Cyber threats and Data collection - Cyber Security Informer

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. Unfortunately, its misuse by malicious actors is altering the cyber threat landscape.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

A DPIA requires a thorough review of any personal data collected and stored, including who specifically controls the data and who has access at any given time. Data protection is an ongoing process. There are many kinds of tools and services that can help any SMB down this paths. DPIAs can get an SMB off to a good start.

Data privacy

Data privacy Small Business Data collection Cyber Risk

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Security Affairs

OCTOBER 30, 2023

On a mobile device, the WeChat and Kaspersky applications data collection methods provide considerable access to the device’s contents.” We will continue to regularly monitor potential cyber threats and take immediate action when needed.” ” said Anita Anand, President of the Treasury Board.

Mobile

Mobile Government Data collection Antivirus

DRM Report Q2 2023 – Ransomware threat landscape

Security Affairs

OCTOBER 4, 2023

In an era where digitalization has woven its web into the very fabric of our lives, the dark underbelly of the digital realm continues to pose an ever-growing threat. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware

Ransomware Data collection Cyber threats Hacking

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

JANUARY 20, 2025

May also include threat actors abusing legitimate technology - which of itself may be irrespective of user privacy in general - to gather information or otherwise target users. Inside the Black Box of Predictive Travel Surveillance Wired Covers the use of powerful surveillance technology in predicting who might be a "threat."

Surveillance

Surveillance Malware Data breaches Scams

US Federal Judge Upholds Automakers' Right to Record Texts, Call Logs

SecureWorld News

NOVEMBER 15, 2023

The automakers argued that their practice was necessary to provide certain features and services, such as hands-free calling and texting, and that customers had consented to the data collection by agreeing to the terms of service when they purchased their vehicles.

Data collection

Data collection Technology Surveillance Data privacy

Half of Britons feel they are victims of ‘Sonic Snooping’

CyberSecurity Insiders

MARCH 23, 2023

Keeping a tab on mobile applications and checking on what they are asking as permissions might resolve most of the troubles linked to this cyber threat. The users got these feelings as they noticed an advertisement for a product or a service as soon as they searched or spoke about it with their friend or family member over the phone.

Mobile

Mobile Surveillance Data collection VPN

Over 100,000 ChatGPT Accounts Compromised by Cybercriminals

SecureWorld News

JUNE 21, 2023

Info stealers are also indiscriminate, infecting as many computers as possible to maximize the amount of data collected. They have become a significant source of compromised personal data due to their simplicity and effectiveness. Group-IB's analysis revealed that the Asia-Pacific region accounted for 40.5%

Accountability

Accountability Data collection Cyber threats Risk

Key Cybersecurity Compliance Deadlines You Can't Miss in 2024

SecureWorld News

JANUARY 16, 2024

From data privacy regulations to payment card security standards, businesses of all sizes must scramble to implement new protocols and strengthen their defenses against cyber threats. Here's a snapshot of the most critical deadlines to mark on your calendar, along with insights into their implications.

Cybersecurity

Cybersecurity Data privacy Data collection Penetration Testing

Google Chronicle announced Backstory to protect businesses

Security Affairs

MARCH 5, 2019

Google Chronicle launched Backstory, the first global security telemetry platform designed to allow companies monitoring cyber threats. Google Chronicle announced Backstory, a cloud-based enterprise-level threat analytics platform that allows companies quickly investigate incidents, discover vulnerabilities and hunt for cyber threats.

DNS

DNS Cyber threats Advertising Data collection

Podcast: Can we fix IoT security?

Webroot

JUNE 25, 2021

Having held senior roles in both threat intelligence and product management, Milbourne is acutely aware of what the threats security products come up against.

IoT

IoT Internet Internet Data collection

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. Cybersecurity laws and regulations encompass a range of legal requirements designed to protect information systems and data from cyber threats.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

Indicators of compromise (IOCs): how we collect and use them

SecureList

DECEMBER 2, 2022

What is cyber threat intelligence, and how do we use it in GReAT? We at GReAT are focused on identifying, analyzing and describing upcoming or ongoing, preferably unknown cyberthreats, to provide our customers with detailed reports, technical data feeds, and products. This is what we call cyber threat intelligence.

Cyber threats

Cyber threats DNS Technology Engineering

Control Across Your Hybrid Environments Using Cisco Secure Workload 3.6

Cisco Security

SEPTEMBER 28, 2021

The design of Secure Workload utilizes rich traffic flow telemetry (agent and agentless data collection), advanced machine learning, and behavior analysis techniques to support the major security use cases in datacenters: Behavioral baselining, analysis, and identifying workload anomalies.

