Education, Information Security and Retail - Information Management Today

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. Private Fund, ESG Investing, Retail Investors, Cybersecurity, Fintech, and Digital Assets. Transfer Agents.

Retail

Retail Compliance Sales Risk

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches

Data breaches Retail Education Ransomware

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is being used in attacks against organizations in the Middle East, Africa, and the U.S.

Retail

Retail Education Communications Government

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . Researchers found active instances of Agent Tesla and developed a mechanism to enumerate the affected clients and extract compromised data.

Financial Services

Financial Services Retail Education Information Security

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

Impacted customers include Sweden’s largest cinema chain Filmstaden (the attack disrupted its online ticket system) and the discount retail chain Rusta. Tietoevry notified law enforcement and impacted customers. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware

Ransomware Government Retail Cloud

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

According to the company, they have over 600,000 Cameras and 50,000 Recorders installed all over the world in multiple sectors such as Banking, Retail, Government, etc. ” reads the advisory published by Fortinet.

Authentication

Authentication Retail Education Marketing

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Do not store passwords, usernames, or other information for easy login on mobile device applications. Authenticate calls from third party authorized retailers requesting.

Authentication

Authentication Passwords Retail Education

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Neiman Marcus Agrees to Settlement in Data Breach Class Action

Hunton Privacy

MARCH 21, 2017

On March 17, 2017, retailer Neiman Marcus agreed to pay $1.6 The consumer plaintiffs sued Neiman Marcus in March 2014, alleging that the company failed to protect customers’ privacy and waited 28 days to inform affected customers of the breach.

Data breaches

Data breaches Retail Information Security Education

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

E-learning: the effective way to train your team

IT Governance

JUNE 21, 2018

It is widely acknowledged that the retail and hospitality industries experience high staff turnover: frontline roles are often filled by temporary, young or part-time staff, the hours can be long and unsociable and the work can be physically demanding. Educating your staff can be complex to arrange, time consuming and costly.

Retail

Retail Education Compliance GDPR

Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds

Hunton Privacy

APRIL 27, 2021

As reported on the Hunton Retail Law Blog , on April 26, 2021, the U.S. Notably, the plaintiffs did not claim they suffered fraud or identity theft because of the inadvertent disclosure, nor did they claim their information was shared with anyone outside of the company or that third parties otherwise had taken or misused it.

Data breaches

Data breaches Risk Retail Education

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

In March, the FBI issued an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. In March 2020, CERT France cyber-security agency warned about a new wave of ransomware attack that was targeting the networks of local government authorities.

Ransomware

Ransomware Encryption Government Retail

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505.

Retail

Retail Access Education Security

11 cyber security predictions for 2020

IT Governance

JANUARY 9, 2020

With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year. The retail and hospitality industries will continue to have their POS equipment targeted. Education is also becoming increasingly important when protecting organisations.

Security

Security IoT Phishing Ransomware

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

IT Governance

JANUARY 9, 2023

Other significant contributors to 2022’s total were the technology (115), education (95), professional services (63) and retail (62) sectors. Keeping your organisation secure. That includes supporting those seeking Cyber Essentials certification or implementing an ISMS (information security management system).

Data breaches

Data breaches Ransomware Government Passwords

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Do not store passwords, usernames, or other information for easy login on mobile device applications. Authenticate calls from third party authorized retailers requesting.

Authentication

Authentication Passwords Retail Access

The GDPR: A year in review

IT Governance

MAY 23, 2019

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. Our experts couldn’t agree on which sector had done the least to meet the GDPR’s requirements, with retail, education and the public sector among those named the worst. Compliance fatigue’.

GDPR

GDPR Data breaches Compliance Retail

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

This will typically cover public authorities such as government departments, schools and other educational institutions, hospitals and the police. Many retailers sell signs like this, leaving the purpose blank so that you can fill it in with the appropriate message.

