Tag: data
-
Companies House restarts online services following cyber breach
Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640295/Companies-House-restarts-online-services-following-cyber-breach
-
Randall Munroe’s XKCD ‘Bad Map Projection: Zero Declination’
Tags: datavia the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/randall-munroes-xkcd-bad-map-projection-zero-declination/
-
UK’s Companies House confirms security flaw exposed business data
Companies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies’ information since October 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uks-companies-house-confirms-security-flaw-exposed-business-data/
-
Realm.Security Rolls Out AI-Ready Security Data for the Modern SOC Ahead of RSA Conference
Realm.Security launches Data Enrichments and Privacy Guard, injecting real-time threat context into security pipelines and automating PII redaction to keep SOC teams faster, leaner, and compliance-ready. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/realm-security-rolls-out-ai-ready-security-data-for-the-modern-soc-ahead-of-rsa-conference/
-
Realm.Security Rolls Out AI-Ready Security Data for the Modern SOC Ahead of RSA Conference
Realm.Security launches Data Enrichments and Privacy Guard, injecting real-time threat context into security pipelines and automating PII redaction to keep SOC teams faster, leaner, and compliance-ready. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/realm-security-rolls-out-ai-ready-security-data-for-the-modern-soc-ahead-of-rsa-conference-2/
-
Telus Digital confirms hack as ShinyHunters claims credit for massive data theft
The Canadian business-process outsourcer, which counts many major businesses among its customers, still isn’t sure what the hackers stole. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/telus-digital-cyberattack-shinyhunters/814817/
-
UK Agency Exposed Corporate Executive Data
Directory Traversal Flaw Found in Companies House. The British government’s company register service temporarily deactivated its online filing service after someone found a serious vulnerability that allowed people to access directors’ sensitive personal data and potentially even amend companies’ records or file bogus accounts on their behalf. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-agency-exposed-corporate-executive-data-a-31033
-
Revealed: How HMRC has been quietly building surveillance capabilities
HMRC has bought phone scanning equipment and analysis software capable of extracting data from mobile devices as it steps up its electronic intelligence gathering capabilities, an investigation by Computer Weekly reveals First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639490/Revealed-How-HMRC-has-been-quietly-building-surveillance-capabilities
-
Revealed: How HMRC has been quietly building surveillance capabilities
HMRC has bought phone scanning equipment and analysis software capable of extracting data from mobile devices as it steps up its electronic intelligence gathering capabilities, an investigation by Computer Weekly reveals First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639490/Revealed-How-HMRC-has-been-quietly-building-surveillance-capabilities
-
The AI Traffic Report: High Volume, Low Visibility, and a Growing Risk
DataDome recorded 7.9B AI agent requests in early 2026. Get the data on AI traffic volume growth, agent spoofing, and what this means for your site. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-ai-traffic-report-high-volume-low-visibility-and-a-growing-risk/
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Migrating SQL Server to Aurora PostgreSQL: Solving the Real Challenges of Cloud Database Modernization
Organizations today are under pressure to modernize their data infrastructure. Legacy databases such as Microsoft SQL Server often create cost, scalability, and operational challenges. Many…Read More First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/migrating-sql-server-to-aurora-postgresql-solving-the-real-challenges-of-cloud-database-modernization/
-
Robotics firm Intuitive Surgical says cyberattack compromised business, customer data
The company said an intruder accessed employee information, customer contact details and other records. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/intuitive-surgical-cyberattack-phishing/814746/
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
CamelClone Uses Public File-Sharing Sites in Government Cyberattacks
A new cyber espionage campaign dubbed Operation CamelClone, targeting government and strategic sectors across several geopolitically significant regions. The campaign abuses legitimate tools and public file”‘sharing platforms to deliver malware and steal sensitive data, making it harder for defenders to detect. The operation primarily targets organizations linked to government and national security interests. Industries affected…
-
Security Flaw in AWS Bedrock Code Interpreter Raises Alarms
DNS-based attack in AWS Bedrock AgentCore lets AI sandboxes exfiltrate cloud data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/security-flaw-aws-bedrock/
-
LiveChat Abuse: How Phishers Are Exploiting SaaS Support Tools to Steal Sensitive Data
