Category: Data Protection

A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as legitimate software, but as content / output created by a legitimate-looking AI tool. AI as a social engineering […]

May 09, 2025Ravie LakshmananMalware / Email Security Cybersecurity researchers are warning of a new campaign that’s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. “The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and […]

Five months after education software vendor PowerSchool paid an unnamed threat actor a ransom in exchange for the deletion of sensitive stolen data, some of the company’s customers are now receiving extortion demands.  A threat actor, who may or not be the same criminal group behind the attack, has contacted four school district customers of […]

John Leyden 10 February 2023 at 16:30 UTC Updated: 27 February 2023 at 15:32 UTC Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news KeePass has become the latest password manager utility obliged to defend its reputation following the discovery of an alleged vulnerability. Security researchers warned that it might be […]

Elyse Betters Picaro / ZDNET Do you ever use “123456,” “admin,” or “password” as the password for a personal or work account? If so, you’re unfortunately not alone and are placing yourself and your employer at risk. Also: 10 passkey survival tips: Prepare for your passwordless future now Published last Friday by security news and […]

The Irish Data Protection Commission (DPC) announced on May 2 that it was issuing a €530m ($600m) fine to TikTok’s European branch following an inquiry into the company’s transfers of users in the European Economic Area (EEA) to China. The DPC, Ireland’s national data protection regulator, is the Lead Supervisory Authority for TikTok in the […]

According to the 2024 State of Ransomware report by Sophos, there was a 500% increase in ransom bills in the last 12 months. Moreover, an analysis by Comparitech revealed 181 confirmed ransomware incidents targeting healthcare providers in 2024, with 25.6 million records compromised.   Meanwhile, there were 42 more confirmed attacks on healthcare organizations not involved in direct […]

Sophos Firewall v21.5 adds a top requested feature: Entra ID single sign-on (SSO) integration with Sophos Connect and the VPN portal. SSO for Remote Access VPN Adding single sign-on integration with Sophos Connect and the firewall VPN portal makes remote access VPN easier for end-users, enabling them to use their corporate network credentials with the […]

An employee at Elon Musk’s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk’s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned. […]

Hacker zielen vermehrt auf KMUs und ihre Edge-Geräte und VPNs. PR Image Factory – shutterstock.com Cyberkriminelle bleiben einfallsreich und machen sich technische Neuerungen schnell sowie effektiv zu nutzen. Sowohl dadurch als auch durch eine gestiegene Sensibilität für vorhandene Angriffsvektoren bei möglichen Opfern ist ein verändertes Muster ihrer Attacken begründet. Im Data Breach Investigation Report (DBIR) […]