Information Management Today

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. national security secrets. national interests.

Security

Security Risk Military Government

Italy announced its National Cybersecurity Strategy 2022/26

Security Affairs

MAY 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Preventing online disinformation in a broader context of the hybrid threat; Management of cyber crises; National and European strategic digital sector autonomy.

Cybersecurity

Cybersecurity IT Risk Government

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

DLA Piper Privacy Matters

AUGUST 8, 2023

Authors: Carolyn Bigg, Amanda Ge and Venus Cheung On July 24, 2023, the People’s Bank of China (“ PBOC ”) released the Measures for the Management of Data Security in the Business Areas Falling into PBOC’s Jurisdiction (Draft for Comment) (“ Draft Measures” ) for public consultation, which closes on August 24, 2023.

Financial Services

Financial Services Personal data Compliance Data collection

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

CHINA: Clarifications of data classification and grading requirements

DLA Piper Privacy Matters

OCTOBER 3, 2022

Under the Data Security Law, organisations are required to classify the data they process according to their level of significance. Where some types of data have multiple categories (e.g. particularly serious, serious and general harm), with reference to: Data domain, population, region, importance, security risks; and.

Data collection

Data collection Personal data Access Compliance

Is your organisation ready for the DSP Toolkit compliance deadline?

IT Governance

NOVEMBER 12, 2020

Each year, certain healthcare organisations must complete a self-assessment via the DSP (Data Security and Protection) Toolkit to demonstrate their data security and information governance compliance. The compliance requirements differ depending on which of four categories your organisation falls into.

Compliance

Compliance GDPR Information governance Personal data

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. SecurityAffairs – hacking, nation-state malware). Pierluigi Paganini.

Military

Military Government Communications Security

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Security Affairs

MAY 28, 2022

The experts were able to locate the C2 infrastructure used by the nation-state actors. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. defective88.maizuko.**

Phishing

Phishing Cybersecurity Security IT

How Machine Learning Can Accelerate and Improve the Accuracy of Sensitive Data Classification

Thales Cloud Protection & Licensing

DECEMBER 11, 2023

ML builds on different types of models for different purposes, for example categorization to determine a document category or Named Entity Recognition (NER) to identify sensitive data across diverse locations. Figure 2 shows the category distribution by business department for all documents in a selected data store.

Unstructured data

Unstructured data Cloud Data Privacy GDPR

Experts warn of ransomware attacks against government organizations of small states

Security Affairs

MAY 31, 2022

Small states are easy targets due to the low level of security of their critical infrastructure due to the low budget to protect them. Regardless, the global cybersecurity fraternity and policymakers must closely monitor ransomware gangs mobilizing their resources to strike at these nation’s foundations.” Pierluigi Paganini.

Ransomware

Ransomware Government Sales Cybersecurity

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Security Affairs

JUNE 28, 2022

The capability of Cyber Non-State Actors to influence state decision-making processes depends on their specific category. Cyberspace is a domain without borders, where businesses operate while nation-state actors conduct their activities. The role of CNSA is crucial, due to the growing importance of cyberspace to modern society.

Paper

Paper Military Government IT

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

The Last Watchdog

AUGUST 29, 2022

Password security may seem like a simple solution for a huge problem, but it may be difficult to successfully implement in practice. Without strong, secure passwords or two-factor authentication ( 2FA ) enabled in an organization or startup, it becomes easy for attackers to access stolen credentials on their web and email servers.

Passwords

Passwords Data breaches Authentication Cybersecurity

Data Privacy: Why It Matters To The Rest Of Us

Thales Cloud Protection & Licensing

JANUARY 21, 2024

Organizations such as the National Cybersecurity Alliance and the Council of Europe continue to work hard not only to raise awareness about data privacy, but to move legislators towards action to better protect how our data is collected, processed, and shared. All of this coincides with Data Privacy Week , which commences on January 21 st.

Data Privacy

Data Privacy Privacy IT Artificial Intelligence

CIPL Submits Response to China’s Personal Information Protection Law

Hunton Privacy

NOVEMBER 19, 2020

On November 18, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the Standing Committee of the National People’s Congress (“NPC”) of the People’s Republic of China on the Draft Personal Information Protection Law (“PIPL”).

