War of the words: Fancy Bear actions are βintolerable and unacceptable,β complains German foreign minister Annalena Baerbock.
The post Germany Warns Russia: Hacking Will Have Consequences appeared first on Security Boulevard.
The wireless communications provider announced the new company at RSA, promising that Level Blue will include managed security services and consulting services.
The post AT&T Spins Out Its Cybersecurity Business to Create LevelBlue appeared first on Security Boulevard.
The axiom βgarbage in, garbage outβ has been around since the early days of computer science and remains apropos today to the data associated with user behavior analytics and insider risk management (IRM). During a recent Conversations from the Inside (CFTI) episode, Mohan Koo, DTEX President and Co-Founder, spoke about how organizations are often quick β¦ Continued
The post User Behavior Analytics: Why False Positives are NOT the Problem appeared first on DTEX Systems Inc.
The post User Behavior Analytics: Why False Positives are NOT the Problem appeared first on Security Boulevard.
AI is rapidly increasing the pace of API creation within organizations, leading to API security becoming as significant as traditional application security.
Hereβs what you can learn from the top five API breaches of the last quarter.
The post API Vulnerabilities Found Across AI Infrastructure Projects at NVIDIA, Mercedes appeared first on Security Boulevard.
Google is encouraging the adoption of multi-factor authentication to protect against phishing and other cyberattacks. It hopes 2-Step Verification (2SV) can help.
The post Google Makes Implementing 2FA Simpler appeared first on Security Boulevard.
The new Google Threat Intelligence cloud service draws from Mandiant, VirusTotal, and its own insights and combines them with generative AI.
The post Google Continues Mixing Generative AI into Cybersecurity appeared first on Security Boulevard.
In the ever-evolving world of ransomware, itβs getting easier for threat groups to launch attacks β as evidence by the growing number of incidents β but more difficult to make a profit. Organizationsβ cyber-defenses are getting more resilient, decryptors that enable victims to regain control of their data, and law enforcement crackdowns on high-profile cybercrime..
The post Ransomware Attacks are Up, but Profits are Down: Chainalysis appeared first on Security Boulevard.
Chinese crooks are running a global network of more than 75,000 fake online shops to steal credit card data and process fraudulent payments.
The post Massive Online Shopping Scam Racks Up 850,000 Victims appeared first on Security Boulevard.
Dell data breach notification[/caption]
Dell Technologies is a publicly traded company that operates in 180 countries and is headquartered in Round Rock, Texas. Dell is the third-largest personal computer vendor in the world by unit sales, behind Lenovo and HP and serves more than 10 million small and medium-sized businesses and receives 500 million annual eCommerce visits.
The tech giant generated a revenue of $102.3 billion in 2023 and has over 500,000 commercial customers and 2,500 enterprise accounts.
The threat actor claimed this data set contained an up-to-date details of registered Dell servers including vital personal and company information such as full names, addresses, cities, provinces, postal codes, countries, unique 7-digit service tags of systems, system shipment dates (warranty start), warranty plans, serial numbers (for monitors), Dell customer numbers and Dell order numbers.
The threat actor asserted that he was the sole possessor of this data that entailed approximately 7 million records of individual/personal purchases, while 11 million belong to consumer segment companies. The remaining data pertained to enterprise, partners, schools or unidentified entities.
The threat actor also highlighted the top five countries with the most systems represented in the database, which included the United States, China, India, Australia and Canada.
The data, claimed to be sourced from Dell and containing 49 million customers and other systems details between 2017 and 2024, aligned with the details outlined in Dell's breach notification.
However, The Cyber Express could not confirm if the two data sets are the same as Dell did not immediately respond to our request for confirmation.
Although the sale of the database appears to have ceased, the possibility of further exploitation remains. Although Dell refrained from disclosing the specific impact of the breach, it remains vigilant about potential risks associated with the stolen information. While the compromised data lacks email addresses, threat actors could exploit it for targeted phishing and smishing attacks against Dell customers.
