SecureList

JULY 8, 2024

In May 2024, we discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure.

Government 142

Government Malware Data collection DNS 142

Schneier on Security

JANUARY 14, 2020

Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. The technology will quickly become critical national infrastructure, and security problems will become life-threatening. What's more, U.S.

Data collection 279

Data collection Software Marketing Government 279

Schneier on Security

SEPTEMBER 26, 2019

It's also why the United States has blocked the cybersecurity company Kaspersky from selling its Russian-made antivirus products to US government agencies. Meanwhile, the chairman of China's technology giant Huawei has pointed to NSA spying disclosed by Edward Snowden as a reason to mistrust US technology companies.

Surveillance 249

Surveillance Wireless Government Internet 249

Krebs on Security

MAY 18, 2022

for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service , which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me. ’ ID.me

Government 294

Government Accountability Surveillance Data collection 294

Schneier on Security

DECEMBER 19, 2023

A society where big companies tell blatant lies about how they are handling our data—­and get away with it without consequences­—is a very unhealthy society. A key role of government is to prevent this from happening. ” These foundation models want our data. The corporations that have our data want the money.

Government 323

Government Banking Risk Internet 323

SecureList

NOVEMBER 29, 2024

Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. Two months later, in July 2024, CloudSorcerer launched further attacks against Russian government organizations and IT companies.

Energy and Utilities 100

Energy and Utilities Ransomware Malware Government 100

Security Boulevard

FEBRUARY 23, 2025

Home Office Contractor's Data Collection Sparks Privacy Concerns The Home Office faces scrutiny after revelations that its contractor, Equifax, collected data on British citizens while conducting financial checks on migrants applying for fee waivers.

Cybersecurity 52

Cybersecurity Government Data collection Encryption 52

Herjavec Group

JANUARY 31, 2022

Information Technology (IT) primarily refers to hardware, software, and communications technologies like networking equipment and modems that are used to store, recover, transmit, manipulate, and protect data. . Operational technology has seen innovations that allowed it to become safer, more efficient, and more reliable.

Technology 98

Technology Cybersecurity InfoSec Software 98

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. An integration with Cigent Technology is now available for Secure Endpoint customers to integrate with. Kenna has a healthy 3rd Party ecosystem of technology partners.

Technology 145

Technology Firewall VPN Authentication 145

Krebs on Security

OCTOBER 12, 2018

— had allegedly inserted hardware backdoors in technology sold to a number of American companies. Sager said he hadn’t heard anything about Supermicro specifically, but we chatted at length about the challenges of policing the technology supply chain. Below are some excerpts from our conversation. TS: Exactly.

Computers and Electronics 231

Computers and Electronics Internet Internet Technology 231

The Last Watchdog

JUNE 13, 2022

Among them: an expanding digital footprint, growing attack surfaces, and increasing government regulation. Still, given the impact data science has had on other areas of software development, it seems likely that in the coming years one or more of these proposed solutions will yield a significant improvement in identity management systems.

Cybersecurity 257

Cybersecurity Artificial Intelligence Software Marketing 257

Security Affairs

NOVEMBER 6, 2024

The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. However, the government pointed out that Canadians can still access and use TikTok by choice, the use of a social media platform is a personal choice. s operations in Canada through the establishment of TikTok Technology Canada, Inc.

Government 118

Government Mobile Media Technology 118

SecureWorld News

APRIL 30, 2023

DCAP incorporates the Data Access Governance ( DAG ) approach, aimed at controlling and managing access to unstructured data, along with additional tools for classifying the data and analyzing user actions. Data access control raises many questions not only among users but sometimes also among security professionals.

Technology 98

Technology Unstructured Data Data breaches Information Security 98

The Last Watchdog

NOVEMBER 21, 2018

These regulations have certainly contributed to the movement towards consumerism and prompted businesses in the United States to rethink data collection and management, considering how violating these regulations could adversely affect their business and brand. For many, the answer is yes. If the U.S.

Data privacy 133

Data privacy Data collection Big data Government 133

The Last Watchdog

APRIL 9, 2020

Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will get crunched by virtual servers. And industry groups and government regulators are stepping up efforts to incentivize IoT device makers to embed security at the device level. There’s no stopping the Internet of Things now.

Internet 195

Internet Internet IoT Technology 195

Security Affairs

JUNE 19, 2021

The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation. Early this month, researchers from Malwarebytes published a report on the Kimsuky APT’s operations aimed at South Korean government.

Hacking 145

Hacking VPN Internet Internet 145

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. Super Bowl Sunday watchers are treated to no fewer than a half-dozen commercials for cryptocurrency investing.

Cryptocurrency 296

Cryptocurrency Cybercrime Computers and Electronics Scams 296

Security Boulevard

MARCH 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Of course, personalized in this context means leveraging extensive amounts of data collected on people. More information on what sites this tool can pull from can be found on a Google Docs spreadsheet uploaded by 404media.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. These apps also frequently use Bluetooth data to gather location information and proximity to nearby devices. Privacy Tools and Services Primarily covers tools and services with a focus on maintaining/improving/respecting user privacy.

Surveillance 75

Surveillance Telecommunications Malware Data breaches 75

CyberSecurity Insiders

JANUARY 4, 2022

In simple words, online companies that have over one million users should go through a data processing activity taken up by Cyberspace Administration of China where it needs to submit details on how it collects, stores, uses, processes, transmits and discloses data to other governments when the need arises.

