Security Affairs

JUNE 19, 2021

Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ? SecurityAffairs – hacking, North Korea). The post North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI appeared first on Security Affairs. Pierluigi Paganini.

Hacking 144

Hacking VPN Internet Internet 144

Security Affairs

FEBRUARY 6, 2020

based specification for a suite of high-level communication protocols used to create personal area networks with small, low-power digital radios, such as for home automation, medical device data collection, and other low-power low-bandwidth needs, designed for small scale projects which need wireless connection. Pierluigi Paganini.

Hacking 141

Hacking IoT Wireless Firmware 141

Security Affairs

JANUARY 16, 2025

The security breach occurred on December 13, 2023, but the company discovered the incident only on April 18, 2024, and has only now disclosed it due to the complexity of the digital forensic investigation. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach)

Data breaches 94

Data breaches Identity Theft Consumer Protection Data collection 94

Security Affairs

MARCH 27, 2025

In January, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Deepseek)

Malware 66

Malware Data collection Advertising Media 66

Security Affairs

FEBRUARY 2, 2025

Last week, Italys data protection watchdog blocked Chinese artificial intelligence (AI) firm DeepSeek s chatbot service within the country, citing a lack of information on its use of users personal data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,DeepSeek)

Government 77

Government Artificial Intelligence Media Data collection 77

Security Affairs

JANUARY 30, 2025

Italys data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italys Data Protection Authority Garante has asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data.

Artificial Intelligence 71

Artificial Intelligence Data collection Data privacy DDOS 71

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 145

Threat Reports Phishing Malware Banking 145

Security Affairs

OCTOBER 27, 2023

Then, the derived insights let you monitor market trends, customer behavior, competitor pricing, and other key data collected via market research. Successful extraction of public data from the internet can be a tricky process, especially when visited websites use protection algorithms. appeared first on Security Affairs.

Marketing 126

Marketing Data collection Internet Internet 126

Security Affairs

DECEMBER 31, 2023

. “Judge Rogers had rejected Google’s bid to have the case dismissed earlier this year, saying she could not agree that users consented to allowing Google to collect information on their browsing activity.” Google has yet to respond to a request for comment on the settlement.

Data collection 144

Data collection Advertising Hacking Technology 144

Security Affairs

DECEMBER 2, 2023

Businesses employ MongoDB to organize and store large swaths of document-oriented information. While WeMystic has since closed the database, researchers said that the data was accessible for at least five days. One of the data collections in the exposed instance, named “users,” contained a whopping 13.3

Data collection 140

Data collection Risk Hacking Information Security 140

Security Affairs

NOVEMBER 24, 2020

The code found in both apps allowed to gather device data, including model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps. SecurityAffairs – hacking, Android).

Data collection 115

Data collection Mobile Spyware Surveillance 115

Security Affairs

FEBRUARY 28, 2020

Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates. SecurityAffairs – hacking, Turkey). The post Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates appeared first on Security Affairs.

Media 135

Media Data collection Internet Internet 135

Security Affairs

DECEMBER 12, 2023

The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs). ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, APT) .”

Malware 128

Malware Data collection Manufacturing Healthcare 128

Security Affairs

OCTOBER 23, 2023

Teodoro ordered “to refrain from using AI photo generator applications and practice vigilance in sharing information online” At this time, it remains unclear whether the order was issued in response to a specific event or to address potential attacks aimed at exploiting the data collected by these applications.

Identity Theft 134

Identity Theft Social Engineering Data collection Risk 134

Security Affairs

OCTOBER 11, 2020

Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year. SecurityAffairs – hacking, US Census Bureau). The post Hackers targeted the US Census Bureau network, DHS report warns appeared first on Security Affairs.

Government 145

Government Advertising Hacking Data collection 145

Security Affairs

MARCH 4, 2024

Consumer groups assert that Meta is not adhering to various rules established by the European privacy regulation GDPR: Fair Processing (Article 5(1)(a)): Personal data must be processed lawfully, fairly, and transparently. Consumer groups claim that Meta’s data collection is unfair and lacks transparency.

Data collection 129

Data collection Surveillance Hacking Information Security 129

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 125

Data breaches Banking Hacking Malware 125

Security Affairs

DECEMBER 23, 2023

Our investigation indicates that certain information associated with your account was impacted.” ” reads the data breach notification email sent to the impacted customers. “Mint’s data collection policy is one of the most important ways in which we ensure the privacy and security of our subscribers.

Data breaches 134

Data breaches Mobile Wireless Data collection 134

Security Affairs

OCTOBER 4, 2023

The data collected paints a vivid picture, revealing 1,736 ransomware claims, with 53 incidents specifically targeting Italy. Geographical data and affected sectors provide crucial insights into emerging trends and threats. Wrapping up: The second quarter of 2023 reflects a concerning surge in ransomware attacks globally.

