article thumbnail

IT threat evolution Q3 2024

SecureList

CloudSorcerer is a sophisticated cyber-espionage tool used for stealth monitoring, data collection and exfiltration via Microsoft, Yandex and Dropbox cloud infrastructures. Affiliates are explicitly instructed to target organizations with a minimum revenue of $10 million and to avoid hospitals and educational institutions.

article thumbnail

 Delaware Personal Data Privacy Act (DPDPA)

Centraleyes

Specifically, it covers businesses that either control or process the personal data of at least 35,000 Delaware residents or control/process the data of at least 10,000 residents while deriving more than 20% of their revenue from selling that data. Why Should You Be Delaware Personal Data Privacy Act Compliant?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Zero Day

In this world, data is cheap and unnecessarily collected in bulk by companies that don't protect it effectively or govern themselves in data collection practices well. Unfortunately, it is up to individuals to deal with the fallout; knowing you've been involved in a data breach is half the battle.

article thumbnail

The SOC files: Rumble in the jungle or APT41’s new target in Africa

SecureList

This is a Chinese-speaking cyberespionage group known for targeting organizations across multiple sectors, including telecom and energy providers, educational institutions, healthcare organizations and IT energy companies in at least 42 countries. Data gathered by these utilities was also exfiltrated via the compromised SharePoint server.

article thumbnail

ICFR Best Practices: How to Design and Maintain Strong Financial Controls

Centraleyes

Accurate Data Collection: Use reliable systems to collect financial data. Integrated Systems: Modern ICFR accounting software can help ensure all data is up-to-date and accessible. Regular Training Programs: Educate employees about the importance of ICFR, how the controls work, and what their responsibilities are.

article thumbnail

Report: How Regulations, Collaboration Are Reshaping Software Security

SecureWorld News

With data collected from 121 organizations across diverse industries, BSIMM15 serves as both a benchmarking tool and a strategic guide for improving software security maturity. This approach not only aligns with developers' workflows but also fosters a culture of continuous learning.

article thumbnail

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

In this world, data is cheap and unnecessarily collected in bulk by companies that don't protect it effectively or govern themselves in data collection practices well. Unfortunately, it is up to individuals to deal with the fallout; knowing you've been involved in a data breach is half the battle.