GDPR

GDPR Privacy Risk Government

Life-threatening cyber attack inevitable

IT Governance

OCTOBER 22, 2018

Last week, the NCSC (National Cyber Security Centre) released its second annual review , in which it warned that a life-threatening cyber attack will hit the UK in the near future. What is a category 1 attack?

Government

Government IT Security Data breaches

RSAC insights: ‘SaaS security posture management’ — SSPM — has emerged as a networking must-have

The Last Watchdog

JUNE 2, 2022

Related: Managed security services catch on. Companies now reach for SaaS apps for clerical chores, conferencing, customer relationship management, human resources, salesforce automation, supply chain management, web content creation and much more, even security. Here are the key takeaways: Shrugging off security.

Security

Security Cloud Security awareness Cybersecurity

Security Affairs newsletter Round 367 by Pierluigi Paganini

Security Affairs

MAY 29, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

Security

Security Cybersecurity Ransomware Government

Arrest in ‘Ransom Your Employer’ Email Scheme

Krebs on Security

NOVEMBER 22, 2021

Image: Abnormal Security. The brazen approach targeting disgruntled employees was first spotted by threat intelligence firm Abnormal Security , which described what happened after they adopted a fake persona and responded to the proposal in the screenshot above. How much money are we talking about?

Ransomware

Ransomware Phishing Education Government

Pro-Russian hacker group KillNet plans to attack Italy on May 30

Security Affairs

MAY 29, 2022

” The Italian CSIRT has published an alert to warn of potential risk of cyber attacks against national bodies and organizations has been identified. Stay tuned … Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Cybersecurity

Cybersecurity Risk Security Government

Information Security vs Cyber Security: The Difference

IT Governance

SEPTEMBER 15, 2022

You’ll often see the terms cyber security and information security used interchangeably. In this blog, we explain what information security and cyber security are, the differences between them and how they fit into your data protection practices. What is information security? This is cyber security.

Information Security

Information Security Security Computer and Electronics Encryption

Security Affairs newsletter Round 369 by Pierluigi Paganini

Security Affairs

JUNE 12, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

Security

Security Ransomware Cybersecurity Encryption

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

“The market was organized into categories, such as “Exploit Code,” “Counterfeits,” “Drugs,” “Fraud & More, “Government Data,” and “Weapons.”” Postal Service, the National Oceanic and Atmospheric Administration, the Centers for Disease Control and Prevention, the National Aeronautics and Space Administration, and the U.S.

Marketing

Marketing Government IoT Sales

Apple Lockdown Mode will protect users against highly targeted cyberattacks

Security Affairs

JULY 9, 2022

Apple plans to introduce a security feature, called Lockdown Mode , to protect its users against “highly targeted cyberattacks.” Pegasus , DevilsTongue , and Hermit ) urged the tech giant to develop a new security feature, called Lockdown Mode, to protect its users against highly targeted cyberattacks.

MDM

MDM Security IT Information Security

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Security Affairs

MAY 23, 2022

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. org jadlactnato.webredirect[.]org. Pierluigi Paganini.

Government

Government Communications Cybersecurity Security

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

China has lacked a comprehensive data protection and data security law that regulates in detail requirements and procedures relating to the collection, processing, control and storage of personal data. Recently, another significant draft law on data security was issued by the Chinese legislative authority.

Security

Security Military Government Risk

ICYMI –December in privacy and cybersecurity

Data Protection Report

JANUARY 4, 2024

Does the national defense bill (National Defense Authorization Act for Fiscal Year 2024, signed on December 22, 2023) require the Department of Defense to develop a “bug bounty” program for certain large artificial intelligence models being integrated into the missions and operations of the Department of Defense? Answers are below.

