April 18, 2024 at 01:35PM The US House of Representatives passed the Fourth Amendment Is Not For Sale Act (H.R.4639) to restrict the government’s ability to procure data on citizens through data brokers. The bill seeks to ban the government from purchasing data on Americans from data brokers, drawing divided opinions. Additionally, other surveillance-related bills … Read more
April 15, 2024 at 03:30PM Cisco warned that a cyberattack on an unnamed telephony supplier compromised Duo MFA SMS message logs, potentially exposing phone numbers, carriers, and metadata. The breach could facilitate phishing and social engineering attacks. The attacker used an employee’s credentials obtained through a phishing attack to access the provider’s systems. Stolen logs … Read more
April 15, 2024 at 10:58AM Hackers breached a telephony provider used by Cisco Duo, potentially compromising SMS and VoIP MFA logs. No message contents were accessed, but data like phone numbers and location could be used for phishing. The breach was identified, and security measures have been taken. Customers are urged to be vigilant against … Read more
April 15, 2024 at 04:06AM Webinar featuring Andy Grayland, CISO at Silobreaker, will address the rising third-party risk in busy supply chains. It focuses on the importance of protecting against cyber threats posed by third-party partners and how to use threat intelligence to identify and mitigate risks. The webinar will be held on 18 April. … Read more
April 12, 2024 at 09:48PM House Republicans are set to make a second attempt at advancing a bill for reauthorizing a national security surveillance program, now proposing a shorter two-year extension in hopes of winning over GOP critics. Speaker Mike Johnson aims to find a compromise amidst growing skepticism, with some Republicans expressing support for … Read more
April 12, 2024 at 08:41AM Security startup Knostic emerged from stealth with $3.3 million pre-seed funding to address AI adoption challenges. Co-founder Gadi Evron emphasizes the need for personalized “need to know” access controls for large language models. Knostic’s approach enables tailored information access based on the user’s role, enhancing data privacy and AI adoption. … Read more
April 11, 2024 at 11:04AM Hospitals use tracking technologies on their websites to share user information with Google, Meta, and other third parties. Researchers found 96% of hospital websites transmit user data to third parties, with many lacking privacy policies. This breach of privacy poses risks for visitors and hospitals. Researchers recommend using browser-based tools … Read more
April 11, 2024 at 08:25AM DuckDuckGo launched ‘Privacy Pro’, a new 3-in-1 subscription service including a VPN, personal data removal, and identity theft restoration. The company, known for its privacy focus, promises a strict no-logs policy for the VPN and provides services to minimize identity theft risks. However, the subscription is on the pricier side … Read more
April 10, 2024 at 12:12PM AT&T has informed the Maine attorney general that a data breach has impacted over 51 million individuals, less than the initial 73 million reported. The leaked data includes personal information such as names, addresses, social security numbers, and more, with affected customers offered one year of free credit monitoring and … Read more
April 10, 2024 at 10:34AM An Android malware campaign named eXotic Visit is targeting users in South Asia, particularly in India and Pakistan, through fake apps distributed on dedicated websites and Google Play Store. The campaign uses the XploitSPY RAT to gather sensitive data, and its purpose is espionage targeting victims in the region. The … Read more