Data, Education, Financial Services and Information Security

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The company refused to pay the ransom and the ransomware gang threatened to leak the alleged stolen documents, including project data, clients’ and partners’ info, and NDAs. “We’ve obtained 100 GB of data of Nissan Australia. ” reads the message published by the group on its data leak site.

Ransomware

Ransomware Data breaches Financial Services Archiving

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. Healthcare Data Privacy Laws.

Data Privacy

Data Privacy Compliance Privacy Security

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Authorized property/casualty insurers should use a data-driven and comprehensive plan to assess gaps and vulnerabilities in the cybersecurity of their insureds and potential insureds. Educate Insureds and Insurance Producers.

Insurance

Insurance Financial Services Cybersecurity Risk

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. If you have already watched them, repetition is the mother of all education. Trends in Cloud Security: Key Findings from the 2022 Cloud Security Study. Digital Sovereignty – Your Data, Their Cloud.

Compliance

Compliance Cloud Security Financial Services

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data leakage. The data extraction was made possible through a collaboration with Resecurity, law enforcement and several ISPs in the European Union, Middle East and North America.

Financial Services

Financial Services Retail Education Information Security

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement). was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

25% increase in confidential data theft

IT Governance

DECEMBER 7, 2017

It has been revealed that there has been a 25% increase in the number of High Court cases involving stolen confidential data. One key contributory factor may be an increase in staff turnover, as employees may take key client and financial information with them when they leave. Staff education. Different opinions.

Education

Education Information Security Financial Services Risk

OCR Labs exposes its systems, jeopardizing major banking clients

Security Affairs

APRIL 6, 2023

Data leak affected QBANK, Defence Bank, Bloom Money, Admiral Money, MA Money, and Reed. Using leaked data, threat actors could potentially breach banks’ backend infrastructure and consequently the infrastructure of their clients. Among the leaked data, researchers found Google and Liveness API keys.

IT

IT Financial Services Access Risk

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. A misconfiguration of the bank systems exposed millions of records with sensitive data. A misconfiguration of the bank systems exposed millions of records with sensitive data.

Personal data

Personal data Phishing Risk Financial Services

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

Law enforcement also had access to data stolen from the victims of the ransomware operation, a circumstance that highlights the fact that even when a ransom is paid, the ransomware gang often fails to delete the stolen information. reads the NCA’s announcement.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

How ATB Financial drives agile data ops with Collibra and GCP

Collibra

MARCH 23, 2021

ATB Financial provides a diversified set of financial services to more than 770,000 residents of Alberta, Canada. Being a regionally focused institution, the group is dedicated to knowing its customers intimately, understanding their needs and providing products and services that help them achieve their goals.

Cloud

Cloud Government Access Metadata

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Targeted Sector Vulnerabilities: Financial Services, IT, Healthcare, Education, and Government sectors have emerged as primary targets, with attackers fine-tuning their strategies to exploit specific vulnerabilities within these industries.

Security

Security Phishing Communications Financial Services

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

Law enforcement also had access to data stolen from the victims of the ransomware operation, a circumstance that highlights the fact that even when a ransom is paid, the ransomware gang often fails to delete the stolen information. ” reads the NCA’s announcement.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Xchanging employs over 7,000 people worldwide and offers IT outsourcing, infrastructure including network managed services, software products and application management. Securities and Exchange Commission (SEC). The company disclosed the security breach on July 5, but it is not clear when it has discovered the attack.

Ransomware

Ransomware Insurance Financial Services Manufacturing

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

This development indicates that sponsors and fiduciaries may soon be subject to focused scrutiny over their cybersecurity practices in DOL investigations and adds to the multiple existing sources of cybersecurity legal risk in the wake of data breaches or insufficient cybersecurity controls.

Cybersecurity

Cybersecurity Insurance Risk Compliance

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Security Affairs

MARCH 19, 2020

” The module appears to be under development, but experts pointed out that threat actors already used it to target organizations, mostly in telecoms, education, and financial services sectors. The module implements three attack modes, named check, trybrute and brute.

Financial Services

Financial Services Education Communications IT

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. “If they are hosting customer data on a third-party system like Amazon, it better damn well be encrypted,” Weaver said.

Encryption

Encryption Passwords Access Financial Services

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 36 million records. Data breached: 6,935,412 individuals’ data. Data breached: 6.9 Only 3 definitely haven’t had data breached.

Data Privacy

Data Privacy Privacy Security Data breaches

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. Its features include: Compliance education & management.

Compliance

Compliance Risk Government Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. Its features include: Compliance education & management.

Compliance

Compliance Risk Government Retail

Security in the finance sector: Whose role is it anyway?

CGI

OCTOBER 25, 2015

All of this leads one to ask: In the midst of these heightened risks, increasing regulations and digital innovation, whose role is it to make sure that financial and personal data is kept safe? The answer is easy—all key players in the finance sector, including consumers, financial services providers and systems integrators.

IT

IT Security Digital transformation Compliance

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

During that window, the actor successfully compromised at least nine global entities across the technology, defense, healthcare, energy and education industries.” defense contractors , financial services firms, and a national data center in Central Asia. Subsequently, exploitation attempts began on Sept.

Communications

Communications Blockchain Passwords Financial Services

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

A high-profile cyber incident may cause substantial financial and reputational losses to an organization, including the disruption of corporate business processes, destruction or theft of critical data assets, loss of goodwill, and shareholder and consumer litigation. Encrypting critical data assets. Managing digital identities.

Cybersecurity

Cybersecurity Risk Passwords Authentication

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data scraping or web scraping is a typically automated process that extracts information from websites, allowing criminals to compile datasets containing personal information.

Data Privacy

Data Privacy Privacy Manufacturing Security

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. Blog post with links: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Yup – shoe store.

Phishing

Phishing File names Security awareness Risk

Information Management Today

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Compliance & Data Privacy Regulations

Trending Sources

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Cybersecurity agencies published a joint LockBit ransomware advisory

25% increase in confidential data theft

OCR Labs exposes its systems, jeopardizing major banking clients

Multinational ICICI Bank leaks passports and credit card numbers

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

How ATB Financial drives agile data ops with Collibra and GCP

Unmasking 2024’s Email Security Landscape

More details about Operation Cronos that disrupted Lockbit operation

Ransomware infected systems at Xchanging, a DXC subsidiary

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Why CISA is Warning CISOs About a Breach at Sisense

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Top GRC Tools & Software for 2021

Top 10 Governance, Risk and Compliance (GRC) Vendors

Security in the finance sector: Whose role is it anyway?

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

An Approach to Cybersecurity Risk Oversight for Corporate Directors

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

Stay Connected