Security Affairs

DECEMBER 5, 2024

Amidst an already overstretched cybersecurity workforce— ISC2 estimated in 2023 that there was a 4 million gap between supply and demand—it’s enormously important that we address this problem. These are some of the most important cybersecurity professionals out there, and many of them are being worked to exhaustion.

Artificial Intelligence 135

Artificial Intelligence Data collection Cybersecurity Risk 135

Security Affairs

DECEMBER 1, 2024

The data collected through these operations can provide insights into voter demographics, potentially influencing election outcomes. Additionally, platforms like FraudGPT and WormGPT , launched in mid-2023, provide tools specifically designed for phishing and business email compromise (BEC) attacks.

Artificial Intelligence 132

Artificial Intelligence Phishing Media Cyber threats 132

SecureList

NOVEMBER 29, 2024

CloudSorcerer is a sophisticated cyber-espionage tool used for stealth monitoring, data collection and exfiltration via Microsoft, Yandex and Dropbox cloud infrastructures. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities 105

Energy and Utilities Ransomware Malware Government 105

SecureList

MARCH 13, 2024

The State of Stalkerware in 2023 (PDF) The annual Kaspersky State of Stalkerware report aims to contribute to awareness and a better understanding of how people around the world are impacted by digital stalking. The data highlights of 2023 In 2023, a total of 31,031 unique users were affected by stalkerware, an increase on 2022 (29,312).

Mobile 108

Mobile Passwords Surveillance Technology 108

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Mobile 312

Mobile Wireless Advertising Accountability 312

CSO Magazine

APRIL 18, 2023

An analysis of customer data collected by content delivery network and internet services giant Akamai found that attacks targeting web applications rose by 137% over the course of last year, as the healthcare and manufacturing sectors in particular were targeted with an array of API and application-based intrusions.

Manufacturing 125

Manufacturing Healthcare Data collection Internet 125

SecureList

JULY 27, 2023

This is our latest installment, focusing on activities that we observed during Q2 2023. The group’s latest activities, from September 2022 until March 2023, involve a new set of custom loaders and its private post-exploitation tool “Ninja,” used to help it remain undetected.

Malware 98

Malware Government Phishing Social Engineering 98

Security Affairs

DECEMBER 23, 2023

In March of 2023, T-Mobile US acquired the mobile virtual network operator. On December 22, 2023, Mint Mobile started notifying impacted customers. ” reads the data breach notification email sent to the impacted customers. As an MVNO, Mint Mobile doesn’t own its own wireless infrastructure.

Mobile 135

Mobile Data breaches Wireless Data collection 135

Security Affairs

JANUARY 30, 2025

Italys data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italys Data Protection Authority Garante has asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data.

Artificial Intelligence 72

Artificial Intelligence Data collection Data privacy DDOS 72

The Hacker News

AUGUST 15, 2023

The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors.

Cybercrime 97

Cybercrime Data collection Malware Software 97

Security Affairs

DECEMBER 12, 2023

Talos believes that NineRAT was built around May 2022, but was first spotted on March 2023 as part of Operation Blacksmith. The experts observed the use of NineRAT at around September 2023 against a European manufacturing entity. In March, the threat actors hit a South American agricultural organization.

Malware 129

Malware Data collection Manufacturing Healthcare 129

Security Affairs

OCTOBER 30, 2023

The ban will be effective starting from October 30, 2023, after this date, the apps will be uninstalled from the devices and users will be blocked from downloading the apps. On a mobile device, the WeChat and Kaspersky applications data collection methods provide considerable access to the device’s contents.”

Mobile 138

Mobile Government Data collection Antivirus 138

Anton on Security

NOVEMBER 6, 2023

I also do NOT believe that the decoupled SIEM is a broken SIEM that should not exist. was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

Engineering 245

Engineering Data collection Threat Detection Technology 245

Security Affairs

OCTOBER 27, 2023

In 2023, even though top companies have more incentives to succeed and thrive, the playing field is a lot more even. To summarize, the world of business in 2023 has never been more fair, thanks to the valuable information systems and access to knowledge on the internet. Why Choose Residential Proxies?

Marketing 127

Marketing Data collection Internet Internet 127

eSecurity Planet

MAY 19, 2023

Read next: Software Supply Chain Security Guidance for Developers This updates a November 2020 article by Sean Michael Kerner The post Top 5 Application Security Tools & Software for 2023 appeared first on eSecurityPlanet.

Software 104

Software Risk Encryption Marketing 104

Security Affairs

MARCH 4, 2024

Consumer groups assert that Meta is not adhering to various rules established by the European privacy regulation GDPR: Fair Processing (Article 5(1)(a)): Personal data must be processed lawfully, fairly, and transparently. Consumer groups claim that Meta’s data collection is unfair and lacks transparency.

Data collection 130

Data collection Surveillance Hacking Information Security 130

Security Affairs

SEPTEMBER 26, 2023

The BORN funded by the government of Ontario disclosed a data breach that impacts some 3.4 The Clop ransomware gang (aka Lace Tempest ) was credited by Microsoft for the campaign that exploited a zero-day vulnerability, tracked as CVE-2023-34362 , in the MOVEit Transfer platform. million people.

Data breaches 130

Data breaches Healthcare Ransomware Hacking 130

eSecurity Planet

APRIL 14, 2023

By analyzing the data collected, bot protection systems can gain a deeper understanding of bot behavior and develop more effective strategies for detecting and preventing bot attacks.

Software 109

Software DDOS Accountability Firewall 109

Security Boulevard

AUGUST 3, 2023

Summary The BloodHound code-convergence project brings some significant and long-desired feature enhancements to BloodHound Enterprise (BHE): Cypher search, including pre-built queries for AD and Azure Built-in support for offline data collection (i.e., Existing customers can reach out to their TAM with questions.