Firewall

Firewall Data collection Architecture Cyber threats

Clarifying CAASM vs EASM and Related Security Solutions

NetSpi Executives

NOVEMBER 6, 2024

Organizations have a wealth of tools to manage cyber threats. Let this quick guide be your roadmap to pinpointing the distinctions between cyber asset attack surface management (CAASM) and its closest counterparts. Lost in a labyrinth of cybersecurity acronyms? You’re not alone.

Risk

Risk Technology Penetration Testing Cyber threats

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Approachable Cyber Threats

AUGUST 2, 2021

Users must be better protected from the outset, and the only way to ensure that is to impose significant restrictions on data collection and usage by companies seeking to monetize or use it to their asymmetric benefit in any way.

Data collection

Data collection Media Mobile Identity Theft

Vulnerability Management Automation: A Mandate, Not A Choice

CyberSecurity Insiders

MARCH 22, 2023

Vulnerability management involves discovering, analyzing, prioritizing, and remediating cyber weaknesses within an organization’s system. The goal is to seal up any gaps that could let unauthorized users and other cyber threats into your infrastructure. Today, 50% of detected vulnerabilities don’t have a CVE for reference.

Data breaches

Data breaches Cyber threats Government Risk

IATA Cyber Regulations

Centraleyes

DECEMBER 11, 2024

The IATA Cyber Security Regulations, often referred to as the “IATA Cyber Security Framework” (ICSF), focus on protecting the aviation ecosystem against cyber threats. Background and Relevance Who Requires It?

Risk

Risk Cybersecurity Penetration Testing Digital transformation

Threat Hunting with MITRE ATT&CK

IT Security Guru

OCTOBER 2, 2023

MITRE ATT&CK frameworks ensure you have the correct data sources by telling you which to collect from logs, security systems, and threat intelligence. Automation allows you to save parameters for data collection of the right sources to apply for future hunts.

Technology

Technology Penetration Testing Threat Detection Data collection

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

Considering this, banks need to rethink their approach to protection against cyber threats. In the new report, Group-IB experts described in detail the cyber threats to the financial sector—active APT groups, tactics of the attackers, infection vectors, and new hacker tools. Defense is an outdated strategy.

Cyber Attacks

Cyber Attacks Banking Cyber threats Phishing

Biden Signs Better Cybercrime Metrics Act

SecureWorld News

MAY 6, 2022

Representative Abigail Spanberger (D-VA), who sponsored the legislation, says that by building a more effective system, law enforcement agencies will be better able to identity cyber threats and prevent future attacks. Otherwise, we are risking the safety and privacy of American families, homes, businesses, and government agencies.

Cybercrime

Cybercrime Government Data collection Cyber threats

China-Linked Apps Pose Threat to Google Play Store Users

SecureWorld News

JULY 10, 2023

Both Apple and Google are actively promoting their security efforts at developer conferences, achieving record profits and sales while many of the apps available have huge discrepancies between their stated privacy policies and the actual information and data collected.

Spyware

Spyware Cyber threats Mobile Data collection

PRODUCT REVIEW: Nisos OSINT Monitoring and Analysis

CyberSecurity Insiders

OCTOBER 3, 2022

Nisos’ skilled analysts leverage aged personas to infiltrate closed forums and groups to better understand threat actors’ motives and plans. While most intelligence vendors provide cyber threat data, few cover the breadth of disciplines of Nisos. 2 – Expertise Across All Intelligence Domains.

Risk

Risk Media Cyber threats Cybersecurity

Monitoring the dark web to identify threats to energy sector organizations

Security Affairs

MAY 17, 2023

Searchlight Cyber threat intelligence researchers also observed threat actors discussing and offering access to ICS and OT systems. However, the most proactive security teams can also use the data collected from the dark web to create hypotheses for determining what threat hunts to conduct.

Energy and Utilities

Energy and Utilities Cybercrime Data collection VPN

Access Management is Essential for Strengthening OT Security

Thales Cloud Protection & Licensing

MAY 23, 2022

The alert detailed cyber threats which can lead to ransomware, data theft and disruption of healthcare services. However, and despite receiving notable attention, only 56% of healthcare companies have formal ransomware response plans, reports the Thales 2022 Data Threats Report.

Healthcare

Healthcare Ransomware Authentication Threat Reports

The Future of Privacy: How Big Tech Is Changing the Way We Think About Our Data

Cytelligence

DECEMBER 8, 2023

Major cybersecurity corporations specializing in services such as cybersecurity audits, vulnerability assessments, and ransomware consulting play a critical role in fortifying defenses against cyber threats, including ransomware attacks. The impact of Big Tech on privacy is multifaceted.

