Education, Information Security and Retail - Information Management Today

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches

Data breaches Retail Education Ransomware

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . Researchers found active instances of Agent Tesla and developed a mechanism to enumerate the affected clients and extract compromised data.

Financial Services

Financial Services Retail Education Information Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is being used in attacks against organizations in the Middle East, Africa, and the U.S.

Retail

Retail Education Communications Government

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Do not store passwords, usernames, or other information for easy login on mobile device applications. Authenticate calls from third party authorized retailers requesting.

Passwords

Passwords Authentication Retail Education

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

Impacted customers include Sweden’s largest cinema chain Filmstaden (the attack disrupted its online ticket system) and the discount retail chain Rusta. Tietoevry notified law enforcement and impacted customers. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware

Ransomware Government Retail Cloud

Nodersok malware delivery campaign relies on advanced techniques

Security Affairs

SEPTEMBER 28, 2019

About 3% of the infected systems belong to organizations in different sectors, including education, professional services, healthcare, finance, and retail. Most of the victims are located in the United States and Europe, they are predominantly consumers.

e-Delivery

e-Delivery Retail Libraries Education

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

In March, the FBI issued an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. In March 2020, CERT France cyber-security agency warned about a new wave of ransomware attack that was targeting the networks of local government authorities.

Ransomware

Ransomware Encryption Government Retail

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

“Since the cyber attack on 23 December 2019, UM has been working hard: on the one hand, to repair the damage and, on the other hand, to make education and research p ossible again as soon as p ossible.” TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Ransomware

Ransomware Encryption Passwords Retail

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

According to the company, they have over 600,000 Cameras and 50,000 Recorders installed all over the world in multiple sectors such as Banking, Retail, Government, etc. ” reads the advisory published by Fortinet.

Authentication

Authentication Retail Education Marketing

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Do not store passwords, usernames, or other information for easy login on mobile device applications. Authenticate calls from third party authorized retailers requesting.

Passwords

Passwords Authentication Access Retail

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

Next, Retail and Health, as the most sectors affected in this season. You can Download [PDF] or [PNG] report from the original post at [link] About the author: Pedro Tavarez Pedro Tavares is a professional in the field of information security working as an Ethical Hacker, Malware Analyst and also a Security Evangelist.

Phishing

Phishing Data collection Retail Security awareness

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. Private Fund, ESG Investing, Retail Investors, Cybersecurity, Fintech, and Digital Assets. Transfer Agents.

Retail

Retail Compliance Sales Risk

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

According to research firm Statista, the global retail drone market is expected to reach $90 billion by 2030, with Defense, Enterprise, and Logistics being the primary industries driving growth. In China, the retail drone market reached $15 billion in 2021, with projections to exceed $22 billion by 2024. Market overview. Disclaimer.

Cybersecurity

Cybersecurity Computer and Electronics Authentication Marketing

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. “A similar campaign targeting Turkish educational and government institutions used email subjects pertaining to invoice information or personnel payroll, and Visual Basic for Applications (VBA).XLS ” continues the report.

e-Delivery

e-Delivery Insurance Retail Government

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505.

Retail

Retail Access Security Education

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Each of these regulations addresses different aspects of cybersecurity and data protection, making it essential for businesses and organizations to stay informed and proactive. Retail/E-commerce In the retail and e-commerce sectors, cybersecurity regulations focus on protecting customer payment information and personal data.

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

Become familiar with the standards that affect your industry, such as GDPR, CCPA, SOX, HIPAA, the Gramm-Leach-Bliley Act, Payment Card Industry Data Security Standard (PCI-DSS), Federal Information Security Management Act (FISMA) and Children’s Online Privacy Protection Rule (COPPA). Educate employees.

Encryption

Encryption Cloud Privacy GDPR

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Retail Italy Yes 436,932 Toner-dumping.de Source (New) Retail Germany Yes 334,000 Yakima Valley Radiology, PC Source 1 ; source 2 (New) Healthcare USA Yes 235,249 Consorzio Innovation Source (New) Professional services Italy Yes 225 GB Northeast Orthopaedics & Sports Medicine Source (New) Healthcare USA Yes 177,276 Strike.me

Data Privacy

Data Privacy Privacy Security Data breaches

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

This will typically cover public authorities such as government departments, schools and other educational institutions, hospitals and the police. Many retailers sell signs like this, leaving the purpose blank so that you can fill it in with the appropriate message.

GDPR

GDPR Privacy Personal data Retail

Neiman Marcus Agrees to Settlement in Data Breach Class Action

Hunton Privacy

MARCH 21, 2017

On March 17, 2017, retailer Neiman Marcus agreed to pay $1.6 The consumer plaintiffs sued Neiman Marcus in March 2014, alleging that the company failed to protect customers’ privacy and waited 28 days to inform affected customers of the breach.

Data breaches

Data breaches Retail Information Security Education

11 cyber security predictions for 2020

IT Governance

JANUARY 9, 2020

With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year. The retail and hospitality industries will continue to have their POS equipment targeted. Education is also becoming increasingly important when protecting organisations.

Security

Security IoT Phishing Ransomware

Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds

Hunton Privacy

APRIL 27, 2021

As reported on the Hunton Retail Law Blog , on April 26, 2021, the U.S. Notably, the plaintiffs did not claim they suffered fraud or identity theft because of the inadvertent disclosure, nor did they claim their information was shared with anyone outside of the company or that third parties otherwise had taken or misused it.

Data breaches

Data breaches Risk Retail Education

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

IT Governance

JANUARY 9, 2023

Other significant contributors to 2022’s total were the technology (115), education (95), professional services (63) and retail (62) sectors. Keeping your organisation secure. That includes supporting those seeking Cyber Essentials certification or implementing an ISMS (information security management system).

