Tag: data
-
The devil of proposed SEC AI disclosure rule is in the details
Tags: advisory, ai, awareness, business, ceo, compliance, cybersecurity, data, government, intelligence, jobs, law, risk, sans, service, software, strategy, technology, tool, trainingnot use AI for some purposes. Attorneys who have studied the proposal note that the AI rule, just like the SEC’s cybersecurity rule from about two years ago, won’t technically require anything to be reported that wouldn’t have already required reporting. The new rule refers only to material AI efforts and ever since the creation of…
-
Homomorphic Encryption for Privacy-Preserving Model Context Sharing
Discover how homomorphic encryption (HE) enhances privacy-preserving model context sharing in AI, ensuring secure data handling and compliance for MCP deployments. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/homomorphic-encryption-for-privacy-preserving-model-context-sharing/
-
Homomorphic Encryption for Privacy-Preserving Model Context Sharing
Discover how homomorphic encryption (HE) enhances privacy-preserving model context sharing in AI, ensuring secure data handling and compliance for MCP deployments. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/homomorphic-encryption-for-privacy-preserving-model-context-sharing/
-
Ro’s CISO on managing data flows in telehealth
In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. He explains … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/16/scott-bachand-ro-telehealth-security/
-
FortiGate firewall credentials being stolen after vulnerabilities discovered
Tags: access, advisory, ai, attack, authentication, best-practice, breach, ceo, cisa, credentials, cve, cyberattack, cybersecurity, data, data-breach, exploit, firewall, flaw, fortinet, hacker, infrastructure, Internet, kev, least-privilege, login, malicious, network, password, software, theft, threat, update, vulnerabilityCSO. “So far, the pattern of activity has appeared to be opportunistic in nature. While it is difficult to estimate the number of devices directly vulnerable to this vulnerability, there are hundreds of thousands of Fortinet appliances accessible on the public internet through specialized search engines. This allows threat actors to opportunistically attempt exploitation against…
-
Leading Through Ambiguity: Decision-Making in Cybersecurity Leadership
Ambiguity isn’t just a challenge. It’s a leadership test – and most fail it. I want to start with something that feels true but gets ignored way too often. Most of us in leadership roles have a love hate relationship with ambiguity. We say we embrace it… until it shows up for real. Then we…
-
Leading Through Ambiguity: Decision-Making in Cybersecurity Leadership
Ambiguity isn’t just a challenge. It’s a leadership test – and most fail it. I want to start with something that feels true but gets ignored way too often. Most of us in leadership roles have a love hate relationship with ambiguity. We say we embrace it… until it shows up for real. Then we…
-
Analytics provider: We didn’t expose smut site data to crims
Tags: dataAn employee of the adult site could be responsible. First seen on theregister.com Jump to article: www.theregister.com/2025/12/16/mixpanel_breach_leak_denial/
-
Medical Group Will Pay $1.2M to Settle Data Theft Lawsuit
Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its Victims. A Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes. First seen on…
-
NDSS 2025 Selective Data Protection against Memory Leakage Attacks for Serverless Platforms
Session 6B: Confidential Computing 1 Authors, Creators & Presenters: Maryam Rostamipoor (Stony Brook University), Seyedhamed Ghavamnia (University of Connecticut), Michalis Polychronakis (Stony Brook University) PAPER LeakLess: Selective Data Protection against Memory Leakage Attacks for Serverless Platforms As the use of language-level sandboxing for running untrusted code grows, the risks associated with memory disclosure vulnerabilities and…
-
NDSS 2025 IsolateGPT: An Execution Isolation Architecture For LLM-Based Agentic Systems
Session 6A: LLM Privacy and Usable Privacy Authors, Creators & Presenters: Yuhao Wu (Washington University in St. Louis), Franziska Roesner (University of Washington), Tadayoshi Kohno (University of Washington), Ning Zhang (Washington University in St. Louis), Umar Iqbal (Washington University in St. Louis) PAPER IsolateGPT: An Execution Isolation Architecture for LLM-Based Agentic Systems Large language models…
-
SantaStealer stuffs credentials, crypto wallets into a brand new bag
All I want for Christmas “¦ is all of your data First seen on theregister.com Jump to article: www.theregister.com/2025/12/16/santastealer_stuffs_users_credentials_crypto/
-
How test data generators support compliance and data privacy
Whether you’re generating data from scratch or transforming sensitive production data, performant test data generators are critical tools for achieving compliance in development workflows. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/how-test-data-generators-support-compliance-and-data-privacy/
-
Unified Security for On-Prem, Cloud, and Hybrid Infrastructure: The Seceon Advantage