Data collection 98

Data collection Engineering Risk 98

Security Boulevard

MARCH 31, 2023

You can register for the webinar here: LC101: Writing Detection and Response Rules LimaCharlie is organizing a new cybersecurity conference called MSSN CTRL being held on October 5-6, 2023, in Arlington, VA. If you are interested in speaking at the conference, our Call for Papers is open through April 16, 2023.

Engineering 59

Engineering Data collection Education Authentication 59

Security Affairs

JANUARY 9, 2023

All data collected by the dashboard can be exported in different formats and can be analyzed using useful graphics. You’ll find more details about the project here (Italian language): Buoni propositi per il 2023: nasce la Dashboard Ransomware Monitor. ” explained the development team.

Ransomware 98

Ransomware Data collection Hacking Cybersecurity 98

Malwarebytes

JULY 29, 2024

At Malwarebytes, we reported how a team of researchers at Mozilla who reviewed the privacy and data collection policies of various product categories for several years now, named “Privacy Not Included,” found cars to be the worst product category they ever reviewed for privacy. But at least those vulnerabilities are not intentional.

Insurance 113

Insurance Data collection Data breaches Manufacturing 113

Security Affairs

JANUARY 31, 2025

This week, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. In addition to imposing the data processing restriction, the Authority has also launched an investigation.”

Artificial Intelligence 60

Artificial Intelligence Data collection DDOS Risk 60

Security Boulevard

JANUARY 23, 2023

As the conversation around privacy progresses beyond a focus on security infrastructure and best practices for preventing data breaches, regulations are working to catch up. Enable data permissions that usefully anticipate the user's intentions. For more information on Data Privacy Week, click here. What's Next?

Data privacy 52

Data privacy Data collection Consumer Protection Authentication 52

Google Security

MAY 5, 2023

Silvia Convento, Senior UX Researcher and Court Jacinic, Senior UX Content Designer In recognition of World Password Day 2023, Google announced its next step toward a passwordless future: passkeys. Data from March-April 2023 (n≈100M) Figure 2: time spent authenticating with passkey vs password (data from March-April 2023).

Authentication 122

Authentication Passwords Technology Password Management 122

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications 132

Telecommunications Authentication Data collection Passwords 132

Malwarebytes

AUGUST 6, 2023

Last week on Malwarebytes Labs: The end looms for Meta's behavioural advertising in Europe Microsoft Teams used in phishing campaign to bypass multi-factor authentication Film companies lose battle to unmask Reddit users FAQ: How does Malwarebytes ransomware rollback work?

Data collection 90

Data collection Ransomware Phishing Advertising 90

Security Affairs

NOVEMBER 6, 2024

” In February 2023, the Canadian government announced the ban on the TikTok app from all government-issued devices over security concerns. The US already warned of the alleged link between the Chinese company and the Communist Party, accusing TikTok of collecting and sharing data for Chinese intelligence.

Government 117

Government Mobile Media Technology 117

CyberSecurity Insiders

MAY 2, 2023

It amends the 2018 California Consumer Privacy Act (CCPA) introduced in response to rising consumer data privacy concerns. It has significantly impacted data collection and handling practices, giving consumers more control over how businesses handle their data. How does CPRA impact business operations?

Data collection 52

Data collection Data breaches Password Management Data privacy 52

SecureWorld News

JUNE 21, 2023

Info stealers are also indiscriminate, infecting as many computers as possible to maximize the amount of data collected. They have become a significant source of compromised personal data due to their simplicity and effectiveness. Group-IB's analysis revealed that the Asia-Pacific region accounted for 40.5%

Accountability 130

Accountability Data collection Cyber threats Risk 130

SecureWorld News

JANUARY 16, 2024

July 1st brings two key CCPA deadlines : organizations must clearly explain how consumers can opt out of data sharing using standardized mechanisms, and they must obtain fresh consent for processing any sensitive data collected before July 1, 2023.

Cybersecurity 109

Cybersecurity Data privacy Data collection Penetration Testing 109

Security Boulevard

JULY 22, 2023

TABLE OF CONTENTS Overview Revisiting Waterfox in 2023 Waterfox is independent A refreshed download/install experience Waterfox appears to still uphold its no telemetry claim Update conclusion What is Waterfox? Updated 2023) appeared first on Security Boulevard. With these changes, can Waterfox be a viable privacy-focused browser?

Data collection 52

Data collection Engineering Encryption DNS 52

Malwarebytes

JANUARY 19, 2024

Arising in the Northern District of California, the lawsuit accused Google of continuing to “track, collect, and identify [users’] browsing data in real time” even when they had opened a new Incognito window.

Data collection 143

Data collection VPN Risk 143

Security Affairs

SEPTEMBER 1, 2023

“In one case, we observed a SapphireStealer sample where the data collected using the previously described process was exfiltrated using the Discord webhook API, a method we previously highlighted here.” ” continues the report. The FUD-Loader malware downloader was also published by the same GitHub account.

Malware 128

Malware Data collection Architecture Hacking 128

Malwarebytes

MARCH 14, 2024

Speaking at a US Senate hearing in March 2023, the general said “one third of Americans get their news from TikTok”, adding “one sixth of American youth say they’re constantly on TikTok. The EFF argues that the bill will not stop the sharing of data but it will reduce online rights in a way that is unconstitutional.

Identity Theft 121

Identity Theft Government Media Data collection 121

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 “On December 13, 2023, Wolf Haldenstein detected suspicious activity in its network environment.

Data breaches 77

Data breaches Identity Theft Consumer Protection Data collection 77

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 125

Data breaches Banking Hacking Malware 125