They could contact Dell customers as fake customer service executives and lead them into downloading malware or infostealers as is seen in many previous campaigns.
Dell advises customers to exercise caution regarding any communications purportedly from Dell, especially those urging software installations, password changes or other risky actions and encourages customers to verify the legitimacy of such communications directly with Dell.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Source: securityboulevard.com β Author: Jeffrey Burt A group of bad actors β likely from China β is running a global cybercrime-as-a-service operation. It oversees a massive network of fake shopping websites that has conned more than 850,000 people in the United States and Europe into purchasing items, over the past three years, and the organization [β¦]
La entrada Massive Online Shopping Scam Racks Up 850,000 Victims β Source: securityboulevard.com se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
The Cybersecurity and Infrastructure Security Agencyβs (CISAβs) Known Exploited Vulnerabilities (KEV) list is shown to increase speed of fixing vulnerabilities, but VerizonβsΒ Data Breach Investigations Report (DBIR) also shows that remediation is still taking much longer than it should. Does βimprovementβ mean we will continue to improve, or just that these vulnerabilities change priority and still get fixed as slowly as before? Only time will tell.Β Β
The post Cybersecurity Insights with Contrast CISO David Lindner | 5/10/24 appeared first on Security Boulevard.
DUDE! Youβre Getting Phished.
Dell customer data from the past six (or more?) years was stolen. It looks like someone sold scads of personal information to the highest bidder.
The post Dell Hell: 49 Million Customersβ Information Leaked appeared first on Security Boulevard.
The tech giant says the information stolen doesn't represent a significant risk to users, but cybersecurity experts disagree.
The post Dell Data Breach Could Affect 49 Million Customers appeared first on Security Boulevard.
Source: securityboulevard.com β Author: Jeffrey Burt Dell is sending emails to as many as 49 million people about a data breach that exposed their names, physical addresses, and product order information. According to the brief message, bad actors breached a Dell portal that contains a database βwith limited types of customer information related to purchases [β¦]
La entrada Dell Data Breach Could Affect 49 Million Customers β Source: securityboulevard.com se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: securityboulevard.com β Author: Richi Jennings Dark web sale of leaked data exposes Dell users to phishing phraud. Dell customer data from the past six or more years has been stolen. It looks like scrotes unknown broke into the company support portal and sold scads of personal information to the highest bidder. Again? In todayβs [β¦]
La entrada Dell Hell: 49 Million Customersβ Information Leaked β Source: securityboulevard.com se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
In this first-ever in-person recording of Shared Security, Tom and Kevin, along with special guest Matt Johansen from Reddit, discuss their experience at the RSA conference in San Francisco, including their walk-through of βenhanced securityβ and the humorous misunderstanding that ensued. The conversation moves to the ubiquity of AI and machine learning buzzwords at the [β¦]
The post Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools appeared first on Shared Security Podcast.
The post Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools appeared first on Security Boulevard.
ΠΡΠ΄Π΅Ρ! Russian ransomware rascals riled a Roman Catholic healthcare organization.
The post FBI/CISA Warning: βBlack Bastaβ Ransomware Gang vs. Ascension Health appeared first on Security Boulevard.
It was probably inevitable. Threat researchers detected bad actors using stolen credentials to target LLMs, with the eventual goal of selling the access to other hackers.
The post Novel LLMjacking Attacks Target Cloud-Based AI Models appeared first on Security Boulevard.
It sounds official β like it might be the subject of the next action-packed, government espionage, Jason Bourne-style thriller. Or maybe put it before the name of a racy city and have your next hit crime series. A history of mysterious aliases like βofficial use only,β βlaw enforcement sensitive,β and βsensitive but unclassifiedβ only adds...
The post Understanding CUI: What It Is and Guidelines for Its Management appeared first on Hyperproof.
The post Understanding CUI: What It Is and Guidelines for Its Management appeared first on Security Boulevard.
