2023, Analysis, Cybersecurity and Government - Information Management Today

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks City of Philadelphia discloses data breach after five months Date of breach: 24 May 2023 ( notice issued 20 October 2023).

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Date of breach: 26 October 2023 Breached organisation: Homeland, Inc., An investigation found that there was unauthorised access to its network between 18 and 23 May 2023.

Data Privacy

Data Privacy Privacy Data breaches Security

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

JUNE 21, 2022

” Also read: Cybersecurity Employment in 2022: Solving the Skills Gap. “Certifications range from penetration testers , government/industry regulatory compliance , ethical hacking , to industry knowledge,” he said. Also read: How to Get Started in a Cybersecurity Career. The Top Cybersecurity Certifications.

Cybersecurity

Cybersecurity Systems administration Information Security Compliance

The Week in Cyber Security and Data Privacy: 23–29 October 2023

IT Governance

OCTOBER 31, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks France says Russian state hackers breached numerous critical networks Date of breach: From second half of 2021 (reported 26 October 2023).

Data Privacy

Data Privacy Privacy Data breaches Security

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure.

Authentication

Authentication Military Communications Security

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. In November 2023, Northwell Health – the largest health system in New York – confirmed that it was affected by the incident.

Data Privacy

Data Privacy Manufacturing Privacy Security

Australian Privacy Regulator Sues in Data Breach Case

Hunton Privacy

NOVEMBER 15, 2023

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty ( i.e. , a fine) in connection with the company’s response to a data breach that occurred in February 2022.

Data breaches

Data breaches Privacy Risk Information Security

Privacy Act Review report

Data Protection Report

FEBRUARY 23, 2023

The Attorney General’s Department released its Privacy Act Review report on 16 February 2023, that includes the broad suite of reforms you would expect to bring Australia’s privacy laws in to line with both international standards and the reality of our data-based economy.

Privacy

Privacy Data collection Data breaches Government

Nmap Ultimate Guide: Pentest Product Review and Analysis

eSecurity Planet

JULY 19, 2023

Almost all cybersecurity professionals have familiarity with Nmap and most use it frequently — it is the hammer of the pentesting toolbox. We’ll provide an overview of the available features, which can be roughly categorized into Network Mapping, Network Packet Manipulation, Port Analysis, and Scripting. and detect port rules.

Communications

Communications Access Security Manufacturing

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Security

Security Artificial Intelligence Data breaches Ransomware

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting

Thales Cloud Protection & Licensing

JANUARY 24, 2024

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting madhav Thu, 01/25/2024 - 11:03 Contributors: Ollie Omotosho - Director, Strategir Partnerships, Thales Antti Ropponen, Head of Data & Application Security Services, IBM Consulting In the world of business, data security is paramount.

Risk

Risk Encryption Blockchain Authentication

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

IT Governance

DECEMBER 19, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. When the Russian Cl0p gang exploited a zero-day SQL injection vulnerability in MOVEit Transfer in May 2023, Delta Dental was one of hundreds of organisations whose data was compromised.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. For example, the Social Security number “111-11-1111” might be encoded into the plaintext numeric code of “049049 049049 049049 049049 049,” which cannot be used in a database with a limit of 9 characters.

Encryption

Encryption Passwords Authentication Communications

Information Management Today

The Week in Cyber Security and Data Privacy: 16–22 October 2023

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

Trending Sources

15 Top Cybersecurity Certifications for 2022

The Week in Cyber Security and Data Privacy: 23–29 October 2023

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

Australian Privacy Regulator Sues in Data Breach Case

Privacy Act Review report

Nmap Ultimate Guide: Pentest Product Review and Analysis

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

Types of Encryption, Methods & Use Cases

Stay Connected