BleepingComputer – Deutsche Bank confirms provider breach exposed customer data
“Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers’ data in a likely MOVEit Transfer data-theft attack.”
ComputerWeekly – ‘Shadow’ AI use becoming a driver of insider cyber risk
“Second, all of these data assets should be inventoried and classified according to type, sensitivity and value to the business.”
techradar – MWC organizers fined over GDPR biometric security concerns
“The GSMA, the organizers behind Barcelona’s annual Mobile World Congress (MWC), have been fined €200,000 for not carrying out a data protection impact assessment (DPIA)”
HealthcareITNews – Cybersecurity: addressing the ‘termination gap’ and protecting data
“With the common disconnect between IT and human resources departments, healthcare systems are often leaving terminated employees’ access credentials active for potentially months after they’ve left an organization. It’s a growing vulnerability exploited for cyberattacks. “
VRTNWS – Wereldwijde operatie tegen cybercriminaliteit: meer dan 100 mensen opgepakt in 13 landen
“Het Europese justitienetwerk Eurojust schat dat er gegevens te koop waren die gestolen waren vanop 460.000 verschillende toestellen, goed voor zo’n 2 miljoen slachtoffers.”
VentureBeat – Multifactor authentication: Keeping employee data secure through digital ID management
“MFA combines the traditional use of a username and password with the need to verify additional layers of security. This makes it much harder for someone to access your information.”
Malwarebytes – LastPass was undoen by an attack on a remote employee
“The company has now revealed that the individual(s) responsible for the attack also compromised a remote employee’s computer, in order to capture credentials used in the second attack.”
vrtnws – Cyberveiligheid stad Antwerpen had tientallen kwetsbaarheden: audit waarschuwt in 2021 al voor manke beveiliging
“Uit de doorlichting blijkt ook dat tijdens gesprekken die de onderzoekers doen met medewerkers van de stad Antwerpen, er niet op alle externe systemen multi-factor authenticatie is ingesteld.”
InfoSecurity – Time Taken to Deplay Ransomware Drops 94%
“Threat actors have significantly accelerated their deployment of ransomware in recent years, from an average of over 60 days per attack in 2019 to less than four days in 2021, according to IBM.”
De Morgen – Van wanbetalers tot medische attesten: hackers publiceren ‘privacygevoelige data’ in Geraardsbergen
“Gestolen gegevens van de stad Geraardsbergen zijn afgelopen nacht door hackers op het ‘dark web’ gepubliceerd. Er staan onder andere namen in van burgers in schuldbemiddeling en van mensen met medische problemen, zoals dragers van een stoma of gebruikers van thuisdialyse. “