Tag: data
-
Massive GitHub malware operation spreads BoryptGrab stealer
Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distributing the BoryptGrab information stealer through more than 100 GitHub repositories. BoryptGrab is designed to collect browser and cryptocurrency wallet data, system details, and common files. Some variants also deploy…
-
Forcepoint erweitert Data Security Cloud mit KI-Assistent ARIA
Durch KI entstehen Daten nicht mehr statisch. Sie werden kontinuierlich erstellt, verändert und über Cloud-Plattformen, Kollaborationstools oder KI-gestützte Workflows hinweg weitergegeben oft automatisiert und in hoher Geschwindigkeit. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/forcepoint-erweitert-data-security-cloud-mit-ki-assistent-aria/a43990/
-
Cylake Offers AI-Native Security Without Relying on Cloud Services
Cylake’s platform will analyze security data locally and identify potential attacks for organizations concerned about data sovereignty. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cylake-offers-ai-native-security-without-relying-on-cloud-services
-
Fig Security Emerges From Stealth to Fix Broken Security Operations
Fig Security’s platform traces security data flows end-to-end across SIEMs, pipelines, and response systems to alert teams before infrastructure changes break critical defenses. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/fig-security-stealth-fix-broken-security-operations
-
FBI probing intrusion into a system managing sensitive surveillance information
The Federal Bureau of Investigation (FBI) is probing suspicious activity on an internal system containing sensitive surveillance and investigation data. The FBI is investigating suspicious cyber activity affecting an internal system that stores sensitive data tied to surveillance operations and investigations, The Associated Press reports. According to a notification sent to members of the United…
-
New Social Security Scam Emails Use Fake Tax Documents to Hijack PCs
A new phishing campaign is targeting thousands in the US by posing as the Social Security Administration. Learn how scammers use fake 2025/2026 tax statements and Datto RMM software to hijack computers and steal data, as shared with Hackread.com First seen on hackread.com Jump to article: hackread.com/social-security-scam-emails-fake-tax-doc-hijack-pc/
-
Hackers Spread Fake Red Alert Rocket Alert App to Spy on Israeli Users
Researchers at Acronis have discovered a malicious trojanized version of the Red Alert rocket warning app targeting Israeli Android users. Distributed via fake Home Front Command SMS messages, this spyware steals GPS data, SMS messages, and contact lists while maintaining full alert functionality. First seen on hackread.com Jump to article: hackread.com/hackers-fake-red-alert-rocket-alert-app-spy-israel-users/
-
CBP Used Online Ad Data to Track Phone Locations
Plus: Proton helped the FBI identify a protester, the Leakbase cybercrime forum was busted in an international operation, and more. First seen on wired.com Jump to article: www.wired.com/story/cbp-used-online-ad-data-to-track-phone-locations/
-
AI Auditability: Why Leaders Must Prove How AI Makes Decisions
AI Auditability: Why Leaders Must Prove How AI Makes Decisions We’ve officially entered the “production phase” of Artificial Intelligence. In just a few short years, AI has moved from experimental pilots to being embedded in nearly every major business function”, by some estimates, used regularly by 88% of organizations. But there is a growing, uncomfortable…
-
AI Auditability: Why Leaders Must Prove How AI Makes Decisions
AI Auditability: Why Leaders Must Prove How AI Makes Decisions We’ve officially entered the “production phase” of Artificial Intelligence. In just a few short years, AI has moved from experimental pilots to being embedded in nearly every major business function”, by some estimates, used regularly by 88% of organizations. But there is a growing, uncomfortable…
-
TDL – Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions – Steven Elliott
From the Battlefield to the Boardroom: Lessons in Defense In the latest episode of The Defender’s Log, host David Redekop sits down with Steven Elliott, CFO of Adam Networks, to explore the surprising parallels between military operations, financial management, and cybersecurity. A Journey of Unpredictable Paths Elliott’s background is anything but linear. From a small…
-
Cognizant TriZetto breach exposes health data of 3.4 million patients
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive information of over 3.4 million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cognizant-trizetto-breach-exposes-health-data-of-34-million-patients/
-
Randall Munroe’s XKCD ‘Binary Star’
Tags: datavia the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/randall-munroes-xkcd-binary-star/
-
Data Protection Officer (DPO) and New EDPS Rules
Tags: dataThe post <b>Data Protection Officer (DPO) and New EDPS Rules</b> appeared first on Sovy. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/data-protection-officer-dpo-and-new-edps-rules/
-
Spyware disguised as emergency-alert app sent to Israeli smartphones
Steals SMS messages, location data, contacts “¦ and delivers it to Hamas-linked crew First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/spyware_disguised_as_emergency_alert/
-
5 Actions Critical for Cybersecurity Leadership During International Conflicts
