Schneier on Security

DECEMBER 19, 2023

His point is that these companies have lost our trust: Trust is really important. Companies lying about what they do with your privacy is a very serious allegation. We risk letting companies get away with real misconduct because we incorrectly believed in conspiracy theories. At least, in the US.

Government 250

Government Banking Risk Internet 250

Schneier on Security

NOVEMBER 16, 2022

Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. Russian authorities, however, have compelled local companies to hand over user data to domestic security agencies. mln) last year.

Software 266

Software Media Government 266

Schneier on Security

JANUARY 31, 2024

In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. Since most of us can’t reasonably avoid getting a loan or using a credit card, we’re forced to share our data.

Banking 236

Banking Financial Services Marketing Data privacy 236

Schneier on Security

JULY 7, 2023

We’re now in a different sort of resource rush, with companies peddling bits instead of oil: generative AI. Everyone is talking about these new AI technologies—like ChatGPT—and AI companies are touting their awesome power. But they aren’t talking about how that power comes from all of us.

Technology 238

Technology Small Business Artificial Intelligence Government 238

Schneier on Security

JUNE 16, 2021

TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on. Most interesting to me is the home countries of these companies. There are VPNs from more traditional companies like the U.S.,

VPN 285

VPN Surveillance Encryption Risk 285

The Last Watchdog

JANUARY 28, 2024

To sell us more goods and services, the algorithms of Google, Facebook and Amazon exhaustively parse our digital footprints. Related: The role of ‘attribute based encryption’ There’s nothing intrinsically wrong with companies seeking to better understand their customers. That could be about to change.

Data privacy 218

Data privacy Financial Services Healthcare Advertising 218

Krebs on Security

MAY 2, 2023

A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. “Companies promising jobs with the U.S. com was legitimate or a scam.

Marketing 252

Marketing Advertising Scams Telecommunications 252

Schneier on Security

JANUARY 23, 2023

I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent that we can’t arrest them. The airline is CommuteAir, a company so obscure that I’ve never heard of it before.)

Government 249

Government Hacking 249

Schneier on Security

DECEMBER 5, 2023

Computers collect data about what we’re doing on them, and as both storage and processing have become cheaper, that data is increasingly saved and used. Surveillance has become the business model of the internet, and there’s no reasonable way for us to opt out of it. AI is about to change that.

Surveillance 328

Surveillance Internet Internet Government 328

Security Affairs

APRIL 26, 2024

Media reported [ 1 , 2 ] that the company is notifying millions of current and former members of a data breach. TechCrunch reported that the company confirmed it shared patients’ information with third-party organizations, including Google, Microsoft and X, for advertising purposes. million residents.

Data breaches 122

Data breaches Healthcare Mobile Advertising 122

The Last Watchdog

DECEMBER 13, 2023

Therein lies the monumental challenge of achieving the level of Digital Trust needed to carry us forward. Each time we use a mobile app or website-hosted service, digital certificates and the Public Key Infrastructure ( PKI ) come into play — to assure authentication and encrypt sensitive data transfers.

Encryption 278

Encryption Technology CISO IoT 278

Heimadal Security

OCTOBER 25, 2023

BHI Energy, a US energy services company linked to Westinghouse Electric Company, has revealed specifics about a cyberattack on their systems. The Akira ransomware group is responsible for the breach that took place on May 30, 2023.

Ransomware 105

Ransomware Engineering Cybersecurity 105

Anton on Security

APRIL 11, 2024

Moderately relevant AI made image about AI papers :-) steampunk ofc! experts on this here and they’re not us. Recently our team has written several papers and blogs focused on securing AI. What you will not see in these papers is anything to do with robot rebellion or some such long-term potential threats.

Artificial Intelligence 130

Artificial Intelligence Government Risk Technology 130

Schneier on Security

JANUARY 26, 2024

Early on in our respective explorations of ChatGPT, the two of us found ourselves typing a word that we’d never said to a computer before: “Please.” One direction that these chatbots may lead us in is toward a society where we ascribe humanity to AI systems, whether abstract chatbots or more physical robots.

Advertising 257

Advertising Marketing Media Technology 257

The Last Watchdog

JULY 13, 2023

The economic impact of cybercrime on business across the globe continues to reach new levels, with the cost predicted to reach US$10.5 Companies with an annual revenue of US$250,000 to US$999,999 report feeling less prepared to deal with cyber risks in 2023 (76%) than they did in 2022 (70%).

Cyber Risk 161

Cyber Risk Risk Insurance Energy and Utilities 161

Schneier on Security

DECEMBER 5, 2023

Computers collect data about what we’re doing on them, and as both storage and processing have become cheaper, that data is increasingly saved and used. Surveillance has become the business model of the internet, and there’s no reasonable way for us to opt out of it. AI is about to change that.

Surveillance 283

Surveillance Government Advertising Marketing 283

Security Affairs

APRIL 6, 2024

This week the company released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS), including CVE-2024-21894. Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032).

VPN 118

VPN Internet Internet Hacking 118

Schneier on Security

NOVEMBER 21, 2022

Memory analysis gave us about a 5-minute window after files were encrypted to retrieve this public key.” The company also used that same donated infrastructure to help victims decrypt their data using the recovered keys. ” they wrote.

