Dark Reading

APRIL 4, 2023

In the height of tax-return season, a popular tax prep software service leaves a malicious JavaScript file online for weeks.

140

140

WIRED Threat Level

APRIL 3, 2023

An agency database WIRED obtained reveals widespread use of so-called 1509 summonses that experts say raises the specter of potential abuse.

Privacy 144

Privacy Security 144

IT Governance

APRIL 5, 2023

Malware is one of the most common cyber security threats that organisations and individuals face. Whenever someone talks about their computer being infected, encountering bots or even falling victim to a scam email, malware is normally involved. It’s why anti-malware software is usually considered a top priority for staying safe online. However, those tools are not flawless.

Encryption 113

Encryption Data breaches Phishing Government 113

Data Breach Today

APRIL 4, 2023

Tranche of Stolen Data Is Disguised Royal Ransomware Installer, Researchers Warn The Royal ransomware group has been running a social engineering campaign designed to trick targets into thinking they've fallen victim to a crypto-locking and data exfiltration attack by giving them a purported list of what was stolen that, if opened, installs Royal ransomware, researchers warn.

Ransomware 162

Ransomware 162

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

APRIL 4, 2023

Several domain names tied to Genesis Market , a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly

Marketing 344

Marketing Passwords Authentication Access 344

eSecurity Planet

APRIL 7, 2023

Kali Linux turns 10 this year, and to celebrate, the Linux penetration testing distribution has added defensive security tools to its arsenal of open-source security tools. It remains to be seen if Kali Purple will do for defensive open source security tools what Kali Linux has done for open source pentesting, but the addition of more than 100 open source tools for SIEM , incident response , intrusion detection and more should raise the profile of those defensive tools.

Energy and Utilities 141

Energy and Utilities Security Cybersecurity Passwords 141

Data Breach Today

APRIL 4, 2023

Tallahassee Memorial Says Patient Data 'Obtained' in February Security Incident A Florida-based community healthcare system has begun notifying about 20,000 individuals whose information was compromised in a data security incident that prompted the organization to operate under its IT downtime procedures, including diverting some emergency patients, for two weeks in February.

Security 274

Security IT 274

Krebs on Security

APRIL 3, 2023

John Clifton Davies , a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “ CodesToYou ,” which purports to be a “full cycle software development company” based in the U.K.

Communications 222

Communications Marketing Security Insurance 222

Dark Reading

APRIL 5, 2023

Using only ChatGPT prompts, a Forcepoint researcher convinced the AI to create malware for finding and exfiltrating specific documents, despite its directive to refuse malicious requests.

IT 140

IT 140

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Troy Hunt

APRIL 5, 2023

A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they've named "Operation Cookie Monster" They've provided millions of impacted email addresses and passwords to Have I Been Pwned (HIBP) so that victims of the incident can discover if they have been exposed.

Marketing 136

Marketing Passwords Authentication Paper 136

Data Breach Today

APRIL 3, 2023

Online Services Are Offline Hard disk drive maker Western Digital disclosed a hacking incident the company says likely resulted in data theft. Online services offered by the California company - including personal and enterprise cloud storage and email and push notifications - are down as of publication.

Cloud 234

Cloud 234

eSecurity Planet

APRIL 5, 2023

Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the U.S.

Ransomware 128

Ransomware Cybersecurity Education Encryption 128

IT Governance

APRIL 3, 2023

Welcome to our March 2023 list of data breaches and cyber attacks. Our research identified exactly 100 publicly disclosed incidents during the month, accounting for 41,970,182 breached records. You can find the full list of data breaches and cyber attacks below, including our new feature in which we delve into the month’s biggest incidents in a little more detail.

Data breaches 115

Data breaches Ransomware Phishing Government 115

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Protection Report

APRIL 5, 2023

Introduction By way of an interim measure adopted on 30 March 2023, the Italian Data Protection Authority ( Garante per la protezione dei dati personali ) (the Garante ) ordered the US company Open AI LLC to temporarily stop ChatGPT’s processing of personal data relating to individuals located in Italy, pending the outcome of the Garante’s investigation into the privacy practices of ChatGPT.

Personal data 111

Personal data GDPR Data breaches Privacy 111

Data Breach Today

APRIL 4, 2023

Chinese-Owned App Will Pay 12.7 Million Pounds A British government agency added to TikTok's reputational woes by finding it failed to protect children's privacy. TikTok is playing defense in multiple Western countries against concerns it collects massive amounts of data it could use for surveillance or information operations.