Tags: attack, backup, business, cloud, corporate, cyber, cybersecurity, data, exploit, government, incident response, infrastructure, international, iran, middle-east, military, network, resilience, risk, risk-assessment, russia, saas, service, supply-chain, technology, threat, ukraine, update, vulnerability, warfareThe recent military attacks involving Iran in the Middle East are a stark reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness. Every crisis that elevates to military engagements between cyber-active participants, changes the risk landscape of businesses, for people, operations, and data. This includes the…
-
Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short
Boards want more forward-looking insights: The report also suggests that board-CISO communication doesn’t dive as deeply into details as it should in these days of ever more sophisticated, AI-driven cyberattacks.The majority of board directors (82%) say their security leaders’ reporting on regulatory trends was satisfactory or excellent, and that they had strong visibility into program…
-
Scattered Spider attack on TfL affected 10 million people
The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639589/Scattered-Spider-attack-on-TfL-affected-10-million-people
-
LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability
LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell vulnerability. The post LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-lexisnexis-breach-3-9m-records-react-vulnerability/
-
LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability
LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell vulnerability. The post LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-lexisnexis-breach-3-9m-records-react-vulnerability/
-
Breaches Up, Number of Victims Down, Impact Stronger
The number of data breach victims may have dropped last year, but that’s only because bad actors are getting better at what they do, prioritizing quality over quantity. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/breaches-up-number-of-victims-down-impact-stronger/
-
TriZetto confirms 3.4M people’s health and personal data was stolen during breach
Health tech giant TriZetto has confirmed that more than 3.4 million people had personal and health information stolen in a 2024 cyberattack, which the company failed to detect for almost a year. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/06/trizetto-confirms-3-4m-peoples-health-and-personal-data-was-stolen-during-breach/
-
Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets
Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker behavior and potential denial-of-service (DoS) conditions by sending specifically crafted, malformed network packets. A successful attack against a message…
-
Transport for London says 2024 breach affected 7M customers, not 5,000
Authority says attackers accessed systems holding data tied to millions of Oyster and contactless users First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/tfl_2024_breach_numbers/
-
Teenage hacker myth primed for a middle-age criminal makeover
Tags: access, breach, business, corporate, crypto, cyber, cybercrime, cybersecurity, data, detection, extortion, finance, group, hacker, hacking, infrastructure, jobs, malware, network, penetration-testing, programming, ransomware, service, skills, software, technology, threat, vulnerabilityCybercrime cartels: Dray Agha, senior security operations manager at managed detection and response services firm Huntress, said the analysis illustrates that the “Hollywood image of a teenage lone wolf hacking for bragging rights” is vastly outdated since the threat landscape is dominated by “highly organised, profit-driven syndicates.””While young people may still engage in digital vandalism…
-
Challenges and projects for the CISO in 2026
Tags: access, ai, authentication, automation, awareness, cisco, ciso, cloud, communications, control, credentials, cybersecurity, data, defense, detection, edr, email, encryption, endpoint, finance, framework, group, identity, intelligence, leak, mobile, network, service, soc, sophos, strategy, technology, trainingHazel DÃez (Banco Santander), Roberto Lara (Vodafone), Marijus Briedis (NordVPN), Ãlvaro Fernández (Sophos), and Ãngel Ortiz (Cisco). Banco Santander, Vodafone, NordVPN, Sophos y Cisco. Montaje: Foundry Against this backdrop, Cisco defines AI as “the fundamental technology that will set the cybersecurity agenda in 2026,” in the words of Ortiz, who refers to the company’s Integrated…
-
Zero-day exploits hit enterprises faster and harder
Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-dayEnterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…
-
Backup strategies are working, and ransomware gangs are responding with data theft
Business email compromise (BEC) and funds transfer fraud combined for 58% of all cyber insurance claims filed in 2025, according to data from Coalition covering more than … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/06/cyber-claims-report-ransomware-gangs-data-theft/
-
Why Your Data Protection Program Should Be Policy-Based
Traditionally, data protection programs have been complex and difficult to manage. Without a consistent approach, gaps arise that can lead to data exposure or non-compliance. A more modern option is to centralize policy-based security. This strategy standardizes protections across environments. It also maintains productivity and reduces reliance on users to make the right security decisions.…