Security News > 2023

Getting data loss prevention right

2023-01-02 05:00

Before digging into DLP specifics, consider the deceptive marketing behind data loss prevention "As a service." The name implies that DLP is just one aspect of maintaining a security posture, when in fact, preventing data loss encompasses almost all of cybersecurity. An organization must ensure they have the right people, with the right experience, and enough of them to implement DLP properly.

#dataloss #prevention

Ransomware: The security debt collector

2023-01-02 04:30

Since the first months of 2020, ransomware attacks have been on the rise and are in the news again. In this presentation, Dave Lewis, Global Advisory CISO at Cisco, talks about the historical rise and fall of ransomware from floppy disks to RaaS, why it's seen a resurgence in popularity along with recent data on the state of ransomware currently, and how you can improve your defenses against ransomware attacks.

#ransomware #security

Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking

2023-01-02 04:15

Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its "Deceptive" location tracking practices. The search and advertising giant is required to pay $9.5 million to D.C. and $20 million to Indiana after the states sued the company for charges that the company tracked users' locations without their express consent.

#google #lawsuit #tracking

PyTorch: Machine Learning toolkit pwned from Christmas to New Year

2023-01-01 21:36

So what looked like an innocent, if pointless, DNS lookup for a "Server" such as S3CR3TPA55W0RD.DODGY.EXAMPLE would quietly leak your access key under the guise of a simple lookup that directed to the official DNS server listed for the DODGY.EXAMPLE domain. LIVE LOG4SHELL DEMO EXPLAINING DATA EXFILTRATION VIA DNS. If you can't read the text clearly here, try using Full Screen mode, or watch directly on YouTube.

#machinelearning

Ransomware gang cloned victim’s website to leak stolen data

2023-01-01 20:54

The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim's site to publish stolen data on it. As a deviation from the usual process, the hackers decided to also leak the data on a site that mimics the victim's as far as the appearance and the domain name go.

#leak #ransomware

Ransomware gang apologizes, gives SickKids hospital free decryptor

2023-01-01 19:00

The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children, saying one of its members violated rules by attacking the healthcare organization. On December 18th, the hospital suffered a ransomware attack that impacted internal and corporate systems, hospital phone lines, and the website.

#hospital #ransomware

Security News > 2023 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News","item":"https://cyber.vumetric.com/security-news/"},{"@type":"ListItem","position":2,"name":"2023"}]}