July 16, 2024 at 07:30AM The UK data rights campaign group, Open Rights Group (ORG), has filed a complaint with the data law regulator against Meta’s privacy policy change allowing user data scraping for AI models. The complaint, mirroring a similar EU protest, asserts privacy violations and urges the Information Commissioner’s Office (ICO) to thoroughly … Read more
July 15, 2024 at 01:39AM Cybersecurity researchers have uncovered a new version of the ransomware strain HardBit, featuring enhanced obfuscation and passphrase protection to hinder analysis efforts. The financially-motivated threat group, which operates without a data leak site, communicates via Tox messaging service and employs various tactics like credential theft and network discovery. Ransomware activity … Read more
July 12, 2024 at 10:33AM American automotive aftermarket parts provider Advance Auto Parts disclosed that personal information of over 2.3 million individuals was compromised in a recent data breach. The incident was part of the Snowflake campaign, with threat actors accessing accounts and attempting to extort victim organizations. Advance Auto Parts is providing affected individuals … Read more
July 12, 2024 at 06:37AM Passwords are vital in today’s digital world, holding the key to sensitive information. Compromised credentials are the top attack vector, leading to financial and reputational damage. A webinar titled “Compromised Credentials in 2024: What to Know About the World’s #1 Attack Vector” will address this issue, providing insights and proactive … Read more
July 11, 2024 at 04:53PM Signal is improving its desktop client’s security by changing how it stores plain text encryption keys for the data store. Previously, the keys were stored in a local file, posing a security risk. The company is now implementing Electron’s SafeStorage API to further secure the encryption keys, making it more … Read more
July 11, 2024 at 10:12AM UnitedHealth CEO Andrew Witty testified about the costly cyberattack on Change Healthcare before the Senate and House. He pledged to address security flaws and backed a centralized cyber-incident reporting system. The existing National Cyber Incident Response Plan, supported by the Biden administration, seeks to streamline reporting and improve coordination. This … Read more
July 11, 2024 at 09:23AM Ethan Steiger, CISO of Advance Auto Parts, disclosed that 2.3 million individuals were affected by a cyber breach. The criminals, under the alias Sp1d3r, attempted to sell the stolen data for $1.5 million, falsely claiming to have taken 380 million customer profiles. Snowflake has introduced new security measures, including multifactor … Read more
July 11, 2024 at 07:21AM Small to medium-sized organizations are increasingly at risk of cyber breaches and need robust privileged identity management. PAM solutions offer credential management, seamless integration, comprehensive protection, regulatory compliance, and insider threat mitigation. One Identity provides a PAM solution tailored to smaller organizations, offering session monitoring, quick implementation, and cost-efficiency, enabling … Read more
July 10, 2024 at 10:04AM AI-powered meeting assistants promise increased productivity by recording video, transcribing audio, and providing analytics. However, businesses must consider the privacy and security risks of allowing AI assistants to eavesdrop on conversations and collect sensitive data. Legal requirements for consent vary, and proactive steps are necessary to mitigate risks and maintain … Read more
July 9, 2024 at 03:35PM Fujitsu confirmed a data breach compromising individuals’ and customers’ business information, revealing that the attack involved sophisticated malware infecting 49 computers. This incident led to the potential exfiltration of personal and customer data, prompting Fujitsu to enhance security measures and monitor all business computers to prevent future breaches. Based on … Read more