Cyber Security News

04 Feb 2024 19:46

Data Privacy Week: Companies are Banning Generative AI Due to Privacy Risks

Most respondents (92%) viewed generative AI as a fundamentally different technology with novel challenges and concerns requiring new techniques to manage data and risk.

The biggest concerns cited were that these tools could hurt the organization’s legal and intellectual property rights (69%), the information entered could be shared publicly or with competitors (68%), and that the information it returns to the user could be wrong (68%).

@Cyber_Security_Channel

Cyber Security News

03 Feb 2024 14:43

Data Privacy Will Be a Critical Enterprise Focus in 2024 — and Generative AI Has Torn Up the Rulebook

Across 2024, industry experts predict that both security threats and breaches will continue to escalate, prompting increased investment from enterprises and a sharpened focus among IT leaders on data privacy and security, according to Greg Clark, director of product management at OpenText.

@Cyber_Security_Channel

Cyber Security News

02 Feb 2024 19:59

⚡️Dutch Data Protection Authority fines Uber €10M Over Privacy Regulations Infringement

The DPA discovered that Uber made it difficult for drivers to access their personal data.

The access request form was buried in the app, spread across menus, and could have been placed more logically. 

Uber’s handling of requests resulted in unclear organisation of personal data, complicating interpretation.

The DPA calculated the fine by considering the organisation’s size and the severity of the infringements.

At the time of the violations, approximately 120,000 drivers were working for Uber in Europe. 

@Cyber_Security_Channel

Cyber Security News

02 Feb 2024 03:34

Calif. AG Launches Sweep Into Streaming Apps’ Compliance With CCPA

The proposed rule aims to make canceling subscriptions as simple as signing up, saving consumers time and money.

Additionally, sellers would be required to seek consumer consent before making additional offers when canceling subscriptions and provide annual reminders for automatic renewals.

@Cyber_Security_Channel

Cyber Security News

01 Feb 2024 01:40

How AI Is Unlocking the Potential for Real Human Creativity in the Workplace

In customer service, for example, customer support chatbots have replaced humans in resolving commonly asked questions.

Support centers can be overwhelmed with untold thousands of cases per day, most of which are repetitive and unchallenging, leading to agent burnout and attrition.

Chatbots help reduce these problems by handling simple inquiries so that support teams can focus on the more complex cases that require human empathy and creativity for solutions.

@Cyber_Security_Channel

Cyber Security News

31 Jan 2024 09:12

State Lawmaker's Take on New Hampshire Comprehensive Privacy Bill's Impacts

"The focus was really on the smaller state population. We're smaller than a lot of the other states that we were looking at.

But in addition, we have so many small businesses and entrepreneurs here in the state. Customer records on 35,000 is still pretty significant to be responsible for".

@Cyber_Security_Channel

Cyber Security News

30 Jan 2024 10:31

Manufacturers' Cybersecurity Concerns Rising As Data Investments Grow

“As continuing global geopolitical conflicts intensify the risk landscape, cybersecurity remains a top priority,” BDO says.

“As a result, in 2024 manufacturers will deprioritize building the digital thread and focus on internal information transparency and security.

AI performs best when it has access to more data — but sharing data with customers and vendors opens manufacturers up to increased cyber and data privacy risk.”

@Cyber_Security_Channel

Cyber Security News

29 Jan 2024 07:15

New Jersey Passes Comprehensive Privacy Law to Lead the 2024 Wave of State Privacy Laws

Notably, like Colorado’s CPA, the NJDPA does not provide a revenue threshold for the percentage of revenue a business must derive from the sale of data.

Most other current state privacy laws generally apply only if the business derives between 25% to 50% of annual revenue from the sale of personal data.

In addition, applicability under the NJDPA does not involve any form of a revenue threshold, meaning businesses with minimal processing of personal data may not be subject to the law, even if they have high revenues.

@Cyber_Security_Channel

Cyber Security News

28 Jan 2024 02:12

Securiti Collaborates With Lacework to Improve Data Protection in the Cloud

Securiti offers contextual data intelligence and unified controls across the hybrid multicloud.

With Securiti’s Data Command Center, customers not only get the functions defined in DSPM and DSP categories, but also get comprehensive visibility for overall Data Security in SaaS, IaaS, data lakes and warehouses, and on-premise data systems.

Lacework offers security coverage from code security all the way through runtime applications, allowing enterprises to correlate risk and threat data to gain greater security insights and drive better security outcomes.

@Cyber_Security_Channel

Cyber Security News

26 Jan 2024 17:57

Exela Technologies and XBP Europe Announce the Launch of Reaktr.ai to Provide Cybersecurity, Data Modernization and Multi-Cloud Management Enabled by AI 

"We are thrilled to have Vineet lead these key strategic services and solutions," said Sriram Ramanathan, Exela’s Chief Technology Officer.

