2024, Analysis, Data, Government and Security - Information Management Today

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. GeoServer is an open-source server that allows users to share and edit geospatial data. government entities in Belgium, and telecommunications companies in Thailand and Brazil.

Libraries

Libraries Encryption Cybersecurity Access

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

Webinars

Launching LLM-Based Products: From Concept to Cash in 90 Days

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

MORE WEBINARS

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security

Security Military Ransomware Marketing

Global Data Breaches and Cyber Attacks in 2024

IT Governance

FEBRUARY 5, 2024

29,530,829,012 known records breached so far in 4,645 publicly disclosed incidents Welcome to our 2024 data breaches and cyber attacks page, where you can find an overview of the year’s top security incidents, the most breached sectors of 2024, month-on-month trends, links to our monthly reports, and much more.

Data breaches

Data breaches Security Government Personal data

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Security

Security Data breaches Computer and Electronics Ransomware

Global Data Breaches and Cyber Attacks in February 2024 – 719,366,482 Records Breached

IT Governance

MARCH 5, 2024

IT Governance’s research found the following for February 2024: 712 publicly disclosed security incidents. This blog provides further analysis of the data we’ve collected. This blog provides further analysis of the data we’ve collected. 719,366,482 records known to be breached. After January’s 29.5

Data breaches

Data breaches Sales Government Security

Collibra AI Governance and de-risking unstructured data at Ohalo

Collibra

JULY 2, 2024

But as most businesses recognize, innovation is nothing without the right governance to ensure that risks don’t get out of hand. Many of Collibra’s customers already have AI fed with high quality structured data. What they want is the same thing for unstructured data — in an easy-to-use, well-integrated fashion.

Unstructured data

Unstructured data Government Risk Metadata

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 16, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Patch it now!

Data breaches

Data breaches Security Ransomware Sales

Mastering healthcare data governance with data lineage

IBM Big Data Hub

MAY 9, 2024

The healthcare industry faces arguably the highest stakes when it comes to data governance. For starters, healthcare organizations constantly encounter vast (and ever-increasing) amounts of highly regulated personal data. healthcare, managing the accuracy, quality and integrity of data is the focus of data governance.

Government

Government GDPR Compliance Analytics

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

Governments should recognize electoral processes as critical infrastructure and enact laws to regulate the use of generative Artificial Intelligence. Elections are scheduled in several countries worldwide in 2024, with potential geopolitical implications. Key events include the European Parliament elections in June, the U.S.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). PSIRT and Talos launched an investigation to support the customer.

Government

Government Authentication Communications Access

Global Data Breaches and Cyber Attacks in March 2024 – 299,368,075 Records Breached

IT Governance

APRIL 4, 2024

IT Governance’s research found the following for March 2024: 3,478 publicly disclosed security incidents. To minimise data skewing, we’ve accounted for this by providing two Data Breach Dashboards this month: one including and one excluding the above events. 299,368,075 records known to be breached.

Data breaches

Data breaches Passwords Security Cloud

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Security Affairs

APRIL 8, 2024

Greylock McKinnon Associates, a service provider for the Department of Justice, suffered a data breach that exposed data of 341650 people. GMA disclosed a data breach that impacted medicare and other information belonging to 5465 people. The data breach occurred on May 30, 2023, and was discovered on February 7, 2024.

Data breaches

Data breaches Insurance Cybersecurity Government

Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 1, 2024

Every week the best security articles from Security Affairs are free in your email box. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog Young Consulting data breach impacts 954,177 individuals BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085 US offers $2.5M

Security

Security CMS Phishing Ransomware

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Security Affairs

MARCH 8, 2024

The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) published a data analysis report on the data breach resulting from the ransomware attack on the IT services provider Xplain.

Ransomware

Ransomware Data breaches Unstructured data Personal data

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Players hacked during the matches of Apex Legends Global Series.

Security

Security Passwords Military Marketing

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Global Data Breaches and Cyber Attacks in April 2024 – 5,336,840,757 Records Breached

IT Governance

MAY 2, 2024

IT Governance’s research found the following for April 2024: 652 publicly disclosed security incidents. The number of records breached this month was high – particularly compared to March – largely due to two outlier events: Spy.pet, a data scraping website, offering 4,186,879,104 Discord messages for sale.

Data breaches

Data breaches Computer and Electronics Sales Access

Security Affairs newsletter Round 484 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

AUGUST 11, 2024

Every week the best security articles from Security Affairs are free in your email box. CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog Russian cyber spies stole data and emails from UK government systems 0.0.0.0 A new round of the weekly SecurityAffairs newsletter arrived!

Security

Security Ransomware MDM Personal data

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Security Affairs

SEPTEMBER 3, 2024

Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. This could enable access to sensitive resources like the microphone, camera, and screen recording, potentially leading to data leaks or privilege escalation. ” reads the advisory published by Talos.

