Security Affairs

DECEMBER 5, 2024

Security Operations Center (SOC) analyst burnout is a very real problem. The two key problems are: Alert Overload Modern security environments generate an extraordinary number of alerts. These are some of the most important cybersecurity professionals out there, and many of them are being worked to exhaustion.

Cybersecurity 340

Cybersecurity Artificial Intelligence Risk Data collection 340

Security Affairs

JANUARY 16, 2025

The security breach occurred on December 13, 2023, but the company discovered the incident only on April 18, 2024, and has only now disclosed it due to the complexity of the digital forensic investigation. The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 240

Data breaches Data collection Data Privacy Cybersecurity 240

Security Affairs

JANUARY 17, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 297 appeared first on Security Affairs. Pierluigi Paganini.

Security 274

Security Ransomware Data collection Data breaches 274

Data Breach Today

AUGUST 11, 2022

Commission Asks for Comment on Link Between Consumer Surveillance and Lax Security U.S. companies could see new cybersecurity rules and restrictions on consumer data collection under a rule-making process initiated by the FTC.

Privacy 240

Privacy Security Data collection Cybersecurity 240

Security Affairs

JUNE 9, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 318

Security Data breaches Ransomware Phishing 318

Security Affairs

NOVEMBER 6, 2024

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc.

Security 296

Security Government Risk Data collection 296

The Last Watchdog

JUNE 10, 2024

Related: Next-level browser security That’s a question that spilled out of a thought-provoking conversation I had with Pedro Fortuna , co-founder and CTO of Jscrambler , at RSAC 2024. Jscrambler provides granular visibility and monitoring of JavaScript coding thus enabling companies to set and enforce security rules and privacy policies.

Privacy 261

Privacy Security Mining Data collection 261

Data Breach Today

JULY 13, 2021

Connecticut Law Provides Security Incentives; Colorado Measure Addresses Consumers' Privacy Two states have recently taken steps to bolster cybersecurity and data privacy protections. And a new data privacy law in Colorado allows individuals to opt out of data collection.

Data Privacy 321

Data Privacy Privacy Cybersecurity Data collection 321

Data Breach Today

JANUARY 16, 2025

Also: Intensified Russian Hacking in Ukraine, Spain's Telefnica Confirms Breach This week, Microsoft laid off security staff and released Patch Tuesday, Russian hackers intensified attacks on Ukraine in 2024, Telefnica confirmed a breach, a Tennessee mortgage leader reported a breach and the Texas AG sued Allstate over driver data collection.

Security 173

Security Data collection 173

Security Affairs

JUNE 16, 2020

On Friday, the Norwegian Data Protection Authority (Norwegian: Datatilsynet) issued a warning that it would stop the Norwegian Institute of Public Health from handling data collected via Smittestopp contact tracing app. “The pandemic is not over,” she said. . Pierluigi Paganini.

Privacy 347

Privacy IT Data collection Personal data 347

WIRED Threat Level

SEPTEMBER 28, 2022

Want to speak up against Big Tech, unjust data collection, and surveillance? Here's how to be an activist in your community and beyond.

Data Privacy 346

Data Privacy Data collection Privacy Security 346

Security Affairs

DECEMBER 29, 2019

The leak was reported to Wyze on December 26th at around 10:00 AM and the company immediately secured the database and launched an investigation. “Today, we are confirming that some Wyze user data was not properly secured and left exposed from December 4th to December 26th.” on December 26 by a reporter at IPVM.com.

Security 240

Security IoT Data collection Access 240

Security Affairs

FEBRUARY 28, 2020

Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates. The post Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates appeared first on Security Affairs. ”added Netblocks. It's 5:30 a.m.

Military 343

Military Data collection Government Access 343

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Phishing 363

Phishing Data collection Retail Security awareness 363

Security Affairs

MARCH 7, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 304 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Security 198

Security Data breaches Ransomware Cybersecurity 198

Security Affairs

JULY 21, 2019

The best news of the week with Security Affairs. Israel surveillance firm NSO group can mine data from major social media. Poland and Lithuania fear that data collected via FaceApp could be misused. Former NSA contractor sentenced to 9 years for stealing classified data. Kindle Edition. Paper Copy.

Security 220

Security Mining Ransomware Data collection 220

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Government 347

Government Privacy Risk Data collection 347

WIRED Threat Level

JULY 24, 2024

A former Google engineer has built a search engine, WebXray, that aims to find illicit online data collection and tracking—with the goal of becoming “the Henry Ford of tech lawsuits.”

Privacy 298

Privacy Data collection Security 298

Security Affairs

DECEMBER 23, 2023

. “We are writing to inform you about a security incident we recently identified in which an unauthorized actor obtained some limited types of customer information. ” reads the data breach notification email sent to the impacted customers.

Data breaches 342

Data breaches Data collection Passwords Access 342

Schneier on Security

FEBRUARY 15, 2022

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information from the CIA. No real details yet.

