Schneier on Security

MARCH 14, 2023

Consider, for example, a 2013 Massachusetts bill that tried to restrict the commercial use of data collected from K-12 students using services accessed via the internet. It turns out there is a natural opening for this technology: microlegislation. Political scientist Amy McKay coined the term.

Energy and Utilities 334

Energy and Utilities Artificial Intelligence Technology Government 334

Krebs on Security

SEPTEMBER 4, 2018

Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. Court documents (PDF) obtained from the U.S.

Spyware 231

Spyware Mobile Advertising Software 231

Krebs on Security

AUGUST 14, 2019

Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous. student and principal author of the study. “These products can be mistaken for skimmers by existing detection apps.” ” BLACK MARKET VALUE.

Banking 259

Banking Computers and Electronics Marketing Mobile 259

Security Affairs

JULY 30, 2020

The attackers sent out spear-phishing emails using boobytrapped documents leveraging the fake job offer as bait. The Techniques, Tactics, and Procedures (TTPs) of the Operation North Star operations are very similar to those observed in 2017 and 2019 campaigns that targeted key military and defense technologies.

Advertising 136

Advertising Data collection Malware Phishing 136

IT Security Guru

AUGUST 7, 2024

The insurance industry is experiencing a significant transformation fuelled by the ubiquity of digital technologies. CIAM platforms facilitate this process by allowing “just-in-time” data collection at various touchpoints along the user journey, enriching customer profiles and enabling personalised services.

Insurance 124

Insurance Data collection Authentication Technology 124

Security Affairs

SEPTEMBER 17, 2024

The report provides insights into factors influencing user consent for data collection and usage and reasons for consumer disengagement. A Statista survey of US consumers showed that two-thirds (66%) of respondents said they would gain trust in a company if it were transparent about how it uses their personal data.

Data collection 115

Data collection Data privacy B2B Digital transformation 115

Security Affairs

JULY 22, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from April to June, Q2, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 124

Threat Reports Phishing Malware Banking 124

BH Consulting

MARCH 26, 2025

If there is one statistic that sums up the increasing pace of technological change, it might well be this. Gartner forecasts that by 2026, more than 80 per cent of businesses will implement Generative AI in their production environments. To put this into context, GenAI use in business was just 5 per cent in 2023, the research company said.

Government 52

Government Artificial Intelligence Risk Digital transformation 52

CyberSecurity Insiders

AUGUST 27, 2022

Nisos provides the people, processes, and technologies necessary to deliver actionable intelligence as a managed service. Nisos also documents any remaining PII that couldn’t be removed. Nisos also documents any remaining PII that couldn’t be removed. They fuse robust data collection with a deep understanding of the adversarial.

Risk 136

Risk Media Data collection Security Intelligence 136

Security Affairs

JUNE 19, 2021

. “The incident could pose serious security risks if any core information was leaked to North Korea, as KAERI is the country’s largest think tank studying nuclear technology including reactors and fuel rods,” Ha Tae-keung said in a statement. ” reported The Record.

Hacking 144

Hacking VPN Internet Internet 144

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 107

Threat Reports Phishing Malware Data collection 107

Google Security

MAY 5, 2023

The technology behind the former (“same device passkey”) is not new: it was originally developed within the FIDO Alliance and first implemented by Google in August 2019 in select flows. This technology behind passkeys allows users to log in to their account using any form of device-based user verification, such as biometrics or a PIN code.

Authentication 122

Authentication Passwords Technology Password Management 122

Security Affairs

NOVEMBER 14, 2021

The Threat Report Portugal: Q3 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q3, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 108

Threat Reports Phishing Malware Banking 108

Security Affairs

JANUARY 26, 2021

The Threat Report Portugal: Q4 2020 compiles data collected on the malicious campaigns that occurred from October to December, Q4, of 2020. Next, was Retail and Technology, as the most sectors affected in this season. The submissions were classified as either phishing or malware.