Libraries

Libraries Risk Access Security

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 31, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Artificial Intelligence Cybersecurity

China Plans to Accelerate Cross-Border Data Transfers by Implementing Trial Rules in Shanghai Pilot Free Trade Zone

Hunton Privacy

FEBRUARY 15, 2024

Recent developments in the Shanghai Pilot Free Trade Zone to facilitate cross-border data transfers are expected to provide greater flexibility in exporting data from China, which has been stymied by the Cyberspace Administration of China (“CAC”)’s strict cross-border data transfer regulations proposed in December 2023.

Government

Government Compliance Security Cloud

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Financial information, medical data, health reimbursements, postal addresses, telephone numbers and emails are not thought to have been compromised.

Data Privacy

Data Privacy Manufacturing Privacy Security

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Data breached: 2.7 Date breached: 384,658,212 records.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

News alert: SpyCloud study reveals ‘infostealer’ malware can be a precursor to a ransomware attack

The Last Watchdog

SEPTEMBER 18, 2024

18, 2024, CyberNewsWire — SpyCloud , the leader in Cybercrime Analytics, today announced new cybersecurity research highlighting the growing and alarming threat of infostealers – a type of malware designed to exfiltrate digital identity data, login credentials, and session cookies from infected devices. Austin, TX, Sept.

Ransomware

Ransomware Authentication Cybersecurity Analytics

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. An analyst based in Taiwan, known as Azaka, discovered the data leak and shared their findings on social media. ” reads an analysis published by SentinelOne.

Government

Government IoT Marketing Data breaches

Malaysia introduces watershed amendments to Personal Data Protection Act 2010

Data Protection Report

JULY 26, 2024

On 16 July 2024, the Malaysian Dewan Rakyat (House of Representatives of the Malaysian Parliament) passed the Personal Data Protection (Amendment) Bill 2024 (the PDP Bill ). Data processors will also be potentially subject to the direct imposition of penalties for breach of their obligations.

Personal data

Personal data Data breaches Compliance GDPR

OpenText Named a Leader in the IDC MarketScape for Intelligent Content Services

OpenText Information Management

SEPTEMBER 11, 2024

But while you may be feeling pressured to get started and secure some quick wins to drive growth and differentiation, the best GenAI experiences must be built on top of quality data and a great enterprise content management strategy to realize GenAI’s full potential and value.

Content services

Content services Unstructured data Records Management Cloud

CISA confirmed that its CSAT environment was breached in January.

Security Affairs

JUNE 24, 2024

CISA warned chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was compromised in January. CISA warns chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was breached in January. The impact was limited to two systems, which we immediately took offline.

IT

IT Encryption Cybersecurity Access

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). Threat actors used Line Dancer to execute various commands, including disabling syslog, extracting configuration data, generating packet captures, and executing CLI commands.

IT

IT Authentication Access Security

Looking Back on the Channel Partner Event and Awards 2024

IT Governance

APRIL 24, 2024

Previously , I had the pleasure of sitting down with Sophie Sayer, our Channel Sales Director, to talk about the IT Governance partner programme and partner event on 9 April 2024. When I asked her how the event went, she said: The Channel Partner Event and Awards 2024 in Ely was an absolute triumph!

Sales

Sales Government Privacy Marketing

MITRE attributes the recent attack to China-linked UNC5221

Security Affairs

MAY 7, 2024

MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. On January 4, 2024, the threat actors conducted a reconnaissance on NERVE environment.

Communications

Communications Access Authentication Security

12 Data Loss Prevention Best Practices (+ Real Success Stories)

eSecurity Planet

APRIL 12, 2024

Data loss prevention (DLP) best practices are principles that help prevent intentional or unintentional data erasure. By following these guidelines, organizations can reduce the detrimental impact of data loss and quickly resume operations after an incident. Proofpoint’s 2024 data loss landscape report reveals 84.7%

Encryption

Encryption Risk Data breaches Access

Navigating Compliance: Understanding India's Digital Personal Data Protection Act

Thales Cloud Protection & Licensing

MAY 8, 2024

Navigating Compliance: Understanding India's Digital Personal Data Protection Act madhav Thu, 05/09/2024 - 05:30 In August 2023, the Indian Parliament passed a piece of landmark legislation, the Digital Personal Data Protection (DPDP) Act, marking a significant shift in India's data protection landscape.

Personal data

Personal data Compliance Encryption Cloud

How to Address AI Security Risks With ISO 27001

IT Governance

SEPTEMBER 12, 2024

But for all its potential, there are legitimate concerns around, among other things, data security. Bridget Kenyon is the CISO (chief information security officer) for SSCL, a member of the UK Advisory Council for (ISC) 2 , and a Fellow of the Chartered Institute of Information Security. Garbage in, garbage out.