Privacy

Privacy Cybersecurity Artificial Intelligence e-Discovery

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

MAY 25, 2022

The persistence of national law enforcement agencies, private sector partners and the INTERPOL teams all contributed to this result, analysing vast quantities of data and providing technical and live operational support,” Mr Pillot added. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cybersecurity

Cybersecurity Phishing Security Government

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Security Affairs

JUNE 6, 2022

A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in Europe and the U.S. An alleged nation-state actor is attempting to exploit the recently disclosed Microsoft Office Follina vulnerability in attacks aimed at government entities in Europe and the U.S.

Phishing

Phishing Archiving Cybersecurity Government

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Security Affairs

JUNE 13, 2022

Nation-state actors are targeting media organizations in Ukraine, including radio stations, and newspapers. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Government

Government Cybersecurity Security IT

Understanding China’s Data Regulatory Regime: What Are Important Data? And Can They Be Transferred Outside Of China?

Data Matters

APRIL 11, 2022

The Cyber Security Law (2017) (the CSL ) prohibits operators of critical information infrastructures ( CIIs ) from transferring their “important data” and personal information outside of China. Network Data Security Regulation. The concept of “important data” is a cornerstone of China’s data regulatory regime.

Military

Military Artificial Intelligence Security Financial Services

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

As an example of compromised accounts, Resecurity outlined exposed access credentials belonging to a major data center and one of the largest vendors providing international-scale network telephony connectivity to governmental and national telecom providers in Africa.

Passwords

Passwords Cybersecurity Cloud Access

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Security Affairs

MAY 30, 2022

The operation Killer Bee involved INTERPOL’s General Secretariat headquarters and National Central Bureaus (NCBs) and law enforcement agencies from 11 countries across Southeast Asia. . Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Cybersecurity

Cybersecurity Security Access IT

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Hunton Privacy

OCTOBER 25, 2022

million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020. On October 24, 2022, the UK Information Commissioner’s Office (“ICO”) issued a £4.4

Security

Security Personal data GDPR Insurance

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

This activity was uncovered by Microsoft’s Threat Intelligence Center (MSTIC), which tracks the world’s nation-state and cybercrime actors so we can better protect our customers. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Phishing

Phishing Manufacturing Education Cybersecurity

China Releases Draft Regulations on Network Data Security Management

Hunton Privacy

JANUARY 26, 2022

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released for public comment its draft Regulations on Network Data Security Management (the “Draft Regulations”). The Draft Regulations also will require the data handler to report a data breach to the Public Security Bureau if the breach involves a suspected crime.

Security

Security Data breaches Personal data Cybersecurity

China Issues the Second Version of the Draft of Data Security Law

Hunton Privacy

MAY 3, 2021

On April 29, 2021, China issued a second draft version of the Data Security Law (“Draft DSL”). Data Protection Policy Based On Hierarchical Classification and Category. The Draft DSL will be open for public comments until May 28, 2021. Article 44 significantly increases the strength of penalties.

Security

Security Cybersecurity Data collection Government

Digitizing Records: Understanding Metadata Requirements

National Archives Records Express

JUNE 12, 2023

All of the posts have been collected under the 36 CFR Section 1236 category. S49-07-001 – STS-049 – In cabin view of crewmember at the forward flight deck with laptop terminal National Archives Identifier: 22702275 In this blog post, we will explore the key aspects of metadata requirements and their significance in recordkeeping.

Metadata

Metadata Digital transformation File names Archiving

These Are the Countries With the Best and Worst Cybersecurity

Security Affairs

FEBRUARY 19, 2019

The study found significant differences in how well nations are protecting themselves. The researchers also looked at existing and drafted legislation related to privacy, content, national strategy, critical infrastructure, commerce, crime and military. The Least Secure Countries. Algeria was the overall worst-ranked nation.

Cybersecurity

Cybersecurity IoT Military Security

The Myth of Consumer-Grade Security

Schneier on Security

AUGUST 28, 2019

Yet that's not possible, because there is no longer any difference between those categories of devices. They affect national security. Barr repeated a common fallacy about a difference between military-grade encryption and consumer encryption: "After all, we are not talking about protecting the nation's nuclear launch codes.

