Fri.Feb 23, 2024

article thumbnail

Change Healthcare Outage Hits Military Pharmacies Worldwide

Data Breach Today

Experts Speculate About Whether the Hack Involved the ScreenConnect Flaw Exploit Pharmacies at U.S. military hospitals and clinics worldwide are among the entities affected by the cyberattack on Optum's Change Healthcare this week, which has forced the IT services company to take many of its applications offline. Change Healthcare disconnected its IT systems on Wednesday.

Military 278
article thumbnail

Thanks FedEx, This is Why we Keep Getting Phished

Troy Hunt

I've been getting a lot of those "your parcel couldn't be delivered" phishing attacks lately and if you're a human with a phone, you probably have been too. Just as a brief reminder, they look like this: These get through all the technical controls that exist at my telco and they land smack bang in my SMS inbox. However, I don't fall for the scams because I look for the warning signs: a sense of urgency, fear of missing out, and strange URLs that look nothing like any

Phishing 142
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who is LockBitSupp? Police Delay Promise to Reveal Identity

Data Breach Today

Officials Reschedule Big Reveal of LockBit Ransomware Group Leadership's Identity Who is LockBitSupp? On Friday morning, when law enforcement promised to reveal the identity of the public mouthpiece of the LockBit ransomware-as-a-service operation they infiltrated and disrupted earlier this week, authorities instead announced a delay.

article thumbnail

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The security breach occurred on Sunday 18 February 2024, but Tangerine management became aware of the incident on Tuesday 20 February 2024.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Binance Restricts 85 LockBit Crypto Wallets

Data Breach Today

Authorities Uncover 30,000 LockBit Bitcoin Addresses Cryptocurrency trading platform Binance restricted access to 85 accounts as part of an action against the LockBit ransomware affiliates, and authorities estimated that members of the now-defunct ransomware-as-a-service operation had pocketed "hundreds of millions" in ransom.

More Trending

article thumbnail

No Big Reveal: Cops Don't Unmask LockBit's LockBitSupp

Data Breach Today

After Teasing 'Who is LockBitSupp,' Cops Say He's 'Engaged With Law Enforcement' "Who is LockBitSupp?" Police teased they would reveal the answer to that question Friday, but when the big reveal came, they disclosed very little, except to cryptically say the apparent member of the LockBit ransomware group's leadership team "has engaged with law enforcement.

article thumbnail

Data Breach at French Healthcare Payment Processor Puts 20 Million Policyholders at Risk

KnowBe4

A single account being phished caused millions of French healthcare policyholder records to be breached, putting all 20 million of them on notice that.

article thumbnail

US FTC Imposes Strict Reporting Mandates for Global Tel*Link

Data Breach Today

New Reporting Measures Follow Data Breach Affecting Prison Communications Provider Global Tel Link, a major prison communications provider in the U.S., will be required to notify its users - as well as the Federal Trade Commission - about certain data breaches and security events after suffering a major data breach in 2020 that left users’ sensitive information available online.

article thumbnail

Nearly One in Three Cyber Attacks In 2023 Involved The Abuse of Valid Accounts

KnowBe4

Thirty percent of all cyber incidents in 2023 involved abuse of valid credentials, according to IBM X-Force’s latest Threat Intelligence Index. This represents a seventy-one percent increase compared to 2022.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

HHS OCR Tells Congress It Needs More Funding for HIPAA Work

Data Breach Today

Breaches and Complaints Continue to Soar as Regulatory Duties Increase As the volume of major health data breaches rises, the federal agency charged with investigating those incidents told Congress this week that it lacks the needed funding to keep up with its mounting workload. The agency also separately announced its second ransomware HIPAA breach settlement.

IT 238
article thumbnail

CIPL Releases White Paper on Accountable AI Best Practices

Hunton Privacy

On February 21, 2024, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP (“CIPL”) published a white paper on Building Accountable AI Programs: Mapping Emerging Best Practices to the CIPL Accountability Framework. The white paper showcases how 20 leading organizations are developing accountable AI programs and best practices. The white paper discusses how organizational accountability is fundamental to the responsible development and deployment of AI.

Paper 118
article thumbnail

ISMG Editors: The 'New Frontier' of AI and Identity Security

Data Breach Today

Identity Security Expert Jeremy Grant Discusses Challenges, Innovations and Trends In the latest weekly update, Jeremy Grant of Venable LLP joins editors at ISMG to discuss the state of secure identity in 2024, the challenges in developing next-generation remote ID proofing systems, and the potential role generative AI can play in both compromising and protecting identities.