Data collection

Data collection Ransomware Advertising Risk

New set of Pakistani banks’ card dumps goes on sale on the dark web

Security Affairs

NOVEMBER 17, 2018

Group-IB is one the world’s leading providers of solutions aimed at detection and prevention of cyber attacks, fraud exposure and protection of intellectual property on the Internet. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC.

Banking

Banking Cybercrime Advertising Data collection

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

SEPTEMBER 20, 2019

Weller observed that local governments are under pressure to more proactively detect and deter threat actors, which means they must figure out how to redirect a bigger chunk of limited resources toward mitigating cyber threats. For a drill down on my interview with Weller, give a listen to the accompanying podcast.

Ransomware

Ransomware Government Firewall Cyber Insurance

Amazon Alexa Skills Present Security Risks

eSecurity Planet

APRIL 8, 2021

Researchers now believe that the rapid adoption of these skills could have implications for information security as they could open Alexa users up to phishing or invasive data collection. It may or may not come as a surprise to many users how little focus there is from Amazon on being transparent about how skills handle user data.

Risk

Risk Phishing Data collection Cyber threats

Online market for counterfeit goods in Russia has reached $1,5 billion

Security Affairs

OCTOBER 15, 2018

Group-IB is one the world’s leading providers of solutions aimed at detection and prevention of cyber attacks, fraud exposure and protection of intellectual property on the Internet. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC.

Marketing

Marketing Media Phishing Engineering

SWIFT

Centraleyes

NOVEMBER 5, 2024

The SWIFT Customer Security Program (CSP) is an initiative by SWIFT aimed at enhancing the security of its global financial messaging network and protecting the broader financial ecosystem from cyber threats. Implement them wherever feasible to strengthen your defense against cyber threats. How to achieve compliance?

Cyber threats

Cyber threats Cyber Risk Risk Data collection

Regional privacy but global clouds. How to manage this complexity?

Thales Cloud Protection & Licensing

MAY 31, 2022

Data Protection Officers expressed the difficulties they have to accomplish their mission: to advise on and monitor compliance (as defined in GDPR Article 39). With the acceleration of digital transformation and growing cyber threats, one thing is clear: privacy compliance has never been so important, yet so complex to reach.

Data privacy

Data privacy Digital transformation Accountability Data collection

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Security Affairs

NOVEMBER 15, 2018

Group-IB is one the world’s leading providers of solutions aimed at detection and prevention of cyber attacks, fraud exposure and protection of intellectual property on the Internet. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC.

Banking

Banking Computers and Electronics Phishing Cybercrime

MIT Report Spotlights Triple Threat Fueling Data Breach Tsunami

SecureWorld News

JUNE 4, 2024

These networks are often targeted by cyber threats, affecting not just individual organizations but also extending to third-party interactions and the broader supply chain." Infostealer attacks are on the rise, focusing on data collection rather than just hiding data behind encryption.

Data breaches

Data breaches Social Engineering Ransomware Backups

6 Business functions that will benefit from cybersecurity automation

CyberSecurity Insiders

OCTOBER 28, 2021

Many security professionals spend hours each day manually administering tools to protect enterprise data. For many organizations, spending so much time collecting data is not conducive to innovation and growth. Data privacy.

Cybersecurity

Cybersecurity Data privacy Small Business Threat Detection

What Is Threat Intelligence? Understanding the Foundations of an Effective Threat Intel Program

Security Boulevard

MAY 10, 2022

Cyber threat intelligence positions security teams to understand, analyze, and act on important information in order to build up a company’s defense. The quality of your threat intelligence program directly correlates with how effectively your organization is able to protect itself from risks and keep sensitive data secure.

Cyber threats

Cyber threats Risk Data collection

Halliburton Confirms Network Disruption After Suspected Cyber Attack

SecureWorld News

AUGUST 23, 2024

Companies like Halliburton must ensure that their networks are protected against increasingly sophisticated cyber threats. However, as OT security struggles between legacy systems and the expanding wave of IT and OT interconnectivity within their environments, the risk of cyber-physical attacks continues to grow."

Cyber Attacks

Cyber Attacks Energy and Utilities Risk Technology

Generative AI, Confidential Computing, and Post-Quantum Cryptography, Among Interesting Topics at Google Cloud NEXT

Security Boulevard

JUNE 5, 2024

With AI implementations, cybersecurity attacks can occur at different states of the AI pipeline including data collection, model creation and training, and at inference. The immense processing power of quantum computers could potentially break widely used encryption algorithms, which could compromise sensitive data.,

Encryption

Encryption Artificial Intelligence Technology Data collection

6 ways to get the most from Data Privacy Week

Webroot

JANUARY 27, 2025

Data Privacy Week (Jan. Whether youre browsing online as a consumer or running a business, data privacy is paramount in an environment where cyber threats can lurk around every corner. In the spirit of Data Privacy Week, here are six ideas to help you protect yourselfand your data: 1.