Threat Reports 136

Threat Reports Phishing Malware Banking 136

Cisco Security

JULY 5, 2021

7] Cisco Secure Endpoint employs a robust set of preventative technologies to stop malware, in real-time, protecting endpoints against today’s most common attacks. It prevents command and control call-backs for data exfiltration and stops execution of ransomware encryption. Cisco Secure Endpoint At-a-Glance Document.

Malware 145

Malware Risk Mobile Technology 145

Security Affairs

NOVEMBER 15, 2018

The documents in question were supposedly contained in the zipped files attached, however by uncompressing these files users downloaded Silence.Downloader – the tool used by Silence hackers. As such, they are very familiar with documentation in the financial sector and the structure of banking systems. October attack: MoneyTaker .

Banking 111

Banking Computers and Electronics Phishing Cybercrime 111

The Last Watchdog

MARCH 8, 2021

This colorful chapter in the history of technology and society isn’t just breezing by unnoticed. The largest players in the tech industry need to demonstrate that they can self-regulate, or else lawmakers will take over a core asset of their business – consumer data – as demonstrated by California’s consumer privacy act.

Data privacy 196

Data privacy Manufacturing Education Technology 196

Malwarebytes

JUNE 8, 2022

In reality, this level of data collection is not as uncommon as is being suggested. The app collects how much data? Despite an FAQ claiming tracking only takes place “with the app open”, reporter James McCleod submits a request under Canada’s Personal Information protection and Electronic Documents Act.

Mobile 118

Mobile Data collection Advertising Marketing 118

eSecurity Planet

JUNE 8, 2022

Rapid7’s online documentation is very thorough, and their knowledge base articles helped us navigate a few configuration hiccups we ran into along the way. Once you are ready to install the collector role, first log into the InsightIDR portal : From the menu on the left side of the screen, click Data Collection.

DNS 109

DNS Data collection Marketing Passwords 109

Malwarebytes

MARCH 14, 2024

And a former executive at TikTok’s parent company ByteDance claimed in court documents that the Chinese Communist Party (CCP) had access to TikTok data , despite the data being stored in the US. The EFF argues that the bill will not stop the sharing of data but it will reduce online rights in a way that is unconstitutional.

Identity Theft 120

Identity Theft Government Media Data collection 120

SecureList

NOVEMBER 28, 2022

In the EU, lawmakers are working on the Data Act , meant to further protect sensitive data, as well as a comprehensive AI legal strategy that might put a curb on a range of invasive machine-learning technologies and require greater accountability and transparency. Smartphones will replace more paper documents.

Insurance 135

Insurance Social Engineering IoT Data breaches 135

SecureList

OCTOBER 18, 2023

Each phishing document contains an external link to fetch a remote page containing a CVE-2021-26411 exploit. The attackers continued to send malicious documents via email until the end of September 2022. Overall, the campaign remained active over 6 months, until May 2023.

Malware 142

Malware Phishing Internet Internet 142

Security Affairs

OCTOBER 27, 2022

Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin payload-related alert in the last 30 days. DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm.

Ransomware 108

Ransomware Malware Data collection Encryption 108

Security Affairs

OCTOBER 9, 2024

Conversational AI platforms are designed to facilitate natural interactions between humans and machines using technologies like Natural Language Processing (NLP) and Machine Learning (ML). Bots can collect valuable data from user interactions, which can be analyzed to gain insights into customer preferences and behaviors.

Social Engineering 121

Social Engineering Risk Identity Theft Technology 121

Cisco Security

JUNE 15, 2021

The training and documentation resources of DevNet remain available. Nearly a dozen free/community security technology integrations are included, with details on how to set up your own free account. Cisco Secure is committed to an open and robust ecosystem, as explored in the ESG Showcase paper. SecureX Integration Modules.

Firewall 126

Firewall Data collection Education Malware 126

SecureList

JULY 8, 2024

It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. In May 2024, we discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer.

