A federal judge has given the green light for attorneys to proceed with a consolidated class action lawsuit against Meta that accuses the social media giant of intercepting sensitive health information with its Pixel tracking tools used in numerous healthcare websites and patient portals.
Advertising on Russian-language criminal forums is paying off for the author of the DarkGate malware as reflected by a spike in infections, including an unusual phishing campaign on Microsoft Teams to deliver the loader through HR-themed social engineering chat messages.
Synthetic ID fraud is nothing new, but it is expanding beyond fraudulent bank accounts to identity scams for auto loans. Many organizations fail to understand the link between data breaches and fraudulent IDs, said Jason Lord, vice president of product marketing at TransUnion.
A Norway court sided with the country's data protection authority in a battle against Facebook over surveillance based-ads, ruling that the agency has the authority to tell the social media giant to temporarily halt behavioral tracking without explicit consent or face daily fines.
Apple released patches Thursday to close a zero-click exploit makers of the Pegasus advanced spyware app used to infect at least one iPhone carried by an individual employed at a Washington, D.C.-based civil society organization. The lab calls the exploit "BlastPass."
In the latest weekly update, ISMG editors discuss the state of cybersecurity market resilience in 2023, why U.S. federal regulators publicly named 130 healthcare firms using web trackers and how SentinelOne ended its partnership with startup Wiz amid takeover discussions.
A third-party management platform founded by a longtime McKinsey consultant closed a funding round to bring further automation to compliance and procurement tasks. Certa plans to invest in AI that takes text-based organizational policies and converts them into controlled workflows.
Perimeter 81's ease of deployment and embrace of a cloud-based architecture made it stand apart from other secure remote access offerings, according to Check Point Software CEO Gil Shwed. The deal will help Check Point build a scalable network foundation that extends to thousands of users.
Multiple nation-state hacking groups have been exploiting known flaws in Zoho ManageEngine software and Fortinet firewalls to steal data, cybersecurity officials warn. A new alert details exploits of each vulnerability by separate groups that targeted the same aeronautical firm.
Chinese hackers were able to access the email accounts of senior U.S. officials after Microsoft included an active digital signing key in a snapshot of data taken to analyze a crash of its consumer signing system in April 2021. Inclusion of the key in the crash dump was just one of many mishaps.
California Gov. Gavin Newsom on Wednesday signed an executive order to study the development, use and risks of artificial intelligence, and develop a process to deploy "trustworthy AI" in the state government. The order calls for a staggered implementation over the next two years.
The rise of artificial intelligence makes it easier for adversaries to harm the U.S. and introduces new risks around malicious insiders with loyalties to China, experts say during a Senate hearing. Generative AI can help less technically sophisticated threat actors carry out complex cyberattacks.
This week, the Swedish DPA fined an insurer $3 million for violating GDPR, a DDoS attack disrupted a German financial agency website, Google Fitbit faced privacy complaints from Schrems, Ragnar Locker published hacked hospital data, and Seville, Spain dealt with the aftermath of a ransomware attack.
The United States and Great Britain imposed sanctions against nearly a dozen Russian members of the malware gang behind the TrickBot ransomware dropper while U.S. federal prosecutors unsealed criminal indictments against nine individuals for their involvement in online crimes including ransomware.
This week's roundup includes an update on the Tornado Cash case, a proposal for a law-abiding crypto mixer, August hack numbers, Stake's resumption of operations, Binance's delisting of privacy coins in Belgium and a court order against the CEO of Celsius.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.