Tags: attack, credentials, credit-card, cybercrime, data, email, exploit, finance, mfa, phishing, saas, service, threat, toolThreat actors are abusing the LiveChat SaaS platform to impersonate brands like PayPal and Amazon in phishing campaigns designed to steal credentials, credit card details, MFA codes, and other sensitive data. Victims are lured through phishing emails and directed to LiveChat pages where attackers use chat interactions to request personal and financial information. The campaign…
-
MEA Shipment Phishing Scams Surge, Stealing Banking Data in Real Time
Every day, billions of people rely on postal and courier services to deliver everything from handwritten letters to high value online orders.The rapid growth of global e-commerce has made parcel delivery services a critical part of everyday life. According to the Universal Postal Union’s State of the Postal Sector report, postal services now support approximately 7.3 billion…
-
The ransomware economy is shifting toward straight-up data extortion
Google’s research report on ransomware activity last year underscores how cybercrime is evolving and clouding a collective understanding of its full impact and scale. First seen on cyberscoop.com Jump to article: cyberscoop.com/google-threat-intelligence-group-ransomware-report-2026/
-
Google Looker Studio Vulnerabilities Allow Attackers to Exfiltrate Data from Google Services
Tenable Research recently uncovered “LeakyLooker,” a critical set of nine novel cross-tenant vulnerabilities within Google Looker Studio that enabled attackers to silently exfiltrate or modify sensitive data across various Google Cloud Platform services. Following responsible disclosure by security researchers, Google has successfully patched all nine vulnerabilities globally, neutralizing the threat without requiring any manual updates…
-
What the Recent PayPal Breach Says About Modern Web Risk
TL;DR A coding flaw in PayPal’s loan app went undetected for nearly six months, exposing sensitive customer data, not because prevention controls failed catastrophically,… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/what-the-recent-paypal-breach-says-about-modern-web-risk/
-
What it takes to win that CSO role
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, defense, finance, flaw, framework, google, identity, insurance, jobs, monitoring, network, resilience, risk, skills, startup, strategy, technology, threatGovern the explosion of shadow AI and establish guardrails for generative AI before it creates material data leakage.Move beyond prevention and operate as a business enabler, proving the organization can maintain a minimum viable business during a sustained outage.Address compliance burdens, such as SEC disclosure rules or the EU AI Act, not as a checklist,…
-
What it takes to win that CSO role
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, defense, finance, flaw, framework, google, identity, insurance, jobs, monitoring, network, resilience, risk, skills, startup, strategy, technology, threatGovern the explosion of shadow AI and establish guardrails for generative AI before it creates material data leakage.Move beyond prevention and operate as a business enabler, proving the organization can maintain a minimum viable business during a sustained outage.Address compliance burdens, such as SEC disclosure rules or the EU AI Act, not as a checklist,…
-
ACRStealer Variant Deploys Syscall Evasion, TLS C2, Secondary Payloads
New research reveals that a new ACRStealer variant is now being actively deployed as a final payload by HijackLoader, using low”‘level syscalls, AFD-based networking, TLS C2, and flexible secondary payload delivery to evade detection and maximize data theft. The newly observed samples confirm that HijackLoader is dropping a rebranded ACRStealer variant previously linked to the…
-
OpenClaw AI Agents Vulnerable to Indirect Prompt Injection, Causing Data Leaks
OpenClaw AI agents are facing significant security scrutiny following a recent CNCERT warning about insecure defaults and prompt-injection vulnerabilities. The most critical risk for defenders is not just abstract model confusion, but the ability of an attacker to turn normal AI agent behavior into a silent data exfiltration pipeline. This highlights a growing problem where…
-
When insider risk is a wellbeing issue, not just a disciplinary one
Tags: access, breach, compliance, control, cyber, data, exploit, finance, group, malicious, monitoring, resilience, risk, risk-management, security-incident, threat, training, vulnerabilityWritten by Katie Barnett, Director of Cyber Security at Toro Solutions Insider risk is still often framed around intent, with the focus placed on malicious employees, disgruntled contractors, or deliberate misuse of access for personal gain.Those cases exist and they matter, but they are rarely where risk first begins, and they do not reflect how…
-
When insider risk is a wellbeing issue, not just a disciplinary one
Tags: access, breach, compliance, control, cyber, data, exploit, finance, group, malicious, monitoring, resilience, risk, risk-management, security-incident, threat, training, vulnerabilityWritten by Katie Barnett, Director of Cyber Security at Toro Solutions Insider risk is still often framed around intent, with the focus placed on malicious employees, disgruntled contractors, or deliberate misuse of access for personal gain.Those cases exist and they matter, but they are rarely where risk first begins, and they do not reflect how…