January 31, 2024
Via: Security AffairsDirect Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk of an account takeover. On October 27th, the Cybernews research team discovered a misconfigured web server […]
November 1, 2023
Via: The RegisterCyberattacks on industrial control systems are becoming more common, and there isn’t likely to be a let up any time soon. The fallout from those attacks can be severe given the potential physical impact – outages and shutdowns in manufacturing […]
October 30, 2023
Via: The RegisterNotorious ransomware gang LockBit has reportedly exfiltrated “a tremendous amount of sensitive data from aerospace outfit Boeing. VX underground published a screenshot of Lockbit’s announcement, and threat to expose data if Boeing does not engage with it by November 2nd. […]
October 24, 2023
Via: The RegisterThe job of the cyber security professional is never easy, and it gets progressively harder with the movement of sensitive data and applications across the multiple different on and off premise systems that make up modern hybrid cloud environments. That’s […]
August 7, 2023
Via: The Hacker NewsA group of academics has devised a “deep learning-based acoustic side-channel attack” that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. “When trained on keystrokes recorded using the video conferencing software […]
Threats & Malware, Virus & Malware
August 4, 2023
Via: The Hacker NewsCybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the “test” packages on July 31, 2023, said they […]
June 15, 2023
Via: The Hacker NewsThe revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations’ sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and […]
June 5, 2023
Via: Help Net SecurityWith the availability of the BigID Data Classification App on the ServiceNow Store, this expanded relationship provides more advanced security and privacy capabilities for workflow automations. BigID automates the discovery and classification of personal, regulated, critical, and sensitive data in […]
May 22, 2023
Via: The Hacker NewsIt’s no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization’s reputation, induce considerable financial losses, and even have serious legal repercussions. From the […]
Threats & Malware, Vulnerabilities
April 20, 2023
Via: The Hacker NewsFortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 […]
March 8, 2023
Via: Help Net SecurityKensington has expanded its robust portfolio of data protection solutions with the launch of three new privacy screens. The SA270 Privacy Screen for Studio Display (K50740WW), SA240 Privacy Screen for iMac 24” (K55170WW), and MagPro Elite Magnetic Privacy Screen for […]
Threats & Malware, Vulnerabilities
March 6, 2023
Via: The Hacker NewsMalicious actors can take advantage of “insufficient” forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data, a new research has found. “Unfortunately, GCP does not provide the level of visibility in its storage logs that is needed to […]
February 27, 2023
Via: Help Net SecurityIn today’s data-driven world, the expectations and demands faced by many organizations worldwide are reaching unseen levels. To meet the challenge, a data-driven approach is necessary, with effective digital transformation needed to improve operational efficiency, streamline processes, and get more […]
Threats & Malware, Virus & Malware
January 20, 2023
Via: TechRadarThe amount of money cybercriminal groups extorted through ransomware(opens in new tab) attacks is down 40% year-on-year, suggesting that businesses are increasingly refusing to pay to get their sensitive data back. A report from Chainalysis examined cryptocurrency wallets known to […]
January 19, 2023
Via: Dark ReadingThe explosion of data and applications has made multicloud – where the organization’s data is stored on multiple cloud platforms and applications — a reality for many organizations. Along with expanding the attack surface, the multicloud makes the task of […]
January 12, 2023
Via: Help Net SecurityCloudflare announced several new zero trust email security solutions, compatible with any email provider, to protect employees from multichannel phishing attacks, prevent sensitive data being exfiltrated via email, and help businesses speed up and simplify deployments. Now, Cloudflare is providing […]
Email security, Privacy protection, Security
December 19, 2022
Via: Net SecurityArmorblox announced the addition of Custom Role-Based Access Controls to its cloud-delivered email security platform to maintain data compliance and reduce data blindspots for individuals across the organization. Not all emails are created equal. On the inbound threat side, attackers […]
December 2, 2022
Via: Help Net SecurityOver the past two decades, technology has evolved to make it easy and affordable for companies to collect, store and use massive amounts of data. From AWS to Google Cloud to Snowflake, even startups and small businesses can quickly establish […]
November 22, 2022
Via: Help Net SecuritySolvo releases Data Posture Manager, its new cloud data and infrastructure management solution for public cloud users. Data Posture Manager delivers enhanced visibility into users and cloud components that have access to sensitive data, alerting organizations to excessive or newly-granted […]
Application security, Security
November 15, 2022
Via: Dark ReadingNeosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest. Today, […]