"Vineet's expertise and vision will be instrumental in building this business that not only serves our operations but also harnesses the transformative power of AI and data to transform customers on their digital journeys."

@Cyber_Security_Channel

Cyber Security News

26 Jan 2024 08:26

Degree Requirements are Hurting Government’s AI Recruitment Efforts, House Lawmakers and Experts Say

Hadra noted that IBM has a six-month curriculum for its cybersecurity apprenticeship program that trains employees in these disciplines.

She said that the workers are “ready to hit the ground running on those programs, and because they don’t meet those minimum qualifications, we are not able to put them on that contract.”

@Cyber_Security_Channel

Cyber Security News

24 Jan 2024 16:14

Russian Spies Brute Force Senior Microsoft Staff Accounts

Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents,” Microsoft said in a post.

@Cyber_Security_Channel

Cyber Security News

23 Jan 2024 10:35

Cyber Attacks Remain the #1 Cause of Downtime for Business in 2024 Reveals Veeam Data Protection Report 2024

“Ransomware continues to be the biggest threat to business continuity,” said Dave Russell, VP of Enterprise Strategy at Veeam.

“It’s the number one cause of outages today, and protecting against it is hampering digital transformation efforts.

Furthermore, although companies are increasing their spend on protection, less than a third of companies believe they can recover quickly from a small attack.

The findings in this year’s Veeam Data Protection Trends Report highlight the need for continued cyber vigilance, and the importance of every organization to ensure they have the right protection and recovery capabilities. It’s why Veeam’s mission in 2024 is to keep businesses running.”

@Cyber_Security_Channel

Cyber Security News

22 Jan 2024 13:03

MFA Spamming and Fatigue: When Security Measures Go Wrong

MFA spamming refers to the malicious act of inundating a target user's email, phone, or other registered devices with numerous MFA prompts or confirmation codes.

The objective behind this tactic is to overwhelm the user with notifications, in the hopes that they will inadvertently approve an unauthorized login.

To execute this attack, hackers require the target victim's account credentials (username and password) to initiate the login process and trigger the MFA notifications.

📷: Corsica Technologies

@Cyber_Security_Channel

Cyber Security News

21 Jan 2024 04:16

CISA: AWS, Microsoft 365 Accounts Under Active 'Androxgh0st' Attack

The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert about a malware campaign targeting Apache webservers and websites using the popular Laravel Web application framework, leveraging known bugs for initial compromise.

@Cyber_Security_Channel

Cyber Security News

04 Feb 2024 01:34

New NJ Law Says Websites Must Ask About Using Your Data. Businesses, News Orgs Worry About Lawsuits

New Jersey’s law is considered one of the strictest in the nation, according to state Sen.

Raj Mukherji, a Jersey City Democrat, who sponsored the bill in the last legislative session, when he was an assemblymember.

“It has the strongest universal opt-out mechanism of any data privacy law in the country,” Mukherji said. “And it just puts consumers back in control of their own data.”

@Cyber_Security_Channel

Cyber Security News

03 Feb 2024 05:59

Canadian Man Sentenced to Prison for Ransomware Attacks

Named by the Canadian authorities the “most prolific cybercriminal” identified in the country, Philbert admitted in court in October 2023 to launching cyberattacks targeting over 1,000 entities, including a municipality, police departments, and a school.

@Cyber_Security_Channel

Cyber Security News

02 Feb 2024 11:06

⚡️Trello Data Breach Exposes 15 Million Users' Details on Dark Web

Richard Bird, Chief Security Officer at Traceable AI, commented on Atlassian's response: "Atlassian's reaction to the recent successful Trello scraping attack is a further confirmation that we've officially entered the gaslighting era of cybersecurity.

Companies seem to prefer blaming or minimising the impact on victims as their chosen approach to their conspicuous failure in responsibly managing their customers' data."

@Cyber_Security_Channel

Cyber Security News

01 Feb 2024 14:30

⚡️1.5M Affected in Insurance Broker Breach

The company claims to provide insurance and budgetary solutions to various sectors, including healthcare, education, and public organizations.

In the breach notice, the company disclosed that it accesses the personal information provided by its clients to perform certain operations.

@Cyber_Security_Channel

Cyber Security News

31 Jan 2024 16:57

The Consumer Data Privacy Laws Are HERE! New Jersey Officially Joining The Pack

Similar to most states the controller has 45 days to respond to a consumer request and may extend by an additional 45 days so long as it is reasonably necessary and informs the consumer within the initial 45-day response period.

 If the controller declines to take action on the consumer’s request they must respond without delay and within 45 days of the request, along with instructing the consumer on how to appeal the decision.

