger, more secure workplace for everyone. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support.