Sat.Mar 16, 2024 - Fri.Mar 22, 2024

article thumbnail

After 70M Individuals' Data Leaks, AT&T Denies Being Source

Data Breach Today

Dataset Leaked for Free; ShinyHunters Cybercrime Gang First Advertised It in 2021 Data breach blast from the past: Data pertaining to 70 million individuals that the ShinyHunters gang claimed were AT&T customers has been leaked via a hacking forum, three years after criminals first offered it for sale. AT&T said the information didn't appear to have been stolen from its systems.

article thumbnail

EU Formally Adopts World’s First AI Law

Data Matters

On March 13, 2024, the European Parliament formally adopted the EU Artificial Intelligence Act (“ AI Act ”) with a large majority of 523-46 votes in favor of the legislation. The AI Act is the world’s first horizontal and standalone law governing AI, and a landmark piece of legislation for the EU. The post EU Formally Adopts World’s First AI Law appeared first on Data Matters Privacy Blog.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Navigating the complex world of IT security: how unified security simplifies protection

Jamf

Securing your organization is a difficult task. Choosing the right software solutions can help. Learn how a unified security platform makes security easier.

article thumbnail

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Krebs on Security

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep , an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Tactics for Battling Attacks by Russia's Midnight Blizzard

Data Breach Today

As Nation-State Group Hacks Big Targets, Trellix's John Fokker Details Defenses Major technology vendors keep being hacked by the nation-state hacking group Midnight Blizzard. Essential defenses to combat such attacks begin with implementing log monitoring across multiple platforms to find red flags, said John Fokker, head of threat intelligence at Trellix.

313
313

More Trending

article thumbnail

Threat actors leaked 70,000,000+ records allegedly stolen from AT&T

Security Affairs

Researchers at vx-underground first noticed that more than 70,000,000 records from AT&T were leaked on the Breached hacking forum. More than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached, vx-underground researchers reported. Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached.

article thumbnail

The Not-so-True People-Search Network from China

Krebs on Security

It’s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities.

Marketing 253
article thumbnail

Russian Nation-State Hacker Targets German Political Parties

Data Breach Today

Latest APT29 Campaign Uses a Previously Unseen Malware Backdoor A Russian hacking group is targeting German political parties as part of a Moscow-backed espionage campaign. The latest APT29 campaign marks the first time the group has been seen targeting political organizations, according to researchers at Mandiant.

305
305
article thumbnail

Some of the Most Popular Websites Share Your Data With Over 1,500 Companies

WIRED Threat Level

Cookie pop-ups now show the number of “partners” that websites may share data with. Here's how many of these third-party companies may get your data from some of the most popular sites online.

Privacy 130
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Pwn2Own Vancouver 2024: participants earned $1,132,500 for 29 unique 0-days

Security Affairs

Pwn2Own Vancouver 2024 hacking competition has ended, and participants earned $1,132,500 for demonstrating 29 unique zero-days. Trend Micro’s Zero Day Initiative (ZDI) announced that participants earned $1,132,500 on the Pwn2Own Vancouver 2024 hacking competition for demonstrating 29 unique zero-days. On day one , the Team Synacktiv successfully demonstrated exploits against a Tesla car.

article thumbnail

5 reasons to attend OpenText World Europe 2024

OpenText Information Management

AI changes everything—every role, every organization, and every industry. Those who make the most of it will be poised to lead their industries. Are you ready to put this game-changing technology to work for you? Join us at OpenText™ World Europe 2024 to learn how you can reimagine work with AI. Our complimentary event will be held in three locations: London (Queen Elizabeth II Centre, April 15), Munich (MOC—Event Center Messe München, April 16 & 17), and Paris (Maison de la Chimie, April 18

article thumbnail

US Sanctions 'Key Actors' in Russian Disinformation Campaign

Data Breach Today

Treasury Department Sanctions Heads of Russian 'Influence-for-Hire' Firms The U.S. Department of the Treasury sanctioned the heads of Russian-based companies for spearheading disinformation campaigns that impersonated legitimate media outlets and government organizations across the globe. The firms coordinated an information manipulation campaign targeting Latin America.

article thumbnail

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds

WIRED Threat Level

The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels.

IT 145
article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Critical flaw in Atlassian Bamboo Data Center and Server must be fixed immediately

Security Affairs

Atlassian fixed tens of vulnerabilities in Bamboo, Bitbucket, Confluence, and Jira products, including a critical flaw that can be very dangerous. Atlassian addressed multiple vulnerabilities in its Bamboo, Bitbucket, Confluence, and Jira products. The most severe vulnerability, tracked as CVE-2024-1597 (CVSS score of 10), is a SQL injection flaw that impacts the org.postgresql:postgresql third-party dependency of Bamboo Data Center and Server. “This org.postgresql:postgresql Dependency

IT 126
article thumbnail

Introducing privilege elevation in Jamf Connect

Jamf

Learn about how privilege elevation, a new feature of Jamf Connect, helps organizations balance the end user’s needs with administrative oversight without compromising device or credential security while permitting IT and Security teams to “ work smarter, not harder ”.

