Data Breach Today
MARCH 19, 2024
Dataset Leaked for Free; ShinyHunters Cybercrime Gang First Advertised It in 2021 Data breach blast from the past: Data pertaining to 70 million individuals that the ShinyHunters gang claimed were AT&T customers has been leaked via a hacking forum, three years after criminals first offered it for sale. AT&T said the information didn't appear to have been stolen from its systems.
Data Matters
MARCH 21, 2024
On March 13, 2024, the European Parliament formally adopted the EU Artificial Intelligence Act (“ AI Act ”) with a large majority of 523-46 votes in favor of the legislation. The AI Act is the world’s first horizontal and standalone law governing AI, and a landmark piece of legislation for the EU. The post EU Formally Adopts World’s First AI Law appeared first on Data Matters Privacy Blog.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Jamf
MARCH 20, 2024
Securing your organization is a difficult task. Choosing the right software solutions can help. Learn how a unified security platform makes security easier.
Security Affairs
MARCH 17, 2024
Researchers at vx-underground first noticed that more than 70,000,000 records from AT&T were leaked on the Breached hacking forum. More than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached, vx-underground researchers reported. Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
WIRED Threat Level
MARCH 21, 2024
The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 20, 2024
As Nation-State Group Hacks Big Targets, Trellix's John Fokker Details Defenses Major technology vendors keep being hacked by the nation-state hacking group Midnight Blizzard. Essential defenses to combat such attacks begin with implementing log monitoring across multiple platforms to find red flags, said John Fokker, head of threat intelligence at Trellix.
Security Affairs
MARCH 16, 2024
North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million. North Korea-linked Lazarus APT group allegedly has reportedly resumed using the mixer platform Tornado Cash to launder $23 million. Blockchain cybersecurity firm Elliptic linked the theft of $112.5 million from exchange HTX , which took place in November 2023, to the North Korea’s group.
WIRED Threat Level
MARCH 20, 2024
Cookie pop-ups now show the number of “partners” that websites may share data with. Here's how many of these third-party companies may get your data from some of the most popular sites online.
Krebs on Security
MARCH 20, 2024
It’s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Data Breach Today
MARCH 22, 2024
Latest APT29 Campaign Uses a Previously Unseen Malware Backdoor A Russian hacking group is targeting German political parties as part of a Moscow-backed espionage campaign. The latest APT29 campaign marks the first time the group has been seen targeting political organizations, according to researchers at Mandiant.
Security Affairs
MARCH 22, 2024
Pwn2Own Vancouver 2024 hacking competition has ended, and participants earned $1,132,500 for demonstrating 29 unique zero-days. Trend Micro’s Zero Day Initiative (ZDI) announced that participants earned $1,132,500 on the Pwn2Own Vancouver 2024 hacking competition for demonstrating 29 unique zero-days. On day one , the Team Synacktiv successfully demonstrated exploits against a Tesla car.
WIRED Threat Level
MARCH 16, 2024
Plus: The operator of a dark-web cryptocurrency “mixing” service is found guilty, and a US senator reveals that popular safes contain secret backdoors.
Troy Hunt
MARCH 18, 2024
I hate having to use that word - "alleged" - because it's so inconclusive and I know it will leave people with many unanswered questions. But sometimes, "alleged" is just where we need to begin and over the course of time, proper attribution is made and the dots are joined. We're here at "alleged" for two very simple reasons: one is that AT&T is saying "the data didn't come from us", and the other is that I have no way of proving otherwise.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
MARCH 20, 2024
Treasury Department Sanctions Heads of Russian 'Influence-for-Hire' Firms The U.S. Department of the Treasury sanctioned the heads of Russian-based companies for spearheading disinformation campaigns that impersonated legitimate media outlets and government organizations across the globe. The firms coordinated an information manipulation campaign targeting Latin America.
Security Affairs
MARCH 18, 2024
Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE-2024-25153 (CVSS score 9.8) impacting its FileCatalyst file transfer solution. A remote, unauthenticated attacker can exploit their vulnerability to execute arbitrary code on impacted servers. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be
WIRED Threat Level
MARCH 20, 2024
Anonymous, candid reviews made Glassdoor a powerful place to research potential employers. A policy shift requiring users to privately verify their real names is raising privacy concerns.
OpenText Information Management
MARCH 18, 2024
AI changes everything—every role, every organization, and every industry. Those who make the most of it will be poised to lead their industries. Are you ready to put this game-changing technology to work for you? Join us at OpenText™ World Europe 2024 to learn how you can reimagine work with AI. Our complimentary event will be held in three locations: London (Queen Elizabeth II Centre, April 15), Munich (MOC—Event Center Messe München, April 16 & 17), and Paris (Maison de la Chimie, April 18
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
MARCH 22, 2024
Also, Senate Bill Proposes Payment Relief for Firms Meeting Cyber 'Standards' A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
Security Affairs
MARCH 17, 2024
Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. G-Data researchers found at least 13 such Github repositories hosting cracked software designed to deliver the RisePro info-stealer. The experts noticed that this campaign was named “gitgub” by its operators. The researchers started the investigation following Arstechnica’s story about malicious Github repositories.
WIRED Threat Level
MARCH 21, 2024
Privacy and security are an Apple selling point. But the DOJ's new antitrust lawsuit argues that Apple selectively embraces privacy and security features in ways that hurt competition—and users.
Schneier on Security
MARCH 22, 2024
BleepingComputer has the details. It’s $2M less than in 2022, but it’s still a lot. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million. For Android, the world’s most popular and widely used mobile operating system, the program awarded over $3.4 million.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Data Breach Today
MARCH 20, 2024
HHS: Bot-Driven Attacks Can Overwhelm Email Servers, Networks and Disrupt Workflow Federal authorities are warning healthcare and public health sector entities of email bomb attacks, a type of denial-of-service attack that can overwhelm email systems and networks and distract victims from other nefarious activities. The incidents can also disrupt clinical and business workflow.
Security Affairs
MARCH 21, 2024
Researchers released a PoC exploit for a critical flaw in Fortinet’s FortiClient Enterprise Management Server (EMS) software, which is actively exploited. Security researchers at Horizon3 have released a proof-of-concept (PoC) exploit for a critical vulnerability, tracked as CVE-2023-48788 (CVSS score 9.3), in Fortinet’s FortiClient Enterprise Management Server (EMS) software.
KnowBe4
MARCH 21, 2024
The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion.
Schneier on Security
MARCH 20, 2024
The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can’t identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as leaf-shaped magnets, Bramwell-Stewart said. The Port Authority says officers in 2023 roughly doubled the number of summonses issued for obstructed, missing or fictitious license plates compared wit
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
MARCH 21, 2024
Experts Say Water Sector Lacks Technical Resources to Comply With Federal Requests The White House convened state environmental, health and homeland security agencies Thursday as experts told ISMG water utilities across the country - particularly those in small, under-resourced communities - lack the funding and technical skills to implement federal cybersecurity recommendations.
Security Affairs
MARCH 16, 2024
Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach. The press release published by the agency states that its information systems are not impacted.
KnowBe4
MARCH 18, 2024
A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper response actions.
Expert insights. Personalized for you.
312 
Let's personalize your content