The Biden Administration is moving to cybersecurity standards for hospitals, but the AHA is pushing back, saying voluntary models are enough.
The post UnitedHealth, Ascension Attacks Feed Debate Over Health Care Security appeared first on Security Boulevard.
Exit Planning is the strategic process of preparing for the eventual transfer or sale of a business. It takes into account the business ownerβs personal and financial goals and involves decisions and actions that enable a smooth and organized exit from the business.Β Exit planning presents a challenging time for business owners. As they prepare [β¦]
The post Managing Cyber Risk in Exit Strategy Planning appeared first on BlackCloak | Protect Your Digital Lifeβ’.
The post Managing Cyber Risk in Exit Strategy Planning appeared first on Security Boulevard.
May is mental health awareness month! In pursuing help or advice for mental health struggles (beyond just this month, of course), users may download and use mental health apps. Mental health apps are convenient and may be cost effective for many people.
However, while these apps may provide mental health resources and benefits, they may be harvesting considerable amounts of information and sharing health-related data with third parties for advertising and tracking purposes.
Disclaimer: This post is not meant to serve as legal or medical advice. This post is for informational purposes only. If you are experiencing an emergency, please contact emergency services in your jurisdiction.
Many people have misconceptions about the Health Insurance Portability and Accountability Act (HIPAA) and disclosure/privacy.
According to the US Department of Health and Human Services (HHS), HIPAA is a "federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge." There is a HIPAA Privacy Rule and a HIPAA Security Rule.
The Centers for Disease Control and Prevention (CDC) states the Privacy Rule standards "address the use and disclosure of individuals' health information by entities subject to the Privacy Rule." It's important to understand that the Privacy Rule covers entities subject to it.
Entities include healthcare providers, health plans, health clearing houses, and business associates (such as billing specialists or data analysts). Many mental health apps aren't classified as either; also, though there are a few subject to HIPAA, some have been documented not to actually be compliant with HIPAA rules.
What does this mean? Many mental health apps are not considered covered entities and are therefore "exempt" (for lack of better word) from HIPAA. As such, these apps appear to operate in a legal "gray area," but that doesn't mean their data practices are ethical or even follow proper basic information security principles for safeguarding data...
Even apps that collect PHI information protected by HIPAA may still share/use your information that doesn't fall under HIPAA protections.
Naturally, data collected by apps falling under the "mental health" umbrella varies widely (as do the apps that fall under this umbrella.)
However, most have users create accounts and fill out some version of an "intake" questionnaire prior to using/enrolling in services. These questionnaires vary by service, but may collect information such as:
Account creation generally and at minimum requires user email and a password, which is indeed routine.
It's important to note your email address can serve as a particularly unique identifier - especially if you use the same email address everywhere else in your digital life. If you use the same email address everywhere, it's easier to track and connect your accounts and activities across the web and your digital life.
Account creation may also request alternative contact information, such as a phone number, or supplemental personal information such as your legal name. These can and often do serve as additional data points and identifiers.
It's also important to note that on the backend (usually in a database), your account may be assigned identifiers as well. In some cases, your account may also be assigned external identifiers - especially if information is shared with third parties.
Intake questionnaires can collect particularly sensitive information, such as (but not necessarily limited to):
Question from BetterHelp intake questionnaire found in FTC complaint against BetterHelp
These points of sensitive information are rather intimate and can easily be used to identify users - and could be disasters if disclosed in a data breach or to third party platforms.
These unique and rather intimate data points can be used to exploit users in highly targeted marketing and advertising campaigns - or perhaps even used to facilitate scams and malware via advertising tools third parties who may receive such information provide to advertisers.
Note: If providing health insurance information, many services require an image of the card. Images can contain EXIF data that could expose a user's location and device information if not scrubbed prior to upload.
Far more often than not, information collected by mental health apps extends past information a user may disclose in processes such as account creation or completing intake forms - these apps often harvest device information, frequently sending it off the device and to their own servers.
