eSecurity Planet

JANUARY 8, 2024

Speed remains critical to security, but more importantly, patching teams need to make progress with patch and vulnerability management. Here’s a roundup of the week’s major vulnerabilities that security teams should mitigate or patch. No organization should remain vulnerable six months after vendors issue patches!

Encryption 109

Encryption Libraries Cybersecurity Communications 109

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. The total number of victims is now more than 5 million.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

CILIP

MAY 22, 2024

The election will give voters across the country the chance to have their say at the ballot box as they decide on a new government. Today's announcement is an opportunity for this skilled and trusted profession to show the next government how it could do even more for the public with the right support and investment.

Libraries 69

Libraries Education Government Security 69

CILIP

DECEMBER 11, 2023

Asked why he chose the Civil Service above other areas of librarianship, David says: “It is just so interesting… it puts you in the centre of constantly changing challenges while offering unparalleled opportunities to move between librarianship, records management, knowledge management, information governance throughout your career.”

Government 52

Government Libraries Computer and Electronics Information governance 52

Security Affairs

MARCH 31, 2024

ESET researchers reported that a Windows version of DinodasRAT was used in attacks against government entities in Guyana. In March 2024, Trend Micro researchers uncovered a sophisticated campaign conducted by a threat actor tracked as Earth Krahang while investigating the activity of China-linked APT Earth Lusca.

Libraries 141

Libraries Encryption Communications Government 141

Security Affairs

APRIL 21, 2024

Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote. Researchers from Kaspersky discovered the DuneQuixote campaign in February 2024, but they believe the activity may have been active since 2023. ” reads the analysis published by Kaspersky.

Libraries 119

Libraries Communications IT Government 119

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving 122

Archiving Military Communications Phishing 122

IT Governance

MAY 7, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 6 million accounts compromised from streaming service MovieBoxPro MovieBoxPro, a streaming service of “questionable legality”, suffered a data scraping incident on 15 April 2024, according to Have I Been Pwned. Data breached: 395 GB.

Data breaches 59

Data breaches Education Manufacturing Retail 59

eSecurity Planet

JANUARY 5, 2023

“In 2022, governments fought wars online, businesses were affected by multiple ransomware gangs, and regular users’ data was constantly on hackers’ radars,” said NordVPN CTO Marijus Briedis. Also read: SANS Outlines Critical Infrastructure Security Steps as Russia, U.S.

Security 145

Security Ransomware Cybersecurity Privacy 145

eSecurity Planet

DECEMBER 19, 2023

We each need to consider how these trends may affect our organizations and allocate our budgets and resources accordingly: AI will turbo-charge cybersecurity and cyberthreats: Artificial intelligence (AI) will boost both attackers and defenders while causing governance issues and learning pains.

Cybersecurity 140

Cybersecurity Cloud Ransomware Risk 140

IBM Big Data Hub

MAY 17, 2024

Concerns around security, governance and lack of resources and expertise also top the list of respondents’ concerns. They help an organization assess how effectively it is using cloud services and resources and how cloud services and security can be improved. Why move to cloud?

Cloud 98

Cloud Digital transformation Security IT 98

IT Governance

APRIL 22, 2024

million records from World-Check, a screening database used to screen potential customers for links to illegal activity and government sanctions. Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

eSecurity Planet

MAY 30, 2024

2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. million for the first three quarters of FY 2024. Ascension might try to blame financial troubles for lack of preparation. Ascension lost $2.66

Cybersecurity 122

Cybersecurity Ransomware Data breaches Risk 122

The Last Watchdog

MARCH 7, 2024

7, 2024 — Badge Inc. , We are thrilled to be working with Badge, enabling a best-in-class authentication solution that builds on top of our market-leading identity data management and identity analytics capabilities to provide greater privacy and security to our customers,” said Wade Ellery , Field CTO, Radiant Logic.

Authentication 130

Authentication Privacy Analytics Digital transformation 130

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Password manager : Stores passwords securely, enforces quality, permits safe internal and external sharing, and ties into HR software for effective off-boarding of users.

Cybersecurity 121

Cybersecurity Ransomware Passwords Cloud 121

ForAllSecure

MAY 17, 2023

A lot of SMBs do not have security operations centers or SOCs. They have IT contractors who can provision laptops and maintain a certain level of compliance and security. They can provide that additional security, remotely. They have those security capabilities. In a way and then you consume the outcomes.

Insurance 40

Insurance Privacy Ransomware GDPR 40

IT Governance

JANUARY 3, 2024

billion records The security researcher Jeremiah Fowler discovered an unprotected database exposing more than 1.5 Fowler contacted the company, which secured the database. The security researcher Bob Diachenko identified the leak in September and contacted TuneFab, which fixed the misconfiguration within 24 hours.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

Thales Cloud Protection & Licensing

FEBRUARY 28, 2024

How better key management can close cloud security gaps troubling US government madhav Thu, 02/29/2024 - 05:38 In my first blog on this topic I noted a Treasury Department report released last year listed six cloud security challenges financial sector firms face. This hack included US Government networks.

Cloud 77

Cloud Government Encryption Security 77

eSecurity Planet

MARCH 4, 2024

February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. The fix: Apply Windows patches ASAP.

IoT 117

IoT Ransomware Access Cybersecurity 117

IT Governance

DECEMBER 19, 2023

An investigation determined that personal data, including names, addresses, phone numbers, Social Security numbers, dates of birth and bank account numbers, belonging to nearly 15 million people was obtained by an unauthorised party between 30 October and 1 November. Data breached: personal data belonging to 14,690,284 individuals.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52