Security 116
article thumbnail

Nursing Home Declares Bankruptcy, Blames Recent Cyberattacks

Data Breach Today

Also, Senate Bill Proposes Payment Relief for Firms Meeting Cyber 'Standards' A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.

article thumbnail

Glassdoor Wants to Know Your Real Name

WIRED Threat Level

Anonymous, candid reviews made Glassdoor a powerful place to research potential employers. A policy shift requiring users to privately verify their real names is raising privacy concerns.

Privacy 109
article thumbnail

An Architect’s Guide for Selecting Scalable, Data-Layer Technologies

There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h

article thumbnail

PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released

Security Affairs

Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE-2024-25153 (CVSS score 9.8) impacting its FileCatalyst file transfer solution. A remote, unauthenticated attacker can exploit their vulnerability to execute arbitrary code on impacted servers. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be

article thumbnail

The Mainframe Turns 60: A Milestone in Computing History  

OpenText Information Management

60 years can really fly by! On April 7, 2024, the Mainframe will turn 60. At this milestone, we should all reflect on what the mainframe has done to the computing industry. What would the world look like without it? What is the current state of the mainframe? And what is its future? This post will touch on these points and give us all a chance to celebrate the mainframe at 60 years.

Cloud 108
article thumbnail

Email Bomb Attacks: Filling Up Inboxes and Servers Near You

Data Breach Today

HHS: Bot-Driven Attacks Can Overwhelm Email Servers, Networks and Disrupt Workflow Federal authorities are warning healthcare and public health sector entities of email bomb attacks, a type of denial-of-service attack that can overwhelm email systems and networks and distract victims from other nefarious activities. The incidents can also disrupt clinical and business workflow.

300
300
article thumbnail

Ransomware Group “RA World” Changes Its’ Name and Begins Targeting Countries Around the Globe

KnowBe4

The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

Pwn2Own Vancouver 2024 Day 1 – team Synacktiv hacked a Tesla

Security Affairs

Participants earned $732,500 on the first day of the Pwn2Own Vancouver 2024 hacking competition, a team demonstrated a Tesla hack. Participants earned $732,000 on the first day of the Pwn2Own Vancouver 2024 hacking competition for demonstrating 19 unique zero-days, announced Trend Micro’s Zero Day Initiative (ZDI). The experts successfully demonstrated exploits against a Tesla car, Linux and Windows operating systems, and more.

Security 120
article thumbnail

Cheating Automatic Toll Booths by Obscuring License Plates

Schneier on Security

The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can’t identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as leaf-shaped magnets, Bramwell-Stewart said. The Port Authority says officers in 2023 roughly doubled the number of summonses issued for obstructed, missing or fictitious license plates compared wit

IT 107
article thumbnail

Water Sector Lacks Support to Meet White House Cyber Demands

Data Breach Today

Experts Say Water Sector Lacks Technical Resources to Comply With Federal Requests The White House convened state environmental, health and homeland security agencies Thursday as experts told ISMG water utilities across the country - particularly those in small, under-resourced communities - lack the funding and technical skills to implement federal cybersecurity recommendations.

article thumbnail

Apple's iMessage Encryption Puts Its Security Practices in the DOJ's Crosshairs

WIRED Threat Level

Privacy and security are an Apple selling point. But the DOJ's new antitrust lawsuit argues that Apple selectively embraces privacy and security features in ways that hurt competition—and users.

article thumbnail

What Is Entity Resolution? How It Works & Why It Matters

Entity Resolution Sometimes referred to as data matching or fuzzy matching, entity resolution, is critical for data quality, analytics, graph visualization and AI. Learn what entity resolution is, why it matters, how it works and its benefits. Advanced entity resolution using AI is crucial because it efficiently and easily solves many of today’s data quality and analytics problems.

article thumbnail

Email accounts of the International Monetary Fund compromised

Security Affairs

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The agency discovered the incident on February 16, 2024, and immediately launched an investigation with the help of cybersecurity experts.

article thumbnail

A guide to privacy modes in Jamf Safe Internet

Jamf

Privacy Modes recently came to Jamf Safe Internet. Take a deep dive into these settings and learn how to configure your Jamf School Instance with the right privacy settings for your school.

Privacy 105
article thumbnail

Erosion of Trust Most Concerning Threat to UK Elections

Data Breach Today

AI-Led Disinformation Campaign, Deepfakes Biggest Threats, Experts Warn Nation-state-led disinformation campaigns intended at eroding public trust are the biggest threat to the upcoming U.K. election, experts told a parliamentary panel on Monday. Incidents of disinformation created with artificial intelligence have already appeared.