GDPR

GDPR Privacy Retail Personal data

Nodersok malware delivery campaign relies on advanced techniques

Security Affairs

SEPTEMBER 28, 2019

About 3% of the infected systems belong to organizations in different sectors, including education, professional services, healthcare, finance, and retail. Most of the victims are located in the United States and Europe, they are predominantly consumers.

e-Delivery

e-Delivery Retail Libraries Education

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. Also, their policies must be tailored to their specific industry requirements and business size.

Compliance

Compliance Archiving Digital transformation Sales

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

“Since the cyber attack on 23 December 2019, UM has been working hard: on the one hand, to repair the damage and, on the other hand, to make education and research p ossible again as soon as p ossible.” TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Ransomware

Ransomware Encryption Passwords Retail

Recent Data Breach Events in China

Hunton Privacy

DECEMBER 31, 2013

Zhabei District police investigated online message platforms, and targeted an education information consulting company as the source of the spam messages. Further investigation showed that this local resident had obtained the information from a man who was responsible for maintaining a national examination application website.

Data breaches

Data breaches Retail Education Sales

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. “A similar campaign targeting Turkish educational and government institutions used email subjects pertaining to invoice information or personnel payroll, and Visual Basic for Applications (VBA).XLS ” continues the report.

e-Delivery

e-Delivery Insurance Retail Government

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Retail Italy Yes 436,932 Toner-dumping.de Source (New) Retail Germany Yes 334,000 Yakima Valley Radiology, PC Source 1 ; source 2 (New) Healthcare USA Yes 235,249 Consorzio Innovation Source (New) Professional services Italy Yes 225 GB Northeast Orthopaedics & Sports Medicine Source (New) Healthcare USA Yes 177,276 Strike.me

Data Privacy

Data Privacy Privacy Security Data breaches

Episode 231: Solving the US’s Endemic Cybersecurity Worker Shortage

The Security Ledger

DECEMBER 10, 2021

Rodney Petersen, the director of the National Initiative for Cybersecurity Education (NICE) talks about the massive shortage of information security workers at the United States - estimated at more than 400,000 workers. Rodney talks about how NICE is working to promote information security skills and development.

Cybersecurity

Cybersecurity Agriculture Education Information Security

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. Its features include: Compliance education & management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. See our in-depth look at RSA Archer.

Compliance

Compliance Risk Government Retail

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Hunton Privacy

MAY 26, 2010

To help ensure compliance with applicable privacy and information security laws, businesses should destroy or erase any hard drives in digital copiers before selling or discarding those machines, and should contractually require that the hard drives of leased digital copiers be erased at the termination of the lease.

Privacy

Privacy Risk Manufacturing Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. Its features include: Compliance education & management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. See our in-depth look at RSA Archer.

Compliance

Compliance Risk Government Retail

FTC Hosts Workshop on Informational Injury

Hunton Privacy

DECEMBER 15, 2017

Panelists were presented with two consumer harm and injury hypotheticals (one in a privacy context, based on retail tracking and marketing, and one in a security context, based on unauthorized access to company consumer data) and asked to assess at which stage of the hypothetical they believed consumer injury was taking place.

Privacy

Privacy Retail Risk Insurance

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

Become familiar with the standards that affect your industry, such as GDPR, CCPA, SOX, HIPAA, the Gramm-Leach-Bliley Act, Payment Card Industry Data Security Standard (PCI-DSS), Federal Information Security Management Act (FISMA) and Children’s Online Privacy Protection Rule (COPPA). Educate employees.

Encryption

Encryption Cloud Privacy GDPR

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security. But these were far from the only notable cyber security headlines of the year. Source: Security Affairs.

Security

Security Data breaches Ransomware Military

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Cybersecurity

Cybersecurity Retail Compliance Marketing

FINRA Issues Its 2019 Risk Monitoring and Examination Priorities Letter

Data Matters

JANUARY 29, 2019

FINRA will continue to educate firms about the applicable requirements and evaluate firms for compliance. FINRA will also review for any changes in firms’ behavior that might be undertaken to avoid their markup and markdown disclosure obligations. Financial Risks. Credit Risk.