Risk

Risk Security Education Information Security

IBM watsonx AI and data platform, security solutions and consulting services for generative AI to be showcased at AWS re:Invent

IBM Big Data Hub

NOVEMBER 27, 2023

That’s why we continue expanding the IBM and AWS collaboration, providing clients flexibility to build and govern their AI projects using the watsonx AI and data platform with AI assistants on AWS. next generation studio for AI builders will follow in early 2024, making the full watsonx platform available on AWS.

Cloud

Cloud Security Government Analytics

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data scraping is a typically automated process that extracts information from websites, allowing criminals to compile data sets containing personal information.

Data breaches

Data breaches Education Manufacturing Retail

7 Best Attack Surface Management Software for 2024

eSecurity Planet

DECEMBER 20, 2023

CAASM (cyber asset ASM) and DRPS (digital risk protection) are also related terms and elements of ASM.

Cloud

Cloud Risk Security Compliance

Your Biggest Security Risk: The Insider Threat

IT Governance

JULY 23, 2024

Expert insight from our head of GRC consultancy Our analysis of the ICO’s (Information Commissioner’s Office) public data set found that 29–35% of reported personal data breaches between 2019 and 2023 in the UK had been caused accidentally. of all data breaches caused through human error.

Risk

Risk Security Phishing Data breaches

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

Security Affairs

SEPTEMBER 27, 2023

Following the recently announced data leak from Sony, Ransomed.vc Following the recently announced data leak from Sony , the notorious ransomware syndicate Ransomed.vc Notably, the announcement came almost synchronously with the publication of the new leaked data from Sony shedding some light on the precursor of the data breach.

Ransomware

Ransomware Cybersecurity Data breaches GDPR

A ransomware attack took 100 Romanian hospitals down

Security Affairs

FEBRUARY 13, 2024

The attack took place on February 11 and encrypted data in the production servers. “During the night of February 11 to 12, 2024, a massive cyber ransomware attack took place on the production servers on which the HIS IT system runs. As a result of the attack, the system is down, files and databases are encrypted.”

Ransomware

Ransomware Cleanup Encryption Cybersecurity

Pro-Russia hackers target critical infrastructure in North America and Europe

Security Affairs

MAY 2, 2024

The government agencies urge OT operators in critical infrastructure sectors to implement a set of mitigations provided in the advisory. In early 2024, several U.S.-based The threat actors were observed using methods such as exploiting virtual network computing (VNC) remote access software and default passwords.

Agriculture

Agriculture Passwords Authentication Government

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

This figure also includes historical records and new artifacts identified in January 2024, following an analysis of Command and Control (C2) servers and underground marketplaces. As such, this employee category represents a high-value target for sophisticated threat actors.

Passwords

Passwords Cybersecurity Cloud Access

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Unmasking 2024’s Email Security Landscape

Webinars

Trending Sources

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Webinars

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Global Data Breaches and Cyber Attacks in 2024

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Global Data Breaches and Cyber Attacks in February 2024 – 719,366,482 Records Breached

Collibra AI Governance and de-risking unstructured data at Ohalo

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Mastering healthcare data governance with data lineage

Elections 2024, artificial intelligence could upset world balances

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Global Data Breaches and Cyber Attacks in March 2024 – 299,368,075 Records Breached

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Global Data Breaches and Cyber Attacks in April 2024 – 5,336,840,757 Records Breached

Security Affairs newsletter Round 484 by Pierluigi Paganini – INTERNATIONAL EDITION

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

China Plans to Accelerate Cross-Border Data Transfers by Implementing Trial Rules in Shanghai Pilot Free Trade Zone

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

News alert: SpyCloud study reveals ‘infostealer’ malware can be a precursor to a ransomware attack

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Malaysia introduces watershed amendments to Personal Data Protection Act 2010

OpenText Named a Leader in the IDC MarketScape for Intelligent Content Services

CISA confirmed that its CSAT environment was breached in January.

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

Looking Back on the Channel Partner Event and Awards 2024

MITRE attributes the recent attack to China-linked UNC5221

12 Data Loss Prevention Best Practices (+ Real Success Stories)

Navigating Compliance: Understanding India's Digital Personal Data Protection Act

How to Address AI Security Risks With ISO 27001

IBM watsonx AI and data platform, security solutions and consulting services for generative AI to be showcased at AWS re:Invent

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

7 Best Attack Surface Management Software for 2024

Your Biggest Security Risk: The Insider Threat

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

A ransomware attack took 100 Romanian hospitals down

Pro-Russia hackers target critical infrastructure in North America and Europe

Hundreds of network operators’ credentials found circulating in Dark Web

Stay Connected