Military

Military Computer and Electronics Encryption Security

New Cybersecurity Directives (NIS2 and CER) Enter into Force

Hunton Privacy

JANUARY 18, 2023

In addition, the concept of “digital service provider” that was included in the original NIS Directive has been removed from the NIS2 Directive, in favor of the concept of “important entities,” which will likely include those organizations considered “digital service providers” under the original NIS Directive and additional categories.

Cybersecurity

Cybersecurity Healthcare Encryption Risk

Hurricane Hilary Heading Toward Southern California

National Archives Records Express

AUGUST 18, 2023

Hurricane Hilary has rapidly intensified into a Category 4 storm and is headed toward Southern California and the Southwestern United States. Hilary is expected to produce rainfall amounts of 3 to 6 inches, with isolated maximum amounts up to 10 inches, across portions of the Baja California Peninsula through Sunday night.

Records Management

Records Management Information Security Government Security

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. In 2016, researchers from the non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried out by the Stealth Falcon.

Libraries

Libraries Encryption Security IT

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The only data processing activities exempt from the GDPR are national security or law enforcement activities and purely personal uses of data. The organization takes extra precautions when processing children’s data or special category data. Schools, hospitals and government agencies all fall under GDPR authority.

GDPR

GDPR Compliance Personal data Privacy

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

IT Governance

JANUARY 9, 2023

Welcome to our review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly lists of data breaches and cyber attacks. IT Governance discovered 1,063 security incidents in 2022, which accounted for 480,014,323 breached records. decrease in security incidents compared to 2021 (1,243).

Data breaches

Data breaches Ransomware Government Passwords

CHINA: new Anti-Espionage Law and its impact on your China data and operations – how your organisation should respond

DLA Piper Privacy Matters

MAY 16, 2023

Additionally, organisations which have contact with national security authorities should ensure all communications and interactions are kept confidential within the organisation. This said, the focus appears to be on activities that may, in any way, impact national security and public interests of China.

IT

IT Compliance Communications Risk

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

Italy announced its National Cybersecurity Strategy 2022/26

Webinars

Trending Sources

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

Webinars

CHINA: Clarifications of data classification and grading requirements

Is your organisation ready for the DSP Toolkit compliance deadline?

Nation-state malware could become a commodity on dark web soon, Interpol warns

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

How Machine Learning Can Accelerate and Improve the Accuracy of Sensitive Data Classification

Experts warn of ransomware attacks against government organizations of small states

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

Data Privacy: Why It Matters To The Rest Of Us

CIPL Submits Response to China’s Personal Information Protection Law

Life-threatening cyber attack inevitable

RSAC insights: ‘SaaS security posture management’ — SSPM — has emerged as a networking must-have

Security Affairs newsletter Round 367 by Pierluigi Paganini

Arrest in ‘Ransom Your Employer’ Email Scheme

Pro-Russian hacker group KillNet plans to attack Italy on May 30

Information Security vs Cyber Security: The Difference

Security Affairs newsletter Round 369 by Pierluigi Paganini

British hacker arraigned for running The Real Deal dark web marketplace

Apple Lockdown Mode will protect users against highly targeted cyberattacks

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

China Issues Draft Data Security Law

ICYMI –December in privacy and cybersecurity

Internationa police operation led to the arrest of the SilverTerrier gang leader

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Understanding China’s Data Regulatory Regime: What Are Important Data? And Can They Be Transferred Outside Of China?

Hundreds of network operators’ credentials found circulating in Dark Web

Three Nigerian men arrested in INTERPOL Operation Killer Bee

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Microsoft seized 41 domains used by Iran-linked Bohrium APT

China Releases Draft Regulations on Network Data Security Management

China Issues the Second Version of the Draft of Data Security Law

Digitizing Records: Understanding Metadata Requirements

These Are the Countries With the Best and Worst Cybersecurity

The Myth of Consumer-Grade Security

New Cybersecurity Directives (NIS2 and CER) Enter into Force

Hurricane Hilary Heading Toward Southern California

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

GDPR compliance checklist

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

CHINA: new Anti-Espionage Law and its impact on your China data and operations – how your organisation should respond

Stay Connected