Government 143

Government Malware Data collection DNS 143

Approachable Cyber Threats

AUGUST 2, 2021

A hacker or scammer could also use faceprint and voiceprint data in a plethora of ways to impersonate you, and to create very realistic deep fakes or digital personas - combined with the other information obtainable from TikTok and some rudimentary AI, create a not-so-easily discerned, fake digital version of any user.

Data collection 98

Data collection Media Mobile Identity Theft 98

Centraleyes

OCTOBER 28, 2024

While the European Union’s GDPR continues to set a high bar, other countries, including Australia, Canada, and Argentina, also implement strict data protection laws. Navigating this global maze of regulations and the operational and technological hurdles that come with it is no small feat.

Data privacy 52

Data privacy Encryption Risk Data breaches 52

Centraleyes

MARCH 25, 2024

Centraleyes collects real-time threat intelligence from various sources, providing unparalleled visibility into potential vulnerabilities and gaps. The platform goes beyond data collection by automatically generating actionable remediation tasks with intelligent prioritization and efficient management.

Risk 111

Risk Data collection Architecture Government 111

SecureWorld News

JANUARY 4, 2024

This data can be used to gauge turnover risk, assess the need for new positions, and evaluate employee productivity and workplace engagement. UAM tools also greatly help ensure data security. Integration with a customer's existing infrastructure, including other security tools and various cloud technologies , is also crucial.

Data collection 126

Data collection Surveillance Artificial Intelligence Risk 126

SecureWorld News

JULY 18, 2024

Documenting relationships: Describe how components interact and depend on each other. However, a key issue is that it's important to assess the quality of your SBOM data collection." RELATED: CISA has a page dedicated to Information and Communications Technology Supply Chain Security.]

Software 107

Software Risk Artificial Intelligence Accountability 107

Security Affairs

SEPTEMBER 18, 2020

CERT-GIB’s report is based on data collected and analyzed by the Threat Detection System (TDS) Polygon as part of operations to prevent and detect threats distributed online in H1 2020. They are followed by banking Trojans , whose share in the total amount of malicious attachments showed growth for the first time in a while.

Phishing 136

Phishing Ransomware Spyware Banking 136

eSecurity Planet

APRIL 26, 2022

As a leading VC, BVP offers budding companies plenty to consider, with a set of roadmaps and tools for today’s technologies and market complexities. Notable cybersecurity exits for the company include AVG Technologies, Cognitive Security, OpenDNS, and Carbon Black. Also read : Addressing Remote Desktop Attacks and Security.

Cybersecurity 128

Cybersecurity Technology Marketing Healthcare 128

Pen Test

DECEMBER 10, 2024

In reverse engineering, NLP can be used to analyze and understand textual data, such as code comments, documentation, and user manuals. Code Comments and Documentation : NLP can extract meaningful information from code comments and documentation, providing insights into the design and functionality of a system.

Engineering 70

Engineering Artificial Intelligence Software Malware 70

SecureList

NOVEMBER 2, 2022

Case #1: Collecting and stealing documents. <…cut…> wevtutil qe security /rd:true /f:text /q:"*[EventData/Data[@Name='TargetUserName']='<username1>'] and *[System[(EventID=4624) or (EventID=4623) or (EventID=4768) or (EventID=4776)]]" /c:1. Use of the RAR archiver for data collection. Process start.

Malware 142

Malware Engineering Passwords Data collection 142

SecureList

OCTOBER 13, 2023

The technology is becoming commonplace, and its inability to keep up with people’s growing demands has led to complaints that the chatbot is gradually getting dumber. It is worth knowing this before deciding to entrust your data to the service. The privacy policy has this to say about it: “Private mode: no data collection.

Accountability 139

Accountability B2B Risk Hacking 139

Centraleyes

JUNE 4, 2024

The law is relevant to a wide range of industries including but not limited to: Technology Retail Finance Healthcare Marketing and advertising Any business involved in data collection, processing, and monetization Who Needs to Comply? The CPA mandates compliance from both data controllers and processors.

Data collection 52

Data collection Advertising Risk Retail 52