Risk

Risk IT Compliance Marketing

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

FEBRUARY 20, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Retail

Retail Compliance Marketing Risk

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

According to research firm Statista, the global retail drone market is expected to reach $90 billion by 2030, with Defense, Enterprise, and Logistics being the primary industries driving growth. In China, the retail drone market reached $15 billion in 2021, with projections to exceed $22 billion by 2024. Market overview. Disclaimer.

Cybersecurity

Cybersecurity Computer and Electronics Authentication Marketing

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

Next, Retail and Health, as the most sectors affected in this season. You can Download [PDF] or [PNG] report from the original post at [link] About the author: Pedro Tavarez Pedro Tavares is a professional in the field of information security working as an Ethical Hacker, Malware Analyst and also a Security Evangelist.

Phishing

Phishing Data collection Retail Security awareness

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Machine learning algorithms are already being used in transportation to ease road congestion, in healthcare to spot medical errors and improve patient care and in retail to improve the customer shopping experience. But how exactly will artificial intelligence help bridge the information security skills gap?

Security

Security Artificial Intelligence Computer and Electronics Libraries

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Machine learning algorithms are already being used in transportation to ease road congestion, in healthcare to spot medical errors and improve patient care and in retail to improve the customer shopping experience. But how exactly will artificial intelligence help bridge the information security skills gap?

Security

Security Artificial Intelligence Computer and Electronics Libraries

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

Machine learning algorithms are already being used in transportation to ease road congestion, in healthcare to spot medical errors and improve patient care and in retail to improve the customer shopping experience. But how exactly will artificial intelligence help bridge the information security skills gap?

Security

Security Artificial Intelligence Computer and Electronics Libraries

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. With that out of the way, it’s time to move on to May 2023.

Data breaches

Data breaches Insurance Personal data Ransomware

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Source (New) Manufacturing Taiwan Yes 4,715,133 Mustafa Centre Source 1 ; source 2 (Update) Retail Singapore Yes >3,5000,000 TRAXERO Source (New) Software USA Yes 2,634,753 Piping Rock Health Products Source 1 ; source 2 ; source 3 (New) Manufacturing USA Yes 2,103,100 FBCS, Inc. Source 1 ; source 2 (Update) Finance USA Yes 498,686 J.P.

Data Privacy

Data Privacy Privacy Manufacturing Security

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector.

Ransomware

Ransomware Phishing Sales Manufacturing

Volvo retailer leaks sensitive files

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Webinars

Trending Sources

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Webinars

New Agent Raccoon malware targets the Middle East, Africa and the US

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Fortinet warns of a spike in attacks against TBK DVR devices

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Neiman Marcus Agrees to Settlement in Data Breach Class Action

Steelcase office furniture giant hit by Ryuk ransomware attack

E-learning: the effective way to train your team

Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds

PYSA ransomware gang is the most active group in November

New Lobshot hVNC malware spreads via Google ads

11 cyber security predictions for 2020

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

The GDPR: A year in review

Does your use of CCTV comply with the GDPR?

Nodersok malware delivery campaign relies on advanced techniques

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Maastricht University finally paid a 30 bitcoin ransom to crooks

Recent Data Breach Events in China

TA505 group updates tactics and expands the list of targets

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Episode 231: Solving the US’s Endemic Cybersecurity Worker Shortage

Top GRC Tools & Software for 2021

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Top 10 Governance, Risk and Compliance (GRC) Vendors

FTC Hosts Workshop on Informational Injury

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

2022 Cyber Security Review of the Year

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

FINRA Issues Its 2019 Risk Monitoring and Examination Priorities Letter

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Attack of drones: airborne cybersecurity nightmare

Threat Report Portugal: Q3 & Q4 2022

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

List of Data Breaches and Cyber Attacks in 2023

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

Group-IB Hi-Tech Crime Trends 2020/2021 report

Stay Connected