Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months.

A newly identified ransomware group, "Volcano Demon," has emerged, targeting executives directly with threatening phone calls instead of the typical data leak sites. Over the past two weeks, this group has carried out several attacks, deploying a unique ransomware variant known as “LukaLocker,” according to a report from Halcyon. LukaLocker Ransomware Attack Overview Volcano Demon’s ransomware, LukaLocker, encrypts files with a.nba extension.

Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has issued a temporary ban on Meta from processing personal data of users to train its artificial intelligence (AI) algorithms. This decision stems from concerns over inadequate legal justification, lack of transparency, and potential risks to privacy rights, particularly for children and adolescents.

Twilio, the cloud communications provider, has disclosed a security breach affecting its Authy app, exposing users' phone numbers due to an exploit in an unauthenticated endpoint. Understanding the Authy App Breach Twilio confirmed unauthorized access to an endpoint within Authy, leading to the exposure of data linked to Authy accounts, specifically users' cell phone numbers.

Cybersecurity is the most crucial curve in today’s rapidly evolving digital landscape, and all organizations of any size need to be at the forefront of it. With AI becoming mainstream, new emerging trends shape the cybersecurity industry daily.

A large solutions and services company facing strict compliance regulations and enforcements needed a powerful, scalable enterprise data protection solution for their data being migrated over to S3, Athena, Amazon Redshift, and Glue environments. The sensitive data included HR, Financial and customer information. Using Protegrity’s field-level data protection, the company overcame this challenge, significantly improving their processes.

Recent high-profile breaches at Ticketmaster and Santander, attributed to the ShinyHunters group, have brought the critical need for robust data protection measures to the forefront. ShinyHunters, a notorious cybercriminal group known for stealing data from various organizations for financial gain, has demonstrated how vulnerabilities in third-party platforms can lead to significant data breaches.

CLEARFAKE is the term used to describe the malicious in-browser JavaScript framework deployed on compromised webpages as part of drive-by compromise campaigns to deliver information stealers. It has the potential to impact all sectors. Although the CLEARFAKE fake browser update campaign (which was initially identified in Q2 2023) originally targeted Windows users, it expanded to macOS users in Q4 2023.

Modern business operations have become synonymous with outsourcing to vendors, as essentially every business relies on at least a few third-party partnerships to improve efficiency and enhance capabilities. However, these partnerships also present various cybersecurity risks that can negatively impact an organization’s performance, reputation, and compliance with industry regulations and standards. To mitigate these risks, organizations must develop a robust Vendor Risk Management (VRM) process.

The General Data Protection Regulation (GDPR) is one of the world's most stringent data protection laws, designed to safeguard individuals' personal data in Europe. Since its implementation in May 2018, GDPR has significantly impacted how organizations collect, store, and process personal data. Noncompliance with GDPR can lead to severe penalties, including hefty fines and reputational damage, making it imperative for organizations to understand and adhere to its requirements.