Data Breach Today
MARCH 19, 2024
Dataset Leaked for Free; ShinyHunters Cybercrime Gang First Advertised It in 2021 Data breach blast from the past: Data pertaining to 70 million individuals that the ShinyHunters gang claimed were AT&T customers has been leaked via a hacking forum, three years after criminals first offered it for sale. AT&T said the information didn't appear to have been stolen from its systems.
Data Matters
MARCH 21, 2024
On March 13, 2024, the European Parliament formally adopted the EU Artificial Intelligence Act (“ AI Act ”) with a large majority of 523-46 votes in favor of the legislation. The AI Act is the world’s first horizontal and standalone law governing AI, and a landmark piece of legislation for the EU. The post EU Formally Adopts World’s First AI Law appeared first on Data Matters Privacy Blog.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Jamf
MARCH 20, 2024
Securing your organization is a difficult task. Choosing the right software solutions can help. Learn how a unified security platform makes security easier.
Krebs on Security
MARCH 22, 2024
The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep , an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
MARCH 20, 2024
As Nation-State Group Hacks Big Targets, Trellix's John Fokker Details Defenses Major technology vendors keep being hacked by the nation-state hacking group Midnight Blizzard. Essential defenses to combat such attacks begin with implementing log monitoring across multiple platforms to find red flags, said John Fokker, head of threat intelligence at Trellix.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
MARCH 17, 2024
Researchers at vx-underground first noticed that more than 70,000,000 records from AT&T were leaked on the Breached hacking forum. More than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached, vx-underground researchers reported. Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached.
Troy Hunt
MARCH 18, 2024
I hate having to use that word - "alleged" - because it's so inconclusive and I know it will leave people with many unanswered questions. But sometimes, "alleged" is just where we need to begin and over the course of time, proper attribution is made and the dots are joined. We're here at "alleged" for two very simple reasons: one is that AT&T is saying "the data didn't come from us", and the other is that I have no way of proving otherwise.
Data Breach Today
MARCH 22, 2024
Latest APT29 Campaign Uses a Previously Unseen Malware Backdoor A Russian hacking group is targeting German political parties as part of a Moscow-backed espionage campaign. The latest APT29 campaign marks the first time the group has been seen targeting political organizations, according to researchers at Mandiant.
WIRED Threat Level
MARCH 20, 2024
Cookie pop-ups now show the number of “partners” that websites may share data with. Here's how many of these third-party companies may get your data from some of the most popular sites online.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
MARCH 22, 2024
Pwn2Own Vancouver 2024 hacking competition has ended, and participants earned $1,132,500 for demonstrating 29 unique zero-days. Trend Micro’s Zero Day Initiative (ZDI) announced that participants earned $1,132,500 on the Pwn2Own Vancouver 2024 hacking competition for demonstrating 29 unique zero-days. On day one , the Team Synacktiv successfully demonstrated exploits against a Tesla car.
OpenText Information Management
MARCH 18, 2024
AI changes everything—every role, every organization, and every industry. Those who make the most of it will be poised to lead their industries. Are you ready to put this game-changing technology to work for you? Join us at OpenText™ World Europe 2024 to learn how you can reimagine work with AI. Our complimentary event will be held in three locations: London (Queen Elizabeth II Centre, April 15), Munich (MOC—Event Center Messe München, April 16 & 17), and Paris (Maison de la Chimie, April 18
Data Breach Today
MARCH 20, 2024
Treasury Department Sanctions Heads of Russian 'Influence-for-Hire' Firms The U.S. Department of the Treasury sanctioned the heads of Russian-based companies for spearheading disinformation campaigns that impersonated legitimate media outlets and government organizations across the globe. The firms coordinated an information manipulation campaign targeting Latin America.
WIRED Threat Level
MARCH 16, 2024
Plus: The operator of a dark-web cryptocurrency “mixing” service is found guilty, and a US senator reveals that popular safes contain secret backdoors.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
MARCH 16, 2024
North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million. North Korea-linked Lazarus APT group allegedly has reportedly resumed using the mixer platform Tornado Cash to launder $23 million. Blockchain cybersecurity firm Elliptic linked the theft of $112.5 million from exchange HTX , which took place in November 2023, to the North Korea’s group.
KnowBe4
MARCH 21, 2024
The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion.
Data Breach Today
MARCH 22, 2024
Also, Senate Bill Proposes Payment Relief for Firms Meeting Cyber 'Standards' A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
WIRED Threat Level
MARCH 20, 2024
Anonymous, candid reviews made Glassdoor a powerful place to research potential employers. A policy shift requiring users to privately verify their real names is raising privacy concerns.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
MARCH 18, 2024
Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE-2024-25153 (CVSS score 9.8) impacting its FileCatalyst file transfer solution. A remote, unauthenticated attacker can exploit their vulnerability to execute arbitrary code on impacted servers. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be
KnowBe4
MARCH 18, 2024
A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper response actions.
Data Breach Today
MARCH 20, 2024
HHS: Bot-Driven Attacks Can Overwhelm Email Servers, Networks and Disrupt Workflow Federal authorities are warning healthcare and public health sector entities of email bomb attacks, a type of denial-of-service attack that can overwhelm email systems and networks and distract victims from other nefarious activities. The incidents can also disrupt clinical and business workflow.
WIRED Threat Level
MARCH 21, 2024
Privacy and security are an Apple selling point. But the DOJ's new antitrust lawsuit argues that Apple selectively embraces privacy and security features in ways that hurt competition—and users.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
MARCH 21, 2024
Researchers released a PoC exploit for a critical flaw in Fortinet’s FortiClient Enterprise Management Server (EMS) software, which is actively exploited. Security researchers at Horizon3 have released a proof-of-concept (PoC) exploit for a critical vulnerability, tracked as CVE-2023-48788 (CVSS score 9.3), in Fortinet’s FortiClient Enterprise Management Server (EMS) software.
KnowBe4
MARCH 21, 2024
Researchers at Fortinet are tracking a phishing campaign that’s distributing a new version of the VCURMS remote access Trojan (RAT).
Data Breach Today
MARCH 21, 2024
Experts Say Water Sector Lacks Technical Resources to Comply With Federal Requests The White House convened state environmental, health and homeland security agencies Thursday as experts told ISMG water utilities across the country - particularly those in small, under-resourced communities - lack the funding and technical skills to implement federal cybersecurity recommendations.
Schneier on Security
MARCH 20, 2024
The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can’t identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as leaf-shaped magnets, Bramwell-Stewart said. The Port Authority says officers in 2023 roughly doubled the number of summonses issued for obstructed, missing or fictitious license plates compared wit
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
MARCH 17, 2024
Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. G-Data researchers found at least 13 such Github repositories hosting cracked software designed to deliver the RisePro info-stealer. The experts noticed that this campaign was named “gitgub” by its operators. The researchers started the investigation following Arstechnica’s story about malicious Github repositories.
KnowBe4
MARCH 21, 2024
In an age when 70% - 90% of successful data breaches involve social engineering (which gets past all other defenses), sufficient training is needed to best reduce human-side cybersecurity risk. Everyone should be trained in how to recognize social engineering attempts, how to mitigate (i.e., delete, ignore, etc.) them, and how to appropriately report them if in a business scenario.
Data Breach Today
MARCH 18, 2024
AI-Led Disinformation Campaign, Deepfakes Biggest Threats, Experts Warn Nation-state-led disinformation campaigns intended at eroding public trust are the biggest threat to the upcoming U.K. election, experts told a parliamentary panel on Monday. Incidents of disinformation created with artificial intelligence have already appeared.
Expert insights. Personalized for you.
312 
Let's personalize your content