Privacy 267

Privacy Government IT 267

OpenText Information Management

APRIL 6, 2023

Every day at OpenText we elevate people to achieve superhuman impact by working smarter and making information their superpower. Our customers face a relentless digital landscape with overwhelming depths of data – we provide the information advantage that enables better results faster and gives them a competitive advantage. We help our customers do this by … The post Smarter with OpenText: The information advantage at work appeared first on OpenText Blogs.

110

110

Dark Reading

APRIL 4, 2023

The malware is one of the most sophisticated ransomwares ever seen in the wild, and marks a leap ahead for cybercrime.

Ransomware 133

Ransomware Encryption 133

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Matters

APRIL 5, 2023

The updated 2023 Chambers Global Practice Guides for Data Protection & Privacy and Cybersecurity, edited by Alan Charles Raul , are available now, covering important developments across the globe and offering insightful legal commentary for businesses. The post Chambers 2023 Global Practice Guides for Data Protection & Privacy and Cybersecurity Available appeared first on Data Matters Privacy Blog.

Privacy 103

Privacy Cybersecurity 103

Data Breach Today

APRIL 5, 2023

19-Year-Old José Huerta Allegedly Hacked A Government File Transfer System Spanish National Police arrested Friday a teenager hacker who allegedly stole the sensitive data of more than half a million taxpayers from the national revenue service and boasted in an online podcast about having access to personal data of 90 percent of the population.

Personal data 264

Personal data Government Access 264

Information Governance Perspectives

APRIL 6, 2023

I am Ashkenazi and German by birth, but as a baby, I was adopted by a hot-blooded Sephardic family that migrated to the United States from the Isle of Rhodes. They were eccentric and whimsical, and growing up with them was mostly wonderful. Culturally, the Sephardim are a distinct ethnic group that many around the world are unfamiliar with. Their native language, a blend of Hebrew, Turkish, and Spanish called Ladino , is beautiful and romantic.

Archiving 105

Archiving IT 105

OpenText Information Management

APRIL 4, 2023

Legal teams are looking for ways to improve their prospects and transform their litigation support practices. To understand how pre-existing trends and the pandemic have affected how in-house legal professionals approach eDiscovery, OpenText engaged Ari Kaplan Advisors to anonymously survey corporate legal leaders online and through interviews about their immediate challenges, long-term opportunities and impressions … The post <strong>The Great eDiscovery Reset</strong> ap

Compliance 105

Compliance 105

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Hunton Privacy

APRIL 4, 2023

On April 4, 2023, the data protection regulator of the UK, the Information Commissioner’s Office (ICO), issued a fine of a £12.7 million to TikTok Information Technologies UK Limited and TikTok Inc (together, “TikTok”) for a number of breaches of UK data protection law, including failing to use children’s personal data lawfully. In summary, the ICO found that TikTok breached the UK GDPR between May 2018 and July 2020 by: providing its services (i.e., an information society service) to UK childr

Personal data 105

Personal data GDPR IT Information Security 105

Data Breach Today

APRIL 6, 2023

Russian Group Targets Patient Care and Evolves Its Tactics, HHS HC3 Report Warns Most of the healthcare organizations hit by distributed denial-of-service attacks by pro-Russia hacktivists in January have one or more level 1 trauma centers, indicating that the attackers aimed to disrupt care for the most critically ill and injured patients, according to a new government report.

Government 246

Government IT 246

Dark Reading

APRIL 6, 2023

A flaw in Twitter code allows bot abuse to trick the algorithm into suppressing certain accounts.

142

142

eSecurity Planet

APRIL 7, 2023

A DMZ network, or a demilitarized zone, is a subnetwork in an enterprise networking environment that contains public-facing resources — such as web servers for company websites — in order to isolate them from an enterprise’s private local area network (LAN). Also referred to as a perimeter network or screened subnet, a DMZ network acts as an additional layer of network security, isolating itself and its contents from the parts of the enterprise network where more sensitive and private resources

Cloud 102

Cloud Access IoT Security 102

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

KnowBe4

APRIL 3, 2023

The Cyber Police of Ukraine have arrested twelve alleged members of an organized cybercrime group that’s stolen approximately $4.3 million from users across Europe, the Hacker News reports.

108

108

Data Breach Today

APRIL 5, 2023

International Operation Led by FBI Results in Hundreds of Arrests The FBI and other national police are touting an operation that dismantled Genesis Market, a marketplace used by ransomware hackers and bank thieves to gain ongoing access to victims' computers. Genesis Market since 2018 offered access to more than 1.5 million compromised computers around the world.

Marketing 241

Marketing Ransomware Access 241

Dark Reading

APRIL 5, 2023

CISA is advising Nexx customers to unplug impacted devices until the security issues are addressed — but so far, it's crickets as to patch timeline.

Security 111

Security IT 111