Security 234
article thumbnail

Your KnowBe4 Fresh Content Updates from February 2024

KnowBe4

Check out the 29 new pieces of training content added in February, alongside the always fresh content update highlights, events and new features.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

Data Breach Today

With Over $1 Billion in Annual Proceeds, Don't Expect Attackers to Give Up the Life Once the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.

article thumbnail

Weekly Update 388

Troy Hunt

It's just been a joy to watch the material produced by the NCA and friends following the LockBit takedown this week. So much good stuff from the agencies themselves, not just content but high quality trolling too. Then there's the whole ecosystem of memes that have since emerged and provided endless hours of entertainment 😊 I'm sure we'll see a lot more come out of this yet and inevitably there's seized material that will still be providing value to further inves

Phishing 110
article thumbnail

Face off: New Banking Trojan steals biometrics to access victims’ bank accounts

KnowBe4

Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and phone numbers and are prompted to perform face scans. These images are then swapped out with AI-generated deepfakes that can easily bypass security checkpoints.

Access 103
article thumbnail

What Is an Application Level Gateway? How ALGs Work

eSecurity Planet

An application gateway, also known as an application level gateway (ALG), functions as a critical firewall proxy for network security. Its filtering capability ensures that only certain network application data is transmitted, which has an impact on the security of protocols including FTP, Telnet, RTSP, and BitTorrent. Understanding ALGs involves knowing how they work, their pros and cons, and how they integrate with or differ from other types of firewalls.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Conversational AI use cases for enterprises

IBM Big Data Hub

Today, people don’t just prefer instant communication; they expect it. Conversational artificial intelligence (AI) leads the charge in breaking down barriers between businesses and their audiences. This class of AI-based tools, including chatbots and virtual assistants, enables seamless, human-like and personalized exchanges. Beyond the simplistic chat bubble of conversational AI lies a complex blend of technologies, with natural language processing (NLP) taking center stage.

article thumbnail

Serco ordered to stop using facial recognition technology to monitor staff

The Guardian Data Protection

Biometric data of more than 2,000 staff at 38 leisure centres was unlawfully processed to check attendance, watchdog finds Britain’s data watchdog has ordered a Serco subsidary to stop using facial recognition technology and fingerprint scanning to monitor the attendance of staff at the leisure centres it operates. The Information Commissioner’s Office (ICO) found that the biometric data of more than 2,000 employees had been unlawfully processed at 38 centres managed by Serco Leisure to check up

IT 94
article thumbnail

CIPL Publishes Discussion Paper on Data Protection Assessment Requirements Under U.S. State Privacy Laws

Hunton Privacy

On February 8, 2024, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP (“CIPL”) published a discussion paper on Comparison of U.S. State Privacy Laws: Data Protection Assessments. The paper analyzes the data protection assessment requirements set forth in an ever-growing number of comprehensive U.S. state privacy laws. The paper represents the first deliverable of CIPL’s ongoing project on U.S. state privacy laws, in which CIPL is collaborating with its member organization

Paper 85
article thumbnail

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices via The Hacker News

IG Guru

Check out the article here. The post Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices via The Hacker News first appeared on IG GURU.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Even the world’s biggest businesses are not free from GDPR woes. Irish regulators hit Meta with a EUR 1.2 billion fine in 2023.

GDPR 74
article thumbnail

California Children’s Privacy Bill Moves to Committee

Hunton Privacy

On February 12, 2024, California bill AB-1949 was referred to the Assembly Committee on Privacy and Consumer Protection. The bill would amend the California Consumer Privacy Act (as amended by the California Privacy Rights Act) (the “CCPA”) to significantly expand businesses’ obligations with respect to the personal information of consumers under the age of 18.

Privacy 74
article thumbnail

U.S. Department of Justice Signals Tougher Enforcement Against Artificial Intelligence Crimes

Data Matters

U.S. Deputy Attorney General Lisa Monaco signaled robust future enforcement by the Department of Justice (DOJ) against crimes involving, and aided by, artificial intelligence (AI) in her remarks at Oxford University last week and reiterated shortly thereafter at the Munich Security Conference. The post U.S. Department of Justice Signals Tougher Enforcement Against Artificial Intelligence Crimes appeared first on Data Matters Privacy Blog.

article thumbnail

Biden administration issues Executive Order and takes action to enhance maritime cybersecurity

Data Protection Report

On February 21, 2024, President Biden signed an Executive Order and issued several federal rules aimed at improving the cybersecurity of U.S. ports and maritime supply chains. The measures introduce new cybersecurity requirements and standards for stakeholders of the U.S. Marine Transportation System (MTS) and increase the authority of the U.S. Coast Guard in its ability to address cyber threats.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

14 things you need to know about IT security compliance

Jamf

Learn about IT and security compliance, answering critical questions about their differences, similarities and more importantly, how best practices help your organization develop their IT security compliance plan.

article thumbnail

Search Volume to Drop 25% by 2026 Due to AI Agents, Predicts Gartner

Information Matters

Search engine volume is expected to fall by 25% over the next few years, according to a new prediction by research firm Gartner. The decline will be driven by the Read more The post Search Volume to Drop 25% by 2026 Due to AI Agents, Predicts Gartner appeared first on Information Matters - Where AI Meets Knowledge Management.

52
article thumbnail

Friday Squid Blogging: Illex Squid and Climate Change

Schneier on Security

There are correlations between the populations of the Illex Argentines squid and water temperatures. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Security 101