Data privacy

Data privacy Backups Antivirus Encryption

How your business can benefit from Cybersecurity automation

CyberSecurity Insiders

NOVEMBER 24, 2021

Many security professionals spend hours each day manually administering tools to protect enterprise data. For many organizations, spending so much time collecting data is not conducive to innovation and growth. Data privacy.

Cybersecurity

Cybersecurity Data privacy Small Business Threat Detection

Data Loss Prevention for Small and Medium-Sized Businesses

IT Security Guru

JULY 28, 2023

Not only large enterprises but small and medium-sized businesses (SMBs) should realise the threat size, its origin, exogenous or from their inner circle , and the potential impact on their assets. Implementing an effective data loss prevention (DLP) strategy to mitigate these cyber threats and safeguard critical data is imperative.

Data breaches

Data breaches Risk Education Telecommunications

Agentic AI vs Generative AI: SecOps Automation and the Era of Multi-AI-Agent Systems

Digital Shadows

MARCH 5, 2025

These systems are embedded into security operations platforms, continuously monitoring network activity to identify potential threats. SOC Automation In security operations centers (SOCs), agentic AI plays a crucial role in automating processes and workflows , including alert enrichment, data collection, and contextualization.

Artificial Intelligence

Artificial Intelligence Threat Detection Risk Architecture

How to Automate GDPR Compliance

Centraleyes

OCTOBER 10, 2024

Understanding GDPR and Its Challenges The GDPR sets stringent standards for automating data privacy compliance. It applies to any organization that processes the personal data of EU citizens. Evolving Threat Landscape: Cyber threats are continually evolving, requiring organizations to maintain robust data protection measures.

Data collection

Data collection Data breaches Data privacy Risk

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Being frank – the bad actors did a great job in terms of the service usability, and configurability of new campaigns, traffic flows, and data collection. The portal of EvilProxy contains multiple tutorials and interactive videos regarding the use of the service and configuration tips. Post-Authorization URL [link].

Phishing

Phishing Accountability Hacking Advertising

How threat actors can use generative artificial intelligence?

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

Trending Sources

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

DRM Report Q2 2023 – Ransomware threat landscape

Privacy Roundup: Week 3 of Year 2025

US Federal Judge Upholds Automakers' Right to Record Texts, Call Logs

Half of Britons feel they are victims of ‘Sonic Snooping’

Over 100,000 ChatGPT Accounts Compromised by Cybercriminals

Key Cybersecurity Compliance Deadlines You Can't Miss in 2024

Google Chronicle announced Backstory to protect businesses

Podcast: Can we fix IoT security?

2024 Cybersecurity Laws & Regulations

Indicators of compromise (IOCs): how we collect and use them

Control Across Your Hybrid Environments Using Cisco Secure Workload 3.6

Clarifying CAASM vs EASM and Related Security Solutions

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Vulnerability Management Automation: A Mandate, Not A Choice

IATA Cyber Regulations

Threat Hunting with MITRE ATT&CK

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Biden Signs Better Cybercrime Metrics Act

China-Linked Apps Pose Threat to Google Play Store Users

PRODUCT REVIEW: Nisos OSINT Monitoring and Analysis

Monitoring the dark web to identify threats to energy sector organizations

Access Management is Essential for Strengthening OT Security

The Future of Privacy: How Big Tech Is Changing the Way We Think About Our Data

New set of Pakistani banks’ card dumps goes on sale on the dark web

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

Amazon Alexa Skills Present Security Risks

Online market for counterfeit goods in Russia has reached $1,5 billion

SWIFT

Regional privacy but global clouds. How to manage this complexity?

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

MIT Report Spotlights Triple Threat Fueling Data Breach Tsunami

6 Business functions that will benefit from cybersecurity automation

What Is Threat Intelligence? Understanding the Foundations of an Effective Threat Intel Program

Halliburton Confirms Network Disruption After Suspected Cyber Attack

Generative AI, Confidential Computing, and Post-Quantum Cryptography, Among Interesting Topics at Google Cloud NEXT

6 ways to get the most from Data Privacy Week

How your business can benefit from Cybersecurity automation

Data Loss Prevention for Small and Medium-Sized Businesses

Agentic AI vs Generative AI: SecOps Automation and the Era of Multi-AI-Agent Systems

How to Automate GDPR Compliance

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Stay Connected