Breaking Free from Security Silos in the Modern Enterprise Today’s organizations face an unprecedented challenge: securing increasingly complex IT environments that span on-premises data centers, multiple cloud platforms, and hybrid architectures. Traditional security approaches that rely on disparate point solutions are failing to keep pace with sophisticated threats, leaving critical gaps in visibility and response…
-
Demystifying risk in AI
Tags: access, ai, best-practice, bsi, business, ciso, cloud, compliance, control, corporate, csf, cyber, cybersecurity, data, framework, google, governance, group, infrastructure, intelligence, ISO-27001, LLM, mitre, ml, monitoring, nist, PCI, risk, risk-management, strategy, technology, threat, training, vulnerabilityThe data that is inserted in a request.This data is evaluated by a training model that involves an entire architecture.The result of the information that will be delivered From an information security point of view. That is the point that we, information security professionals, must judge in the scope of evaluation from the perspective of…
-
SantaStealer Joins the Naughty List of New Infostealers
SantaStealer is a new malware-as-a-service infostealer that steals credentials and data using largely in-memory techniques. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/santastealer-joins-the-naughty-list-of-new-infostealers/
-
Texas sues TV makers for taking screenshots of what people watch
Tags: dataThe Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users’ data by secretly recording what they watch using Automated Content Recognition (ACR) technology. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/texas-sues-tv-makers-for-spying-on-users-selling-data-without-consent/
-
Browser Extension Harvests 8M Users’ AI Chatbot Data
Urban VPN Proxy, which claims to protect users’ privacy, collects data from conversations with ChatGPT, Claude, Gemini, Copilot and other AI assistants. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chrome-extension-harvests-ai-chatbot-data
-
Hacking group says it’s extorting Pornhub after stealing users’ viewing data
The Scattered Lapsus$ Hunters hacking collective stole Pornhub premium users’ data, including email addresses and viewing history. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/16/hacking-group-says-its-extorting-pornhub-after-stealing-users-viewing-data/
-
4.3B LinkedIn-Style Records Found in One of the Largest Data Exposures Ever
An unsecured database exposed 4.3 billion LinkedIn-derived records, enabling large-scale phishing and identity-based attacks. The post 4.3B LinkedIn-Style Records Found in One of the Largest Data Exposures Ever appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-4-3-billion-linkedin-records-exposed/
-
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer.The malicious package, named “Tracer.Fody.NLog,” remained on the repository for nearly six years. It was published by a user named “csnemess” on February 26, 2020. It masquerades as…
-
Coupang CEO Quits After Breach Hits 33.7M South Koreans
The e-commerce firm’s data breach exposed nearly two-thirds of the entire country’s population after hackers operated undetected for five months. The post Coupang CEO Quits After Breach Hits 33.7M South Koreans appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-coupang-ceo-quits/
-
Coupang CEO Quits After Breach Hits 33.7M South Koreans
The e-commerce firm’s data breach exposed nearly two-thirds of the entire country’s population after hackers operated undetected for five months. The post Coupang CEO Quits After Breach Hits 33.7M South Koreans appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-coupang-ceo-quits/
-
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
Cybersecurity researchers at Rapid7 Labs have uncovered a sophisticated new threat: SantaStealer, a malware-as-a-service information stealer actively promoted on Telegram channels and underground hacker forums. The malware, which recently rebranded from >>BluelineStealer,
-
Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft
Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal data belonging to current and former employees. This disclosure marks the luxury automaker’s first public admission regarding the full scope of the incident, following a month-long production shutdown that cost the company hundreds of millions…
-
Chrome Extension with 6M+ Users Found Collecting AI Chatbot Inputs
A popular browser extension promoted as a free and secure VPN has been discovered secretly capturing user conversations across multiple AI chatbot platforms including ChatGPT, Claude, Gemini, and Microsoft Copilot raising fresh concerns over privacy and data exploitation in the age of generative AI. Researchers using the Wings agentic”‘AI risk engine uncovered that Urban VPN…
-
Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft
Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal data belonging to current and former employees. This disclosure marks the luxury automaker’s first public admission regarding the full scope of the incident, following a month-long production shutdown that cost the company hundreds of millions…