For example, here is a screenshot of the BetterHelp app's listing on the Apple App Store in MAY 2024:
The screenshot indicates BetterHelp uses your location and app usage data to "track you across apps and websites owned by other companies." We can infer from this statement that BetterHelp shares your location information and how you use the app with third parties, likely for targeted advertising and tracking purposes.
The screenshot also indicates your contact information, location information, usage data, and other identifiers are linked to your identity.
Note: Apple Privacy Labels in the App Store are self-reported by the developers of the app.
This is all reinforced in their updated privacy policy (25 APR 2024), where BetterHelp indicates they use external and internal identifiers, collect app and platform errors, and collect usage data of the app and platform:
In February 2020, an investigation revealed BetterHelp also harvested the metadata of messages exchanged between clients and therapists, sharing them with platforms like Facebook for advertising purposes. This was despite BetterHelp "encrypting communications between client and therapist" - they may have encrypted the actual message contents, but it appears information such as when a message was went, the receiver/recipient, and location information was available to the servers... and actively used/shared.
While this may not seem like a big deal at first glance - primarily because BetterHelp is not directly accessing/reading message contents - users should be aware that message metadata can give away a lot of information.
Cerebral, a mental health app that does fall under the HIPAA rules, also collects device-related data and location data, associating them with your identity:
According to this screenshot, Cerebral shares/uses app usage data with third parties, likely for marketing and advertising purposes. Specifically, they...
The post Mental Health Apps are Likely Collecting and Sharing Your Data appeared first on Security Boulevard.
Phish Ahoy! Hacker took advantage of Dellβs lack of anti-scraping defense.
The post Dell Hell Redux β More Personal Info Stolen by βMenelikβ appeared first on Security Boulevard.
The operators behind the Ebury server-side malware botnet have been doing business since at least 2009 and, according to the threat researchers who have been tracking it for the last decade, are stronger and more active than ever. The malware has compromised at least 400,000 Linux servers over the past 15 years, with about 100,000..
The post 15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers appeared first on Security Boulevard.
Source: securityboulevard.com β Author: Jeffrey Burt The operators behind the Ebury server-side malware botnet have been doing business since at least 2009 and, according to the threat researchers who have been tracking it for the last decade, are stronger and more active than ever. The malware has compromised at least 400,000 Linux servers over the [β¦]
La entrada 15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers β Source: securityboulevard.com se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
One in three office workers who use GenAI admit to sharing customer info, employee details and financial data with the platforms. Are you worried yet?
The post Risks of GenAI Rising as Employees Remain Divided About its Use in the Workplace appeared first on Security Boulevard.
Hackers can find templates for DocuSign and other companies for their phishing campaigns on dark web marketplaces for as little as $10.
The post Hackers Use Fake DocuSign Templates to Scam Organizations appeared first on Security Boulevard.
For two decades, the Payment Card Industry Data Security Standard (PCI DSS) has been the only show in town when it comes to regulating cardholder data. Created by the five big card companies (Visa, Mastercard, Discover, JCB and American Express) in 2004, it aims to enforce compliance through a kind of carrot-and-stick approach. That is, follow the rules and your organization will be able to continue processing card payments as usual. But fail to comply, and major fines could be headed your way.
The post Counting the Cost of PCI DSS Non-Compliance appeared first on Security Boulevard.
The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data.
If law enforcement has gained access to the hacking forumβs backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be used in law enforcement investigations.
[β¦]
The FBI is requesting victims and individuals contact them with information about the hacking forum and its members to aid in their investigation.
The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBIβs Internet Crime Complaint Center (IC3)...
The post FBI Seizes BreachForums Website appeared first on Security Boulevard.
WTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans.
The post North Korea IT Worker Scam Brings Malware and Funds Nukes appeared first on Security Boulevard.
It took two brothers who went to MIT months to plan how they were going to steal, launder and hide millions of dollars in cryptocurrency -- and only 12 seconds to actually pull off the heist.
The post Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds appeared first on Security Boulevard.
Login