CyberSecurity Insiders

JUNE 7, 2023

Threats are also growing, with 40 percent of data breaches involving stolen credentials, according to the 2022 Verizon Data Breach Investigation Report. As with any game-changing technology, we can expect AI models to be regulated with safety and security standards, possibly at the government level. How should we manage AI?

Risk 118

Risk Artificial Intelligence Technology Digital transformation 118

Security Boulevard

APRIL 12, 2024

Government says victims include the “critical infrastructure sector.” A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard.

Risk 139

Risk Hacking Government Digital transformation 139

Security Boulevard

APRIL 5, 2024

Fast enough for government work: The Federal Communications Commission is finally minded to do something about decades-old vulnerabilities. The post FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair? appeared first on Security Boulevard.

Government 130

Government Digital transformation Telecommunications Social Engineering 130

Security Boulevard

FEBRUARY 22, 2024

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking 136

Hacking Government Digital transformation Social Engineering 136

Security Boulevard

JANUARY 25, 2024

Targeted ads target targets: Patternz and Nuviad enable potentially hostile governments to track individuals by misusing ad bidding. The post Malicious AdTech Spies on People as NatSec Targets appeared first on Security Boulevard.

Government 138

Government Social Engineering Advertising Data privacy 138

Security Boulevard

JUNE 27, 2022

But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week. The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. We could soon have a federal GDPR. Wade Redo appeared first on Security Boulevard.

Data privacy 98

Data privacy Social Engineering IoT Security Awareness 98

Security Boulevard

SEPTEMBER 25, 2023

Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government. The post More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard.

Spyware 126

Spyware Government Social Engineering Data privacy 126

Security Boulevard

DECEMBER 8, 2023

TA446’s new TTPs: “Star Blizzard” FSB team called out by Five Eyes governments (again). The post Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan appeared first on Security Boulevard.

Phishing 83

Phishing Government Digital transformation Social Engineering 83

eSecurity Planet

NOVEMBER 18, 2022

He has “worked around the clock” to secure assets, identify crypto on the blockchain , find records, and work with regulators and government authorities. But both are launched via social engineering attacks where users are tricked into disclosing information or signing transactions that give attackers access to a user’s digital assets.

Risk 143

Risk Cybersecurity Cryptocurrency Social Engineering 143

CyberSecurity Insiders

MAY 3, 2023

By: Daron Hartvigsen , Managing Director, StoneTurn and Luke Tenery , Partner, StoneTurn When insider threat or insider risk is discussed in a corporate context, often the relevant topics include misconduct , fraud, misuse, or even the idea that insiders can be unwitting accomplices to social engineering exploitation.

Risk 120

Risk Cyber threats Marketing Engineering 120

The Last Watchdog

OCTOBER 5, 2023

Erin: What are some of the most common social engineering tactics that cybercriminals use? Erin: What role should governments play in combating cybercrime? Erin: In your opinion, what are the most common cybersecurity mistakes that companies make? Erin: What role does human error play in cybersecurity incidents?

Cyber threats 203

Cyber threats Cyber Insurance Cybersecurity Threat Detection 203

SecureWorld News

MAY 22, 2023

It was an old-school use of mirrored websites and social engineering to get USPS employees to enter their information into a fraudulent website. It's actually kind of stunning that such a major government employer as the Postal Service doesn't require it." This was a not an incredibly technical attack.

Scams 87

Scams Password Management Passwords Authentication 87

SecureWorld News

MAY 5, 2023

Frequent SecureWorld speaker and PLUS Course instructor Shawn Tuma , Co-Chair of the Data Privacy and Cybersecurity Practice at Spencer Fane, LLP, gives this commentary on the situation in Dallas: "This is a horrible event that will surely impact the lives of many people, and unfortunately it has become a fact of life in today's times.

Ransomware 85

Ransomware Cyber Risk Cyber Insurance Social Engineering 85

LRQA Nettitude Labs

JULY 5, 2023

Guidance : Guidance will be required on governance mechanisms including, potentially, activities in scope of appropriate risk management and governance processes (including reporting duties). Just recently, the UK government has been setting out its strategic vision to make the UK at the forefront of AI technology.

Artificial Intelligence 52

Artificial Intelligence Data privacy Social Engineering Risk 52

The Last Watchdog

MAY 11, 2020

Still, over time, they’ve been woven into baseline data security regulations far and wide. NIST specs are echoed in the data loss disclosure and data privacy laws that have cropped up in many U.S. The practices of government contractors typically get adapted universally, over time. states, for instance.

Computers and Electronics 113

Computers and Electronics Data privacy Encryption Media 113

Hacker's King

OCTOBER 3, 2024

Typical targets for zero-day attacks include: Government agencies Large companies People with access to important data , like trade secrets Ordinary users : Hackers can use vulnerabilities to take control of computers and create botnets. Hardware and IoT devices : These can also be attacked through unpatched vulnerabilities.

Media 52

Media Spyware Accountability Marketing 52

eSecurity Planet

JANUARY 6, 2022

Expect to see increasingly sophisticated AI and machine learning -based attacks – and a growing regulatory response from governments around the world. Along with China’s new data privacy law , companies can expect scrutiny of data uses and protection to continue to grow. . AI Attacks Lead to Regulation.

Ransomware 136

Ransomware Cybersecurity Artificial Intelligence CISO 136

Thales Cloud Protection & Licensing

JULY 31, 2024

Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality. To protect your digital identity, avoid sharing sensitive information on public forums or social media platforms.

Identity Theft 62

Identity Theft Cyber threats Authentication Passwords 62

Security Boulevard

AUGUST 1, 2024

Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality. To protect your digital identity, avoid sharing sensitive information on public forums or social media platforms.