@Cyber_Security_Channel

Cyber Security News

30 Jan 2024 22:55

Data Privacy Week 2024: The Definitive Roundup of Expert Quotes

Depending on what you find, you may need to review what you’re posting on social media.

A simple solve would be to make as much of your profile private, withholding the attacker’s ammo during their data scrapes.

With the rise of deepfakes, videos posted on social media can be used to clone a user’s voice, so depriving threat actors of this valuable resource is crucial.

@Cyber_Security_Channel

Cyber Security News

29 Jan 2024 15:28

DJI’s Rebuttal to National Security Concerns Surrounding Chinese Drones

Despite geopolitical challenges and accusations, DJI advocated for the development of a clear technology-based standard for drone security, applicable to all manufacturers regardless of their country of origin.

The company urged industry-wide adherence to such standards to enhance overall drone and data security.

@Cyber_Security_Channel

Cyber Security News

28 Jan 2024 18:26

First-ever Utah Privacy Audit Finds 66% of Government Entities Failed to Meet Compliance Requirements

According to the Governmental Internet Information Privacy Act, an organization’s privacy policy statement should include: the identity and contact information of the website operator.

the personal information that is being collected; a summary of how it is used; practices related to the sharing of personal information; the procedures — if any — of how users may request access to or correct their information, and security measures to protect the information from unintended sharing.

@Cyber_Security_Channel

Cyber Security News

27 Jan 2024 07:46

Hong Kong Finance Sector on Pace in AI Deployment, With Data Availability, Security and Skills Gap Among Concerns: Survey

Hong Kong’s current pace of AI development in financial services is on par with other financial hubs, according to about 40 per cent of the respondents.

AI has made inroads into several aspects of financial services, with virtual chatbots, fraud detection and biometric authentication being the most prominent application areas, according to the survey, conducted online in December with 86 senior executives based in Hong Kong.

One in four professionals also said Hong Kong is not adequately prepared for future AI adoption in terms of workforce availability and readiness, according to the survey.

@Cyber_Security_Channel

Cyber Security News

26 Jan 2024 17:05

HubSpot Joins the EU Cloud Code of Conduct

As the leading customer platform for scaling businesses, HubSpot recognizes the pivotal role of data protection practices in delivering secure and reliable services.

By joining the EU Cloud CoC General Assembly, HubSpot contributes to the collective effort of promoting solutions to the cloud while actively advancing the harmonization of best practices across the cloud market.

@Cyber_Security_Channel

Cyber Security News

25 Jan 2024 05:40

☄️ The One and Only — JavaScript, Essential Skill for any Web Developer!

This bundle provides you with over 60+ pages and 350+ flashcards on every major concept of JavaScript.

One time investment of 4$ gets you all of this:

The Basics

• Setup
• Buttons
• Variables
• Functions
• Mathematics
• Value vs. Reference
• Strings and Numbers
• Reassigning and Incrementing

Advanced

• ES6
• OOP
• JSON
• Loops
• HTTP Client
• Error Handling
• Array-Methods
• Event Listeners
• Asynchronous JS

& Much More

Tonnes of material for just under 5$!

Try it out for yourself 🚀

→ https://gumroad.com/a/94518995/hppst

Cyber Security News

23 Jan 2024 23:42

VF Corp Reports Significant Cyber Attack, 35.5 Million Customers’ Data Breached

The ransomware group known as ALPHV, also referred to as BlackCat, has claimed responsibility for the attack.

Known for its ransomware and extortion activities, this group has a notorious reputation in the cybercrime world.

The attack involved encrypting some of VF Corp’s IT systems, indicative of a calculated ransomware attack.

@Cyber_Security_Channel

Cyber Security News

22 Jan 2024 22:57

Zero Trust, AI, Capital Markets Drive Consolidation in Cloud Security

"Cybersecurity's focus is shifting to more dynamic solutions that can adapt to the ever-evolving landscape of threats in the cloud age," VanKirk said.

"For years, firewalls have been the cornerstone of cybersecurity defenses.

However, with the rise of cloud computing and secure access service edge (SASE), the industry is shifting its focus to more comprehensive and flexible approaches."

@Cyber_Security_Channel

Cyber Security News

21 Jan 2024 21:22

Australia Cyber Attacks Torrent Prompts Release of New Guidance as Authorities Shore Up National Defenses

The new guidance from Australia’s cyber security agency comes right after the full list of institutions affected by the country’s largest ever government data breach was published.

@Cyber_Security_Channel

Cyber Security News

20 Jan 2024 11:32

Google Chrome Zero-Day Bug Under Attack, Allows Code Injection

Attackers can leverage these vulnerabilities to access sensitive information in adjacent memory locations on an affected system, cause it to crash, modify data, or inject malicious code, according to researchers from Vulnera.

@Cyber_Security_Channel