Encryption 231

Encryption Ransomware Advertising Cybersecurity 231

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. US phishing domains. Others were used to impersonate or attack U.S. domains registered daily.US

Phishing 254

Phishing Telecommunications Malware Scams 254

Tech Republic Security

OCTOBER 27, 2020

For companies with data users in both the EU and the US, laws protecting users' privacy vary. Tom Merritt lists five things to know about EU-US data privacy.

Data privacy 202

Data privacy 202

Krebs on Security

MARCH 20, 2024

But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities. ” Imagine that: Two different people-search companies mentioned in the same story about fantasy football. . net , KrebsOnSecurity began poking around.

Marketing 240

Marketing Technology Data privacy Advertising 240

Heimadal Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) issued a warning on Thursday about a data breach at Sisense, a US business intelligence software. The agency strongly recommended that all Sisense users promptly change their passwords and any other potentially compromised credentials used to access the company’s services.

Data breaches 78

Data breaches Passwords Software Cybersecurity 78

The Last Watchdog

JULY 27, 2023

ConvergeElements™ offers primary and excess cyber coverage through select agents and brokers for companies with up to $100 million in revenue. ConvergeConnect™ offers primary cyber coverage through prequalified technology provider partnerships for companies with up to $750 million in revenue. Best and “A+” by Standard & Poor’s.

Cyber Insurance 155

Cyber Insurance Insurance Cyber Risk Small Business 155

Malwarebytes

MARCH 26, 2024

Federal US authorities have asked Google for the names, addresses, telephone numbers, and user activity of accounts that watched certain YouTube videos, according to unsealed court documents Forbes has seen. In another case, related to a bomb threat, the authorities asked for information about the viewers of eight selected live streams.

VPN 145

VPN Surveillance Mobile Accountability 145

Security Affairs

APRIL 25, 2024

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply. It affects about 15% of our sales volume. We have many other items delivered to us as usual via other distributors. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware 91

Ransomware Retail Cyber Attacks Backups 91

Malwarebytes

MARCH 7, 2024

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Cytrox AD is a North Macedonia-based company within the Intellexa Consortium and acts as a developer of the consortium’s Predator spyware.

Spyware 104

Spyware Surveillance Government Risk 104

Thales Cloud Protection & Licensing

APRIL 8, 2024

Today's identity struggles aren't about camel caravans and silk, but that same core battle remains: proving who you are and protecting that identity from those who'd use it against you. Identity thieves don't care about age – they want clean slates to exploit. Use long, complex passwords unique for each important account.

Identity Theft 138

Identity Theft Passwords Banking Password Management 138

Security Boulevard

JANUARY 21, 2024

Data Privacy: Why It Matters To The Rest Of Us madhav Mon, 01/22/2024 - 04:47 It seems that there are no limits to the number of data breaches. Company size is not a determinant of victimization, nor is industry or sector. In our upcoming 2024 Digital Trust Index report, we reveal which companies are most trusted with data.

Data privacy 62

Data privacy Artificial Intelligence Data breaches Advertising 62

Malwarebytes

APRIL 11, 2024

The company says it has sent out these types of threat notifications to over 150 countries since the start in 2021. Mercenary spyware is used by governments to target people like journalists, political activists, and similar targets, and involves the use of sophisticated tools like Pegasus. Use a password manager.

Spyware 111

Spyware Government Mobile Password Management 111

Malwarebytes

NOVEMBER 22, 2023

And to achieve that goal it needs to gather as much information as possible about us. Maybe not specifically about us as a person, but at least about us as a group. If they don’t already, they want to know everything about each and every one of us. We’re not all equally valued though.

Identity Theft 126

Identity Theft Consumer Protection Surveillance Data privacy 126

Tech Republic Security

OCTOBER 27, 2020

For companies with data users in both the EU and the US, laws protecting users' privacy vary. Tom Merritt lists five things to know about EU-US data privacy.

Data privacy 152

Data privacy 152

Heimadal Security

OCTOBER 6, 2023

Lyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have also compromised customer data. The British company provides voice IP (VoIP) and mobile telecommunications services in 60 nations, including the US, UK, Germany, Australia, France, Italy, and the Netherlands.

Mobile 88

Mobile Telecommunications Cybersecurity 88

CSO Magazine

MAY 9, 2023

About 52% of chief information and security officers (CISOs) in the US and UK organizations are unable to fully secure their company secrets, according to a report by code security platform GitGuardian. About three-quarters of the respondents to the survey reported at least one past leak.

CISO 108

CISO Risk Cybersecurity 108

Malwarebytes

FEBRUARY 8, 2024

However, other compromised companies were located in other regions, including Brazil, Italy, Mexico, Russia, Turkey, and the US. Researchers first detected the activity of the group in November 2023, and tracked the massive malicious campaign targeting employment agencies and retail companies.

Identity Theft 119

Identity Theft Retail Risk Cybersecurity 119

Malwarebytes

APRIL 18, 2024

The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data. Many organizations are unclear about how much information the social media companies behind the tracking pixels can gather.

Data breaches 107

Data breaches Passwords Phishing Password Management 107

Malwarebytes

DECEMBER 4, 2023

In November, the ransomware gang ALPHV, which also goes by the name Black Cat, notified the US Securities and Exchange Commission about the Costa Mesa-based software company MeridianLink, alleging that the company had failed to notify the government about a data breach. They claimed to have done it.

Ransomware 73

Ransomware Banking Government Data breaches 73

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). This follows the invalidation of the EU-US Privacy Shield, by the Court of Justice of the European Union on 16 July 2020.

Data privacy 83

Data privacy Surveillance Financial Services Government 83