Identity Theft 64

Identity Theft Cyber threats Authentication Passwords 64

SC Magazine

JULY 12, 2021

Companies do seem to be grasping the importance of privacy awareness training, according to Marla Berry, director of training at the International Association of Privacy Professionals, citing a 2020 IAPP-FTI Consulting Governance Report , which found that 95% of privacy teams are involved with companywide privacy-related awareness and training. “As

Education 109

Education Security Awareness Data privacy Social Engineering 109

Thales Cloud Protection & Licensing

NOVEMBER 5, 2024

As if things were not difficult enough, data collection in more states and countries is becoming stricter, with increased consumer protection laws leaving retailers applying tighter data privacy to their digital platforms. The human element risk cannot be understated.

Retail 71

Retail Data breaches Digital transformation Risk 71

Security Boulevard

OCTOBER 16, 2024

CA/B testing: Ludicrous proposal draws ire from “furious” systems administrators. The post Apple Enrages IT — 45-Day Cert Expiration Fury appeared first on Security Boulevard.

System Administration 134

System Administration Social Engineering Data privacy IoT 134

Security Boulevard

NOVEMBER 1, 2024

Plus brillants exploits: Canadian Centre for Cyber Security fingers Chinese state sponsored hackers. The post Ô! China Hacks Canada too, Says CCCS appeared first on Security Boulevard.

Hacking 128

Hacking Social Engineering Cyber Attacks Data privacy 128

SecureWorld News

OCTOBER 20, 2021

We are subject to numerous laws and regulations designed to protect this information, such as the European Union’s General Data Protection Regulation (“GDPR”), the United Kingdom’s GDPR, the California Consumer Privacy Act (and its successor the California Privacy Rights Act that will go into effect on January 1, 2023), as well as various other U.S.

Cyber Risk 83

Cyber Risk Risk Insurance Cyber Insurance 83

Security Boulevard

NOVEMBER 5, 2024

As if things were not difficult enough, data collection in more states and countries is becoming stricter, with increased consumer protection laws leaving retailers applying tighter data privacy to their digital platforms. The human element risk cannot be understated.

Retail 64

Retail Data breaches Digital transformation Risk 64

Security Boulevard

OCTOBER 25, 2024

Not cute: $UNH’s Change Healthcare unit paid a big ransom—its IT was as weak as a kitten. The post 100 MILLION Americans in UnitedHealth PII Breach appeared first on Security Boulevard.

Healthcare 133

Healthcare Social Engineering Authentication Data privacy 133

Security Boulevard

JUNE 28, 2024

Chinese fast-fashion-cum-junk retailer “is a data-theft business.” The post Temu is Malware — It Sells Your Info, Accuses Ark. AG appeared first on Security Boulevard.

Malware 137

Malware Retail Social Engineering Data privacy 137

Security Boulevard

SEPTEMBER 6, 2024

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion. The post Russian ‘WhisperGate’ Hacks: 5 More Indicted appeared first on Security Boulevard.

Hacking 137

Hacking Ransomware Social Engineering Cyber Attacks 137

Security Boulevard

SEPTEMBER 11, 2024

Week B: Bugs begone! This month Redmond fixes 79 security flaws in Windows and other products The post Microsoft Fixes Four 0-Days — One Exploited for SIX YEARS appeared first on Security Boulevard.

Social Engineering 124

Social Engineering Data privacy Engineering Security Awareness 124

Security Boulevard

SEPTEMBER 18, 2024

No More Barf-Green Bubbles? GSM Association is “excited” to bring Apple and Google closer together, but encryption is still lacking. The post E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it appeared first on Security Boulevard.

Encryption 120

Encryption Social Engineering Firewall Data privacy 120

Security Boulevard

AUGUST 5, 2024

For You Plague: U.S. Justice Dept. and Federal Trade Commission file lawsuit, alleging TikTok broke the COPPA law, plus a previous injunction. The post TikTok Abuses Kids, say DoJ and FTC appeared first on Security Boulevard.

Social Engineering 126

Social Engineering Spyware Media Data privacy 126

Centraleyes

JULY 16, 2024

Employees may inadvertently expose sensitive data, misconfigure access controls, or fall victim to social engineering attacks, leading to data breaches, compliance violations , and operational disruptions.

Data breaches 52

Data breaches Encryption Risk Authentication 52

Security Boulevard

JUNE 13, 2024

The post Tile/Life360 Breach: ‘Millions’ of Users’ Data at Risk appeared first on Security Boulevard. Location tracking service leaks PII, because—incompetence? Seems almost TOO easy.

Risk 134

Risk Social Engineering Data privacy Engineering 134

Security Boulevard

JULY 23, 2024

Regulatory capture by stealth? Google changes its mind about third-party tracking cookies—we’re stuck with them for the foreseeable. The post EFF Angry as Google Keeps 3rd-Party Cookies in Chrome appeared first on Security Boulevard.

Social Engineering 135

Social Engineering Advertising Marketing Surveillance 135

Security Boulevard

MAY 23, 2024

Privacy FAIL: Apple location service returns far more data than it should, to people who have no business knowing it, without your permission. The post Apple API Allows Wi-Fi AP Location Tracking appeared first on Security Boulevard.

Social Engineering 133

Social Engineering Data privacy Engineering IoT 133

Security Boulevard

JULY 5, 2024

Spackle attack: Chinese company takes over widely used free web service—almost 400,000 websites at risk. The post ‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought appeared first on Security Boulevard.

Risk 137

Risk Social Engineering Data privacy Software 137

Security Boulevard

JULY 2, 2024

Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug. The post ‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE appeared first on Security Boulevard.

Risk 137

Risk Social Engineering Data privacy Software 137