Recent Security News

  • Converging State Privacy Laws and the Emerging AI Challenge

    February 28, 2024 at 10:05AM In 2023, 8 US states passed data privacy laws, with 4 more set to take effect in 2024, including Oregon, Montana, Texas, and Florida. While laws share similarities, they exhibit state-specific nuances, such as different thresholds and varied personal information definitions. Additionally, GenAI is attracting attention, prompting the need for…

    Read More

  • US Bans Trading With Canadian Network Intelligence Firm Sandvine

    February 28, 2024 at 09:51AM Canadian network intelligence firm Sandvine has been added to the US government’s Entity List, preventing organizations from trading with it. The company’s technology has been used for mass surveillance and censorship by the Egyptian government. This decision by the US Department of Commerce restricts trade with Sandvine in various countries,…

    Read More

  • Savvy Seahorse gang uses DNS CNAME records to power investor scams

    February 28, 2024 at 09:39AM Savvy Seahorse uses CNAME DNS records to create a traffic distribution system for financial scam campaigns. Infoblox researchers uncovered this operation in August 2021, noting the use of chatbots to automate scamming and the abuse of DNS CNAME records to manage redirects and evade detection. The actor targets victims through…

    Read More

  • ‘Savvy Seahorse’ Hackers Debut Novel DNS CNAME Trick

    February 28, 2024 at 09:07AM A new threat actor executes an innovative investment scam through a sophisticated traffic distribution system (TDS), leveraging the DNS to sustain ever-changing malicious domains. The scam impersonates major brands, luring victims through multilingual Facebook ads. The TDS, supported by CNAME records, provides resilience and evasion against takedowns, posing a significant…

    Read More

  • Hackers Steal Personal Information From Pharma Giant Cencora

    February 28, 2024 at 08:51AM Cencora, a global pharmaceutical solutions provider, disclosed a cyberattack resulting in stolen personal information. The breach, identified on February 21, is being investigated with the assistance of law enforcement and cybersecurity experts. Cencora stated the incident has not materially impacted its operations. The company’s size and revenue make it an…

    Read More