Data collection 104

Data collection Government Advertising Network Security 104

Security Boulevard

DECEMBER 10, 2021

SOC Technology Failures?—?Do Most failed Security Operations Centers (SOCs) that I’ve seen have not failed due to a technology failure. Let’s stick to mostly technology focused failures. An astute reader will notice that in the list below, some of the purported technology failures are really process failures in disguise.

Technology 59

Technology CISO Data collection Threat Detection 59

Security Affairs

JUNE 21, 2019

Turla (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ), has been active since at least 2007 targeting government organizations and private businesses. The three recent Turla campaigns targeted governments and international organizations worldwide.

Government 107

Government Advertising Hacking Data collection 107

IT Security Guru

AUGUST 7, 2024

The insurance industry is experiencing a significant transformation fuelled by the ubiquity of digital technologies. These regulations stress the fair treatment of customers, transparent sales practices, robust governance and consent. In addition, the burden on IT is reduced through centralised and automated user management processes.

Insurance 124

Insurance Data collection Authentication Technology 124

Centraleyes

DECEMBER 11, 2024

Governments and regulatory authorities may also mandate compliance with IATA standards to align with broader cybersecurity strategies. Recent amendments have focused on addressing vulnerabilities linked to digital transformation in aviation, such as the use of cloud technologies and IoT devices. and the EU Cybersecurity Act.

Risk 52

Risk Cybersecurity Penetration Testing Digital transformation 52

The Last Watchdog

DECEMBER 6, 2018

Businesses at large would do well to model their data collection and security processes after what the IC refers to as the “intelligence cycle.” This cycle takes a holistic approach to detecting and deterring external threats and enforcing best-of-class data governance procedures. infrastructure from cyber attacks.

Financial Services 149

Financial Services Data collection Manufacturing Cyber Attacks 149

SecureList

NOVEMBER 23, 2021

Global connectivity underpins the most basic functions of our society, such as logistics, government services and banking. Governments in many countries push for easier identification of Internet users to fight cybercrime, as well as “traditional” crime coordinated online.

Government 125

Government Internet Internet Technology 125

The Last Watchdog

SEPTEMBER 20, 2019

Local government agencies remain acutely exposed to being hacked. However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. That’s long been true.

Ransomware 153

Ransomware Government Firewall Cyber Insurance 153

Security Affairs

MARCH 17, 2021

Chinese-language threat actors are targeting telecom companies, as part of a cyber espionage campaign tracked as ‘Operation Diànxùn,’ to steal sensitive data and trade secrets tied to 5G technology. Hackers behind these campaigns are targering people working in the telecom industry.

Malware 109

Malware Data collection Technology Phishing 109

Adam Shostack

JANUARY 2, 2025

Usually I threat model specific systems or technologies where the answers are more crisp. What data is collected, how, and by whom? Those who want to run a 'welcoming city' and those who distrust government data collection can all ask how Seattle's new privacy program will help us.

Data collection 130

Data collection Internet Internet Government 130

Security Affairs

MARCH 7, 2025

This article uses differential privacy in healthcare, finance, and government data analytics to explore the mathematical foundation, implementation strategies, and real-world applications of differential privacy. According to Erlingsson (2014), Google’s RAPPOR system collects user data while maintaining anonymity.

Artificial Intelligence 63

Artificial Intelligence Healthcare Data privacy Banking 63

eSecurity Planet

SEPTEMBER 21, 2024

The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. CISA encourages organizations to exchange information about cyber threats, vulnerabilities, and incidents to improve collective cybersecurity.

Cybersecurity 121

Cybersecurity Computers and Electronics Cyber threats Healthcare 121

Krebs on Security

JULY 18, 2022

The researchers concluded that 911 is supported by a “mid scale botnet-like infrastructure that operates in several networks, such as corporate, government and critical infrastructure.” “Our technology ensures the maximum security from reverse engineering and antivirus detections,” ExEClean promised.

VPN 353

VPN Computers and Electronics Antivirus Software 353

SecureWorld News

JANUARY 17, 2024

Artificial intelligence (AI) promises to transform major sectors like healthcare, transportation, finance, and government over the coming years. National Institute of Standards and Technology (NIST). Continuous risk assessment and governance throughout the AI system lifecycle remains essential.

Artificial Intelligence 113

Artificial Intelligence Data collection Architecture Healthcare 113

Centraleyes

JULY 2, 2024

It involves creating AI technologies that are fair, transparent, accountable, and respectful of privacy. For businesses new to AI, responsible AI governance is about creating a solid foundation of trust with your users, investors, and partners. This builds trust and helps people feel confident in your technology.

Government 52

Government Accountability Technology Risk 52

Malwarebytes

MARCH 14, 2024

Since 2020, several governments and organizations have banned, or considered banning, TikTok from their staff’s devices, but a complete ban of an internet app would be a first in the US. For example, TikTok has repeatedly claimed the Chinese government never demanded access to US data and that TikTok would not comply if it did.

Identity Theft 122

Identity Theft Government Media Data collection 122

SecureWorld News

JUNE 16, 2023

The EU is attempting to provide guardrails on a technology that is still not well understood but does present a lot of concerns from a legal perspective," said Jordan Fischer, cyber attorney and partner at Constangy, who recently moderated a panel discussion on "The Future of Privacy and Cyber: AI, Quantum and Mind Readers" at SecureWorld Chicago.

Artificial Intelligence 98

Artificial Intelligence Technology CISO Government 98

Centraleyes

MAY 23, 2024

What is Data Access Governance? 80% of digital organizations will fail because they don’t take a modern approach to data governance. Gartner) Data is widely recognized as the most valuable business asset. Data access governance is a subset of data governance.

Government 52

Government Backups Accountability Data privacy 52