Tue.Jan 02, 2024

article thumbnail

LockBit 3.0 Claims Attack on Australian Auto Dealer Eagers

Data Breach Today

Eagers Says It Doesn't Know Full Extent of Hack But Has Started Contacting Victims Brisbane-based retail group Eagers Automotive is investigating a cyberattack that disrupted parts of its regional operations and compromised the personal information of some of its customers. Eagers said Tuesday it doesn't know the full extent of the hack, but it has started notifying customers.

Retail 297
article thumbnail

Information governance: First, know thyself

AIIM

The value of information governance is obvious to many business and IT leaders. But like confronting an attic that is full of junk, the task of organizing and governing disorganized data can seem overwhelming. Maybe that’s why too many technology and business decision-makers put information governance on the back burner, there to be ignored until a crisis arises and there is a frantic push to find critical information quickly.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Merry 'Leaksmas'! Hackers Give Away 50 Million Pieces of PII

Data Breach Today

Holiday Leaks Could Result in More Digital Identity Theft and Fraud, Report Warns Hackers celebrated the year-end holidays with a malicious "Free Leaksmas" posting on the dark web, releasing 50 million stolen consumer records, including credit card information. Researchers said the leaked data can be used for identity theft and fraud.

305
305
article thumbnail

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Related: How AI is transforming DevOps The constant evolution of technology, increased connectivity, and sophisticated cyber threats pose significant challenges to organizations of all sizes and industries. Here are some of the key challenges that organizations encounter in their efforts to mitigate cyber risks in the current environment.

Risk 202
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

State AG Hits Hospital With $300K Fine for Web Tracker Use

Data Breach Today

NewYork-Presbyterian Disabled Website, Patient Portal Trackers in 2022 State regulators fined a New York hospital $300,000 to settle privacy violations related to the organization's prior use of tracking tools in its websites and patient portal. Regulators said the hospital violated HIPAA rules in sharing patient information with third parties for marketing purposes.

Marketing 277

More Trending

article thumbnail

European Central Bank to Put Banks Through Cyber Stress Test

Data Breach Today

109 Banks to Participate in Simulated Cyberattacks to Assess Cyber Resiliency The European Central Bank beginning this month will conduct cyber stress tests on banks to determine their resilience against cyberattacks. The agency is requiring 109 banks in Europe to perform vulnerability assessments and incident response evaluations by mid-2024.

274
274
article thumbnail

Multiple organizations in Iran were breached by a mysterious hacker

Security Affairs

Hudson Researchers reported that a mysterious hacker launched a series of attacks against industry-leading companies in Iran. Hudson Researchers reported that on December 20th, a hacker using the moniker ‘irleaks’ announced the availability for sale of over 160,000,000 records allegedly stolen from 23 leading insurance companies in Iran.

Insurance 145
article thumbnail

API Security Trends: Collaborative Strategies for Leaders

Data Breach Today

Forrester's Sandy Carielli Shares Highlights From API Security Report Forrester analyst Sandy Carielli highlights key API security aspects in Forrester's report titled The Eight Components of API Security," which covers governance, discovery, testing, authentication and protection from API breaches as many organizations are grappling with the maturity of these areas.

Security 279
article thumbnail

Researchers released a free decryptor for Black Basta ransomware

Security Affairs

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor. The Black Basta ransomware group has been active since April 2022 , like other ransomware operations, it implements a double-extortion attack model.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Hacktivists Shut Down Top State-Owned Belarusian News Agency

Data Breach Today

Belarusian Cyber-Partisans Claim New Year's Weekend Attack Wiped Servers, Backups Over the New Year's holiday weekend, Belarusian hacktivists shut down the country's leading state-owned media outlet, claiming they had wiped the main website servers and backups of BelTA. The group said its actions had been retaliation against President Alexander Lukashenko's propaganda campaign.

IT 284
article thumbnail

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Security Affairs

JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader. Researchers from Palo Alto Networks and Symantec warned of a new Go-based malware loader called JinxLoader, which is being used to deliver next-stage payloads such as Formbook and XLoader. The name of the threat comes from a League of Legends character.