Ransomware 129

Ransomware Data collection Cyber threats Hacking 129

Security Affairs

SEPTEMBER 14, 2020

Data collected by the researchers are very interesting and very useful for future research projects on the security of the critical infrastructure. The researchers highlighted the importance of the contribution from the security community, anyone could submit info related to attacks to CIRWA using this form.

Ransomware 143

Ransomware Advertising Data collection Healthcare 143

Security Affairs

OCTOBER 30, 2023

. “The Chief Information Officer of Canada determined that WeChat and Kaspersky suite of applications present an unacceptable level of risk to privacy and security. On a mobile device, the WeChat and Kaspersky applications data collection methods provide considerable access to the device’s contents.”

Mobile 137

Mobile Government Data collection Antivirus 137

Security Affairs

JANUARY 31, 2025

This week, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, DeepSeek)

Artificial Intelligence 60

Artificial Intelligence Data collection DDOS Risk 60

Security Affairs

JUNE 16, 2020

On Friday, the Norwegian Data Protection Authority (Norwegian: Datatilsynet) issued a warning that it would stop the Norwegian Institute of Public Health from handling data collected via Smittestopp contact tracing app. “The pandemic is not over,” she said.

Data collection 137

Data collection Advertising Government Technology 137

Security Affairs

JANUARY 26, 2021

The Threat Report Portugal: Q4 2020 compiles data collected on the malicious campaigns that occurred from October to December, Q4, of 2020. Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst, Cybersecurity Analyst and also a Security Evangelist.

Threat Reports 136

Threat Reports Phishing Malware Banking 136

Security Affairs

APRIL 20, 2020

The Threat Report Portugal: Q1 2020 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2020. Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst, Cybersecurity Analyst and also a Security Evangelist.

Threat Reports 136

Threat Reports Phishing Malware Banking 136

Security Affairs

SEPTEMBER 17, 2024

The report provides insights into factors influencing user consent for data collection and usage and reasons for consumer disengagement. A Statista survey of US consumers showed that two-thirds (66%) of respondents said they would gain trust in a company if it were transparent about how it uses their personal data.

Data collection 115

Data collection Data privacy B2B Digital transformation 115

Security Affairs

SEPTEMBER 26, 2023

BORN Ontario hired cybersecurity experts to mitigate the threat, secure its infrastructure, and investigate the scope of the incident. The organization confirmed that it was the victim of the massive hacking campaign targeting Progress MOVEit transfer systems that was conducted by the Clop ransomware group.

Data breaches 129

Data breaches Healthcare Ransomware Hacking 129

Adam Shostack

JANUARY 2, 2025

First, in the nearly ten years since Andrew Stewart and I wrote The New School of Information Security, and called for more learning from breaches, we've seen a dramatic shift in how people talk about breaches. Mandatory reporting and investigations would result better data collection.

InfoSec 130

InfoSec Data collection Engineering Cyber Attacks 130

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 106

Threat Reports Phishing Malware Data collection 106

Security Affairs

DECEMBER 30, 2020

T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information). Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. SecurityAffairs – hacking, T-Mobile). Pierluigi Paganini.

Data breaches 144

Data breaches Mobile Telecommunications Accountability 144

Security Affairs

MARCH 24, 2021

” According to data collected by RiskIQ , the number of unpatched systems is less than 30,000, Microsoft also announced that 92% of worldwide Exchange IPs are now patched or mitigated. pic.twitter.com/YhgpnMdlOX — Security Response (@msftsecresponse) March 22, 2021. SecurityAffairs – hacking, ProxyLogon).

Data collection 132

Data collection Antivirus Internet Internet 132

Security Affairs

FEBRUARY 13, 2024

The data collected unearthed a total of 1771 ransomware claims, with 55 recorded incidents in Italy. The complete report is available here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, ransomware )

Ransomware 131

Ransomware Data collection Hacking Accountability 131

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring devices linked to the internet are vulnerable to cyberattacks that could disrupt data collection and processing, according to Michael Samios of the National Observatory of Athens and his fellow colleagues who put together a new study published in Seismological Research Letters. .

IoT 128

IoT InfoSec Data collection Encryption 128

Security Affairs

JANUARY 17, 2021

If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 297 appeared first on Security Affairs. Pierluigi Paganini.

Banking 108

Banking Data collection Malware Data breaches 108

Security Affairs

JULY 30, 2020

These DLL implants were intended to gather basic information from the victims’ machines with the purpose of victim identification.” “The data collected from the target machine could be useful in classifying the value of the target. SecurityAffairs – hacking, North Korea). Pierluigi Paganini.

Advertising 135

Advertising Data collection Malware Phishing 135

Security Affairs

NOVEMBER 23, 2022

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users. Researchers at software company Mysk discovered that analytics data collected by iPhone include the Directory Services Identifier (DSID), which could allow identifying users.

Data collection 145

Data collection Accountability Hacking Software 145

Security Affairs

JULY 12, 2021

For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from hundreds of millions of LinkedIn user profiles surfaced on a hacker forum, where it’s currently being sold for an undisclosed sum.

Social Engineering 144

Social Engineering Data collection Media Passwords 144