ComputerWeekly – ‘Shadow’ AI use becoming a driver of insider cyber risk
“Second, all of these data assets should be inventoried and classified according to type, sensitivity and value to the business.”
Bleepingcomputer – University of Manchester confirms data theft in recent cyberattack
“The University of Manchester finally confirmed that attackers behind a cyberattack disclosed in early June had stolen data belonging to alums and current students.”
vrtnws – Spionagesoftware ontdekt op gsm’s van magistraten en politieagenten
“Met geavanceerde spyware-technologie kan de getroffen gsm overgenomen worden, kunnen berichten, foto’s of contacten bemachtigd worden en kunnen de microfoon en camera ongemerkt ingeschakeld worden”
sdxcentral – The great CISO resignation: Why security leaders are quitting in droves
“Instead, he sees it as coming from “the lack of authority to implement best practices across the company and the lack of visibility at the top on some of the issues that keep them up at night.””
techradar – MWC organizers fined over GDPR biometric security concerns
“The GSMA, the organizers behind Barcelona’s annual Mobile World Congress (MWC), have been fined €200,000 for not carrying out a data protection impact assessment (DPIA)”
ITdaily – Je wachtwoord met 8 tekens is te kraken op 5 minuten
“Een complex wachtwoord met een combinatie van hoofd- en kleine letters, speciale tekens en cijfers kan je vandaag zonder al te speciale hardware kraken in amper vijf minuten tijd. Ook iets langere wachtwoorden zijn niet onhackbaar.”
Nieuwsblad – 12 maanden cel voor factuurfraude: dertiger aast op 65.600 euro van VUB
“Hij onderschepte een factuur die was gericht aan de Vrije Universiteit Brussel (VUB) met de bedoeling zichzelf te verrijken met 65.617 euro.”
nakedsecurity – FBI and FCC warn about “Juicejacking” – but just how useful is their advice?
“Do the security improvements introduced in the wake of the Mactans juicejacking tool back in 2011 still hold up? We think they do, based on plugging an iPhone (iOS 16) and a Google Pixel (Android 13) into a Mac (macOS 13 Ventura) and a Windows 11 laptop (2022H2 build).”
HealthcareITNews – Cybersecurity: addressing the ‘termination gap’ and protecting data
“With the common disconnect between IT and human resources departments, healthcare systems are often leaving terminated employees’ access credentials active for potentially months after they’ve left an organization. It’s a growing vulnerability exploited for cyberattacks. “
SCMedia – Illinois hospital forced into EHR downtime after cyberattack
“After a week of network downtime, officials say they’ve been able to restore a portion of the impacted systems.” … “While the hospital continues its recovery efforts, the cybercriminals are threatening to leak 4GB of data tied to patients with infectious data, according to local media outlets.”