#DataSecurity

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT

by

March 19, 2024 at 02:15AM A new phishing campaign dubbed Operation PhantomBlu is using a sophisticated technique to deploy NetSupport RAT, targeting U.S. organizations with salary-themed phishing emails and exploiting Microsoft Office document templates. Additionally, threat actors are increasingly abusing public cloud services and data-hosting platforms to generate undetectable phishing URLs, sold on underground platforms. … Read more

South African Government Pension Data Leak Fears Spark Probe

by

March 18, 2024 at 03:09AM LockBit ransomware gang asserts that the 668GB of data they leaked online was taken from South Africa’s pension agency. The meeting notes state that the LockBit ransomware gang has claimed that 668GB of data was dumped online and that it was stolen from South Africa’s pension agency. Full Article

Record breach of French government exposes up to 43 million people’s data

by

March 14, 2024 at 12:11PM France Travail, a French government department, reported a massive data breach compromising personal information of up to 43 million citizens. The stolen data includes names, social security numbers, and contact details, posing a risk of identity theft. An investigation is underway, and citizens are advised to remain vigilant against potential … Read more

Microsoft Copilot for Security Official Launch Date Announced

by

March 14, 2024 at 09:15AM Microsoft’s Copilot for Security, using generative AI, will be available globally starting April 1, 2024, following an invite-only program. It enhances security professionals’ capabilities by assisting in incident response, threat hunting, posture management, and intelligence collection using natural language interaction. The solution is based on OpenAI architecture with access to … Read more

Bill That Could Ban TikTok Passed in the House. Here’s What to Know

by

March 14, 2024 at 07:57AM Lawmakers in Washington have passed a bill posing a potential nationwide ban on TikTok, unless its China-based owner ByteDance sells its stakes within six months. Concerns include data privacy and national security, with the possibility of impacting content creators and small businesses. The bill awaits Senate approval, with potential legal … Read more

Nissan Data Breach Affects 100,000 Individuals

by

March 14, 2024 at 06:09AM Nissan Oceania has notified 100,000 people of a data breach caused by a ransomware attack in late 2023. The breach impacted Nissan Motor Corporation, Nissan Financial Services, and other affiliated brands’ customers, dealers, and employees. The stolen information includes government identification and personal details. Nissan is providing identity theft and … Read more

LockBit Ransomware Affiliate Sentenced to Prison in Canada

by

March 13, 2024 at 12:51PM Russian-Canadian national Mikhail Vasiliev, 34, sentenced to nearly four years in prison in Canada for his role in LockBit ransomware operation. He targeted at least three organizations in Canada, seeking ransom payments. The US is also pursuing charges against him. LockBit, operating under ransomware-as-a-service model, was a prolific operation until … Read more

Acer confirms Philippines employee data leaked on hacking forum

by

March 12, 2024 at 03:37PM Acer Philippines confirmed a data breach by a third-party vendor, leading to leaked employee data on a hacking forum. The company stated no direct breach of its systems and reassured no customer data was affected. Acer is working with cybersecurity experts and law enforcement in response to the incident. Multiple … Read more

Typosquatting Wave Shows No Signs of Abating

by

March 11, 2024 at 05:26PM The practice of typosquatting involves using look-alike websites and domain names to deceive users, often relying on human errors to capture victims. Attackers are continuously improving their tactics, making it difficult to detect these fraudulent domains and messages. Various industries have fallen victim to typosquatting, prompting experts to emphasize the … Read more

Data Leakage Prevention in the Age of Cloud Computing: A New Approach

by

March 11, 2024 at 08:21AM The traditional on-premises approach to data security is becoming obsolete as IT infrastructure moves to cloud-based solutions. A new guide by LayerX emphasizes the need for DLP solutions to focus on protecting corporate data in the browser. It outlines three data protection paths forward, with browser DLP being highlighted as … Read more