Data breaches

Data breaches Ransomware Government Passwords

E-learning: the effective way to train your team

IT Governance

JUNE 21, 2018

It is widely acknowledged that the retail and hospitality industries experience high staff turnover: frontline roles are often filled by temporary, young or part-time staff, the hours can be long and unsociable and the work can be physically demanding. Educating your staff can be complex to arrange, time consuming and costly.

Retail

Retail Education Compliance GDPR

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Cybersecurity

Cybersecurity Retail Compliance Marketing

The GDPR: A year in review

IT Governance

MAY 23, 2019

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. Our experts couldn’t agree on which sector had done the least to meet the GDPR’s requirements, with retail, education and the public sector among those named the worst. Compliance fatigue’.

GDPR

GDPR Data breaches Compliance Retail

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

FEBRUARY 20, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Retail

Retail Compliance Marketing Risk

Recent Data Breach Events in China

Hunton Privacy

DECEMBER 31, 2013

Zhabei District police investigated online message platforms, and targeted an education information consulting company as the source of the spam messages. Further investigation showed that this local resident had obtained the information from a man who was responsible for maintaining a national examination application website.

Data breaches

Data breaches Retail Education Sales

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Hunton Privacy

MAY 26, 2010

To help ensure compliance with applicable privacy and information security laws, businesses should destroy or erase any hard drives in digital copiers before selling or discarding those machines, and should contractually require that the hard drives of leased digital copiers be erased at the termination of the lease.

Privacy

Privacy Risk Manufacturing Retail

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. Its features include: Compliance education & management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. See our in-depth look at RSA Archer.

Compliance

Compliance Risk Government Retail

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. With that out of the way, it’s time to move on to May 2023.

Data breaches

Data breaches Insurance Personal data Ransomware

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. Also, their policies must be tailored to their specific industry requirements and business size.

Compliance

Compliance Archiving Digital transformation Records Management

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. Its features include: Compliance education & management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. See our in-depth look at RSA Archer.

Compliance

Compliance Risk Government Retail

FTC Hosts Workshop on Informational Injury

Hunton Privacy

DECEMBER 15, 2017

Panelists were presented with two consumer harm and injury hypotheticals (one in a privacy context, based on retail tracking and marketing, and one in a security context, based on unauthorized access to company consumer data) and asked to assess at which stage of the hypothetical they believed consumer injury was taking place.

Privacy

Privacy Risk Retail Insurance

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security. But these were far from the only notable cyber security headlines of the year. Source: Security Affairs.

Security

Security Data breaches Ransomware Military

FINRA Issues Its 2019 Risk Monitoring and Examination Priorities Letter

Data Matters

JANUARY 29, 2019

FINRA will continue to educate firms about the applicable requirements and evaluate firms for compliance. FINRA will also review for any changes in firms’ behavior that might be undertaken to avoid their markup and markdown disclosure obligations. Financial Risks. Credit Risk.

Risk

Risk IT Compliance Marketing

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Machine learning algorithms are already being used in transportation to ease road congestion, in healthcare to spot medical errors and improve patient care and in retail to improve the customer shopping experience. But how exactly will artificial intelligence help bridge the information security skills gap?

Security

Security Artificial Intelligence Computer and Electronics Libraries

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Machine learning algorithms are already being used in transportation to ease road congestion, in healthcare to spot medical errors and improve patient care and in retail to improve the customer shopping experience. But how exactly will artificial intelligence help bridge the information security skills gap?

Security

Security Artificial Intelligence Computer and Electronics Libraries

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

Machine learning algorithms are already being used in transportation to ease road congestion, in healthcare to spot medical errors and improve patient care and in retail to improve the customer shopping experience. But how exactly will artificial intelligence help bridge the information security skills gap?

Security

Security Artificial Intelligence Computer and Electronics Libraries

Episode 231: Solving the US’s Endemic Cybersecurity Worker Shortage

The Security Ledger

DECEMBER 10, 2021

Rodney Petersen, the director of the National Initiative for Cybersecurity Education (NICE) talks about the massive shortage of information security workers at the United States - estimated at more than 400,000 workers. Rodney talks about how NICE is working to promote information security skills and development.

Cybersecurity

Cybersecurity Education Agriculture Information Security

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector.

Ransomware

Ransomware Phishing Sales Manufacturing

Volvo retailer leaks sensitive files

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Webinars

Trending Sources

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Webinars

New Agent Raccoon malware targets the Middle East, Africa and the US

Steelcase office furniture giant hit by Ryuk ransomware attack

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Nodersok malware delivery campaign relies on advanced techniques

PYSA ransomware gang is the most active group in November

Maastricht University finally paid a 30 bitcoin ransom to crooks

Fortinet warns of a spike in attacks against TBK DVR devices

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Threat Report Portugal: Q3 & Q4 2022

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Attack of drones: airborne cybersecurity nightmare

TA505 group updates tactics and expands the list of targets

New Lobshot hVNC malware spreads via Google ads

2024 Cybersecurity Laws & Regulations

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Does your use of CCTV comply with the GDPR?

Neiman Marcus Agrees to Settlement in Data Breach Class Action

11 cyber security predictions for 2020

Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

E-learning: the effective way to train your team

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

The GDPR: A year in review

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Recent Data Breach Events in China

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Top GRC Tools & Software for 2021

List of Data Breaches and Cyber Attacks in 2023

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Top 10 Governance, Risk and Compliance (GRC) Vendors

FTC Hosts Workshop on Informational Injury

2022 Cyber Security Review of the Year

FINRA Issues Its 2019 Risk Monitoring and Examination Priorities Letter

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

Episode 231: Solving the US’s Endemic Cybersecurity Worker Shortage

Group-IB Hi-Tech Crime Trends 2020/2021 report

Stay Connected