IT Governance

MARCH 29, 2024

Here are all our Q&As to date, grouped by broad topic: AI Cyber attacks and data breaches Cyber Essentials Cyber resilience Cyber security Data privacy DORA Incident response ISO 27001 PCI DSS PECR Security testing Training Miscellaneous To get new expert insights straight to your inbox, sign up to our weekly newsletter, the Security Spotlight.

Data Privacy 52

Data Privacy Compliance Privacy GDPR 52

IBM Big Data Hub

OCTOBER 30, 2023

In July 2023, the Securities and Exchange Commission (SEC) voted to adopt new cybersecurity rules and requirements for all market entities to address risks. Among the passed regulations were updated requirements for Form 8-K reporting as well as new guidance for Form 10-K Amendments. million, representing a 15.3%

Data breaches 73

Data breaches Cybersecurity Risk Privacy 73

IT Governance

FEBRUARY 5, 2024

29,530,829,012 known records breached so far in 4,645 publicly disclosed incidents Welcome to our 2024 data breaches and cyber attacks page, where you can find an overview of the year’s top security incidents, the most breached sectors of 2024, month-on-month trends, links to our monthly reports, and much more. Our 2023 overview is here.

Data breaches 90

Data breaches Security Government Personal data 90

KnowBe4

APRIL 4, 2023

CyberheistNews Vol 13 #14 | April 4th, 2023 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam.

Phishing 99

Phishing Security awareness Cybersecurity Education 99

IT Governance

JUNE 1, 2023

On this page, you will find all our usual information breaking down the month’s security incidents. Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. With that out of the way, it’s time to move on to May 2023.

Data breaches 113

Data breaches Insurance Personal data Ransomware 113

eSecurity Planet

MAY 12, 2023

Overview Security vulnerabilities enable attackers to compromise a resource or data. Vulnerabilities occur through product defects, misconfigurations, or gaps in security and IT systems. Unplanned vulnerabilities consist of zero-day vulnerabilities, misconfigurations, and other security mistakes.

Risk 107

Risk Compliance Security IT 107

Hunton Privacy

JUNE 15, 2023

On June 14, 2023, the European Parliament (“EP”) approved its negotiating mandate (the “EP’s Position”) regarding the EU’s Proposal for a Regulation laying down harmonized rules on Artificial Intelligence (the “AI Act”). The final version of the AI Act is expected before the end of 2023.

Risk 55

Risk Artificial Intelligence Compliance GDPR 55

KnowBe4

JULY 5, 2023

CyberheistNews Vol 13 #27 | July 5th, 2023 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains A year-long phishing campaign has been uncovered that impersonates 100+ popular clothing, footwear, and apparel brands using at least 10 fake domains impersonating each brand.

Phishing 95

Phishing Security awareness Passwords Computer and Electronics 95

CILIP

MAY 15, 2023

It said: “We call on all AI labs to immediately pause for at least six months the training of AI systems more powerful than GPT-4.” CILIP Conference Join us at CILIP Conference 2023 to hear Rebecka's keynote speech. CILIP Conference 2023 takes place on 12 and 13 July in Birmingham.

IT 52

IT Sales Education Communications 52

Security Affairs

OCTOBER 5, 2023

As an ethical security researcher, I never download the data I find. For instance, a common tactic for criminals is to use the stolen information to file false tax returns and attempt to claim refunds that don’t belong to them, thus creating a very difficult situation for the individual whose information was used.

Data breaches 122

Data breaches B2B Education Access 122

Security Affairs

APRIL 21, 2023

Email security provider Proofpoint’s 2023 State of the Phish report reflects an ever-escalating financial loss attributed to phishing attacks but also highlights the importance of how appropriate end-user behavior greatly reduces organizational impacts arising from them.

Phishing 97

Phishing Security awareness Passwords Education 97

ForAllSecure

FEBRUARY 22, 2023

I think we did one training for Google once a long time ago, where we did a paid training using whatever hackable video games but really, we just have done a bunch of CTFs where we, you know, release these hackable things. I’ve used IDA PRO in Black Hat trainings. I've played in 10 finals, I think I counted at DEF CON.

IT 40

IT Marketing Access Government 40

KnowBe4

MAY 31, 2023

CyberheistNews Vol 13 #22 | May 31st, 2023 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all.

Phishing 95

Phishing File names Security awareness Risk 95

ForAllSecure

FEBRUARY 8, 2023

She’ll also be presenting again at RSAC 2023 in April. Estimates vary greatly, with some security vendors claiming dwell time is as low as 11 days with ransomware while others claim dwell time can be as high as 200 days or more with more sophisticated attacks. threat hunting, and training. And secure Academy.

Access 40

Access IT Phishing Passwords 40

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing 101

Phishing Security Security awareness Artificial Intelligence 101

IT Governance

APRIL 29, 2024

Keyboard app vulnerabilities reveal keystrokes to network eavesdroppers Security researchers have identified critical security vulnerabilities in Cloud-based pinyin keyboard apps from Baidu, Inc., We identified certain accounts that we believe are affiliated with the Spy.pet website, which we have subsequently banned.”

Data Privacy 78

Data Privacy Privacy Manufacturing Security 78