Archiving 140
article thumbnail

TikTok Editorial Analysis

Schneier on Security

TikTok seems to be skewing things in the interests of the Chinese Communist Party. (This is a serious analysis, and the methodology looks sound.) Conclusion: Substantial Differences in Hashtag Ratios Raise Concerns about TikTok’s Impartiality Given the research above, we assess a strong possibility that content on TikTok is either amplified or suppressed based on its alignment with the interests of the Chinese Government.

article thumbnail

Terrapin attack allows to downgrade SSH protocol security

Security Affairs

Researchers discovered an SSH vulnerability, called Terrapin, that could allow an attacker to downgrade the connection’s security. Security researchers from Ruhr University Bochum (Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk) discovered a vulnerability, called Terrapin ( CVE-2023-48795 , CVSS score 5.9), in the Secure Shell (SSH) cryptographic network protocol.

Security 136
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Weekly Vulnerability Recap – January 2, 2024 – Barracuda ESG, Apache OfBiz Vulnerabilities Persist

eSecurity Planet

While the number of reported vulnerabilities sometimes decrease over the Christmas and New Year’s holidays, active and potential exploits are no less threatening. During the past couple weeks, Google has seen multiple vulnerabilities, including a zero-day in Chrome. SonicWall researchers discovered that an Apache patch was incomplete, still permitting authentication bypass in open-source ERP software Apache OfBiz.

article thumbnail

[Security Masterminds] Beyond the Technical: Cultivating Empathy in Cybersecurity

KnowBe4

Cybersecurity exists to protect people and their information. In our recent discussion on Security Masterminds, Julie provided unique insights on putting people at the center of cybersecurity.

article thumbnail

Can AI read for you & should it?

CILIP

Can AI read for you & should it? Dr Beth Montague-Hellen, CILIP LGBTQ+ Network Chair, shares how ChatGPT, can, can't, and should help you with your research as an academic librarian This story is featured on the AI Hub Publish or perish culture in academia creates an ever increasing need to publish, and generates vast quantities of written material, but can any researcher or student possibly hope to read everything?

IT 95
article thumbnail

A Dream Team Security Awareness Training Program?

KnowBe4

Every person and organization is different and requires slightly different methods and ways of learning. But every person and organization can benefit by more frequent security awareness training (SAT).

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

What It’s Like to Use Apple’s Lockdown Mode

WIRED Threat Level

If you're at high risk of being targeted by mercenary spyware, or just don't mind losing iOS features for extra security, the company's restricted mode is surprisingly usable.

Risk 100
article thumbnail

ISO adopted ISO/IEC 42001, Information technology, Artificial intelligence, Management system standard

IG Guru

Check out the standard here. The post ISO adopted ISO/IEC 42001, Information technology, Artificial intelligence, Management system standard first appeared on IG GURU.

article thumbnail

I’m a tech reporter. Can I still post my baby’s picture responsibly?

The Guardian Data Protection

I know nothing online is private. I also won’t be able to resist taking photos of my cute baby. Can a privacy girly have it all? I spent my teen years baring my soul on Blogger, Xanga, Friendster and Myspace, well before there was widespread acceptance and knowledge of the ways companies already did and would increasingly collect and share my data. The idea that there was no such thing as a free service and that, in fact, the cost of doing business with digital platforms is relinquishing control

Privacy 80
article thumbnail

Passive RFID: 5 Proven Business Process Automation Benefits

HID Global

From increased efficiency & real-time visibility to cost reduction & heightened security, the benefits of passive RFID are numerous & elevate operations success.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

A 2023 Reflection: How the Modern Data Dilemma in eDiscovery is Now Getting Solved

eDiscovery Daily

By Rick Clark It’s evident that the legal eDiscovery industry is undergoing significant transformation, driven by the ever-expanding data varieties, volumes, and the velocity in growth for varieties and volume, especially in the last year.) For instance, there are 20 million text/chat messages sent every minute. * The intersection of these three data Vs has not only posed unique challenges but has also paved the way for innovative solutions and a paradigm shift in how data is reviewed in the leg

article thumbnail

New Year’s Resolutions 101: Examples and Suggestions from Old Patents

Unwritten Record

Every year, around this time, many people’s minds turn towards New Year’s Resolutions. Things like saving more money, learning a new skill, and better self-care are timeless classics when it comes to resolutions. So, we here in the Cartographic Branch would like to offer up some patents related to resolution keeping, just in case you need ideas for the coming year!

IT 45