2022, Data, Education and Information Security - Information Management Today

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

Security Affairs

JUNE 29, 2022

The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. 6 0 11 CWE-476 NULL Pointer Dereference 7.15

Authentication

Authentication Education Cybersecurity Security

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. “Additionally, from our ongoing disruption of LockBit, we now have over 7,000 decryption keys and can help victims reclaim their data and get back online.”

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

Hyundai disclosed a data breach that impacted Italian and French car owners and clients who booked a test drive. Hyundai has suffered a data breach that impacted Italian and French car owners and customers who booked a test drive. According to the letter, financial data were not exposed.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

The experts pointed out that the data they found on the devices could be used to identify the prior owners, this information can be used by threat actors to breach their networks. Exposed corporate data and sensitive data include the maps of sensitive applications hosted locally or in the cloud.

Authentication

Authentication Marketing Cloud Manufacturing

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

On March 30, 2022, the U.S. Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. 1 “2022 Examination Priorities,” available here. Broker-dealer examinations will review firms’ recommendations related to SPACs, structured and other enumerated products.

Retail

Retail Compliance Sales Risk

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The City is investigating the scope of the incident with the help of law enforcement, at this time has yet to disclose details on the incident, including the ransomware family that hit its systems and if there is a data breach. Royal operators have demanded ransom ranging from approximately $1 million to $11 million USD worth of Bitcoin.

Ransomware

Ransomware IT Encryption Education

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. ” reads the alert. ” continues the alert.

Ransomware

Ransomware Encryption Cybersecurity Communications

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

Yesterday, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. “LockBit had a bespoke data exfiltration tool, known as Stealbit, which was used by affiliates to steal victim data.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

The Department of State has set up a Tor website that can be used to anonymously provide information on LockBit’s operation. Yesterday, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. reads the NCA’s announcement.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

What the Email Security Landscape Looks Like in 2023

Security Affairs

MAY 12, 2023

Recently, VIPRE Security Group published their Email Security in 2023 report , where they shared insights on the development of email-based threats and how they can impact organizations. What follows is an overview of some of the key findings from the report and some of the thing’s businesses can do to protect their employees and data.

Security

Security Phishing B2B Data breaches

OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands

Security Affairs

APRIL 28, 2023

OpenAI restored access to ChatGPT in Italy after the company met the demands of the Italian Data Protection Authority, Garante Privacy. In early April, the Italian Data Protection Authority, c, temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors.

Personal data

Personal data Privacy Access Education

Rebecka Isaksson: Powering the workplace through AI

CILIP

MAY 15, 2023

It is important to remember that AI is not here to replace humans, but to empower and support us to make more well-informed and better decisions, as it enables us to leverage much bigger volumes of information and data. I know my former employer has worked on that for a long time, and others in the industry as well. “I

IT

IT Sales Education Communications

North Korea-linked TA444 group turns to credential harvesting activity

Security Affairs

JANUARY 25, 2023

APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, it has been active since at least 2014 and it has been observed targeting over 16 organizations across 11 countries. According to the experts, the new credential harvesting campaign began in early December 2022. ” concludes the report.

Blockchain

Blockchain Phishing Education Government

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

Security Affairs

APRIL 2, 2023

Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Artificial Intelligence Data breaches Ransomware

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

ForAllSecure

FEBRUARY 8, 2023

From her talk at SecTor 2022 , Paula Januszkiewicz, CEO of Cqure , returns to The Hacker Mind and explains how a lot of little configuration errors in common Windows tools and services can open the door to persistence on a system for bad actors and what sysadmins can do to mitigate these. And secure Academy.

Access

Access IT Phishing Passwords

Information Management Today

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Trending Sources

Hyundai suffered a data breach that impacted customers in France and Italy

Hackers can hack organizations using data found on their discarded enterprise network equipment

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

City of Dallas shut down IT services after ransomware attack

The U.S. CISA and FBI warn of Royal ransomware operation

More details about Operation Cronos that disrupted Lockbit operation

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

What the Email Security Landscape Looks Like in 2023

OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands

Rebecka Isaksson: Powering the workplace through AI

North Korea-linked TA444 group turns to credential harvesting activity

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

Stay Connected