Data collection 128

Data collection 128

Security Affairs

OCTOBER 23, 2023

Teodoro ordered “to refrain from using AI photo generator applications and practice vigilance in sharing information online” At this time, it remains unclear whether the order was issued in response to a specific event or to address potential attacks aimed at exploiting the data collected by these applications.

IT 342

IT Data collection Phishing Risk 342

Security Affairs

NOVEMBER 24, 2020

The code found in both apps allowed to gather device data, including model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps. ” concludes the post. Pierluigi Paganini.

Data collection 292

Data collection Privacy Security IT 292

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach exposing customers’ account’s information. The T-Mobile security staff discovered “malicious, unauthorized access” to their systems. Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls.

Data breaches 363

Data breaches Cybersecurity Data collection Access 363

Security Affairs

SEPTEMBER 14, 2020

These are based on publicly disclosed incidents in the media or security reports.” ” Anyone can request access to the data by compiling this form. Data collected by the researchers are very interesting and very useful for future research projects on the security of the critical infrastructure.

Ransomware 360

Ransomware Data collection Education Security 360

Security Affairs

OCTOBER 27, 2023

Then, the derived insights let you monitor market trends, customer behavior, competitor pricing, and other key data collected via market research. Successful extraction of public data from the internet can be a tricky process, especially when visited websites use protection algorithms. appeared first on Security Affairs.

Marketing 322

Marketing Data collection Communications Data Privacy 322

Security Affairs

SEPTEMBER 17, 2024

A recent Thales report on digital trust explores the complex dynamics of trust, focusing on user experience, security, and data privacy. The report provides insights into factors influencing user consent for data collection and usage and reasons for consumer disengagement.

Data collection 292

Data collection Privacy Personal data Data Privacy 292

Security Affairs

DECEMBER 2, 2023

While WeMystic has since closed the database, researchers said that the data was accessible for at least five days. One of the data collections in the exposed instance, named “users,” contained a whopping 13.3 million records.

Data collection 354

Data collection Risk Access IT 354

Security Affairs

MARCH 24, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues collectively tracked as ProxyLogon (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. Pierluigi Paganini.

Data collection 336

Data collection Security IT Information Security 336

Security Affairs

JULY 12, 2021

For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from hundreds of millions of LinkedIn user profiles surfaced on a hacker forum, where it’s currently being sold for an undisclosed sum.

Archiving 361

Archiving Passwords Data collection Sales 361

The Last Watchdog

OCTOBER 23, 2023

Cisco’s $28 billion acquisition of Splunk comes at an inflection point of security teams beginning to adopt to working with modern, cloud-native data lakes. Related: Dasera launches new Snowflake platform For years, Splunk has been the workhorse SIEM for many enterprise Security Operation Centers (SOCs).

Data science 261

Data science Security Analytics Data migration 261

Security Affairs

OCTOBER 4, 2023

The data collected paints a vivid picture, revealing 1,736 ransomware claims, with 53 incidents specifically targeting Italy. Geographical data and affected sectors provide crucial insights into emerging trends and threats. Wrapping up: The second quarter of 2023 reflects a concerning surge in ransomware attacks globally.

Ransomware 329

Ransomware Data collection Cybersecurity Security 329

Security Affairs

JULY 30, 2020

Security experts from McAfee uncovered a new cyber-espionage campaign carried out by North Korean hackers that targeted the US defense and aerospace sectors. “The data collected from the target machine could be useful in classifying the value of the target. Pierluigi Paganini. SecurityAffairs – hacking, North Korea).

Military 340

Military Data collection Phishing Ransomware 340

Security Affairs

NOVEMBER 23, 2022

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users. Researchers at software company Mysk discovered that analytics data collected by iPhone include the Directory Services Identifier (DSID), which could allow identifying users.

Analytics 363

Analytics Privacy Personal data Data collection 363

Security Affairs

DECEMBER 12, 2023

Lazarus APT is an umbrella for sub-groups, each of them has specific objectives in defense, politics, national security, and research and development. .” The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government.

Agriculture 326

Agriculture Data collection Access Manufacturing 326

Security Affairs

SEPTEMBER 11, 2018

The security researcher that handle the Twitter account Privacy First first reported the alleged unethical behavior and published a video that shows how the app harvest users ‘data. “The data collected was explicitly identified to the customer in the data collection policy and is highlighted to the user during the install.

Data collection 272

Data collection Archiving Passwords Privacy 272

Security Affairs

AUGUST 28, 2021

. “As a result, our investigation focuses on just 7 days’ worth of data and any players exposed in that short window. This is an enormous amount of data collected from a few small, not well-known mobile games.” The good news is that EskyFun secured the server on July 28. SecurityAffairs – hacking, data leak).

Data breaches 334

Data breaches Data collection Analytics Security 334

WIRED Threat Level

JANUARY 15, 2019

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

Data collection 279

Data collection IT Security 279