#information-security
#information-security

Privacy technologies

Another Great Zero-Trust Resource - NIST Provides Updated Guidance - Above the Law

fromHarvard Business Review

Information security

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Information security

Create a Company Culture That Takes Cybersecurity Seriously

Information security

fromArs Technica

Cybersecurity takes a big hit in new Trump executive order

The Trump EO alters cybersecurity requirements by removing self-attestation for federal contractors, allowing potential security vulnerabilities to persist.

Cryptocurrency

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

Discord's invitation system has a vulnerability allowing attackers to redirect trusted links to malicious servers.

The malware campaign targets users by exploiting expired or deleted invite links.

fromSecuritymagazine

2 weeks ago

Web frameworks

4 Critical, Known Exploited Vulnerabilities Added to KEV Catalog

fromAbove the Law

Privacy technologies

Another Great Zero-Trust Resource - NIST Provides Updated Guidance - Above the Law

fromHarvard Business Review

Information security

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Information security

Create a Company Culture That Takes Cybersecurity Seriously

fromArs Technica

Information security

Cybersecurity takes a big hit in new Trump executive order

Cryptocurrency

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

Discord's invitation system has a vulnerability allowing attackers to redirect trusted links to malicious servers.

The malware campaign targets users by exploiting expired or deleted invite links.

AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs

AMD warns of vulnerabilities in its chipsets that could lead to information disclosure due to Transient Scheduler Attacks.

fromwww.npr.org

2 weeks ago

Impostor uses AI to impersonate Rubio and contact foreign and US officials

U.S. diplomats are warned of AI-driven impersonation attempts of Secretary of State Marco Rubio and other officials.

fromComputerweekly

Gartner's view on AI security: A Computer Weekly Downtime Upload podcast

Access control must be incorporated into AI systems to prevent data leaks and unauthorized information access.

fromFast Company

Online Community Development

These geeks are building an early warning system for disappearing government data

Meeta Anand, senior director of census and data equity, reported a flood of inquiries about vanishing datasets, indicating widespread concern over lost governmental data.

US politics

fromIT Pro

MCP servers used by developers and 'vibe coders' are riddled with vulnerabilities - here's what you need to know

MCP servers are highly vulnerable due to their misconfiguration, risking sensitive assets and enabling unauthorized remote access.

The prevalence of vulnerabilities such as 'NeighborJack' highlights the need for better security measures in MCP server deployments.

Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents

Former CIA analyst Asif Rahman sentenced to 37 months for unlawfully retaining and transmitting top secret information.

Software was used to edit images of classified documents to conceal transmission activity.

#data-breach

EU data protection

DNA testing firm 23andMe fined 2.3m by UK regulator for 2023 data hack

EU data protection

Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki

EU data protection

DNA testing firm 23andMe fined 2.3m by UK regulator for 2023 data hack

EU data protection

Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki

more#data-breach

#military-operations

Information security

Signalgate is a signal to revisit security onboarding and training | Computer Weekly

Adam Schiff asks the National Archives to review the Trump administration's use of Signal.

Pete Hegseth shared sensitive military information in a private chat, raising concerns about security protocols.

fromwww.aljazeera.com

US news

US's Hegseth shared military information in second Signal chat, reports say

Information security

Signalgate is a signal to revisit security onboarding and training | Computer Weekly

Adam Schiff asks the National Archives to review the Trump administration's use of Signal.

Pete Hegseth shared sensitive military information in a private chat, raising concerns about security protocols.

fromwww.aljazeera.com

US news

US's Hegseth shared military information in second Signal chat, reports say

more#military-operations

#national-security

Information security

When leaders ignore cybersecurity rules, the whole system weakens | Computer Weekly

fromNew York Post

US news

Mike Waltz is expected to be fired as Trump national security adviser: source

US news

BREAKING: Pete Hegseth Reportedly Shared Attack Details With Wife and Brother in Second Signal Chat

US news

Mike Waltz's Team Set Up At Least' 20 Other Signal Chats for Various Other Crises: Report

fromTechCrunch

Privacy professionals

Trump's national security advisor reportedly used his personal Gmail account to do government work | TechCrunch

fromABC7 Los Angeles

US politics

Trump downplays national security team texting military operation plan on Signal as a minor 'glitch'

Information security

When leaders ignore cybersecurity rules, the whole system weakens | Computer Weekly

fromNew York Post

US news

Mike Waltz is expected to be fired as Trump national security adviser: source

BREAKING: Pete Hegseth Reportedly Shared Attack Details With Wife and Brother in Second Signal Chat

Defense Secretary's unauthorized disclosure of military strikes raises security concerns.

Hegseth utilized Signal app for private chats potentially compromising classified information.

US news

Mike Waltz's Team Set Up At Least' 20 Other Signal Chats for Various Other Crises: Report

fromTechCrunch

Trump's national security advisor reportedly used his personal Gmail account to do government work | TechCrunch

Senior Trump administration officials improperly used personal Gmail for government communications, risking sensitive information.

US politics

fromABC7 Los Angeles

Trump downplays national security team texting military operation plan on Signal as a minor 'glitch'

Trump downplayed messaging error in military chats, calling it a minor glitch amid criticism from Democrats on information security.

more#national-security

Roam Research

fromHackernoon

A Beginner's Guide to Reconnaissance in PenTesting | HackerNoon

Reconnaissance is the most critical and often neglected phase in penetration testing.

N.W.T.'s medical record system under the microscope after 2 reported cases of snooping

Medical records are vulnerable to unauthorized access, highlighting a need for better privacy protections.

Artificial intelligence

Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures

Threat actors are using fake AI tools to distribute malware designed to steal sensitive information.

Beyond the hook: How phishing is evolving in the world of AI | Computer Weekly

Phishing attacks have evolved dramatically, shifting from generic emails to hyper-personalised schemes leveraging AIâcomplicating countermeasures and increasing risks.

Artificial intelligence

#trump-administration

US news

Photo Shows Waltz's Conversations on a Version of Signal

US politics

Trump has managed to spin Signalgate as a media lapse, not a major security breach | Andrew Roth

The Signal chat controversy reveals significant issues in government communication and security during the Trump era.

US news

Photo Shows Waltz's Conversations on a Version of Signal

US politics

more#trump-administration

Trump has managed to spin Signalgate as a media lapse, not a major security breach | Andrew Roth

The Signal chat controversy reveals significant issues in government communication and security during the Trump era.

fromeuronews

Hegseth shared airstrike details in second Signal chat, media report

US Defence Secretary Pete Hegseth shared a military airstrike's details in a non-secure chat, raising concerns over classified information handling.

fromwww.dw.com

Hegseth shared Yemen war plans in second Signal chat: media DW 04/21/2025

US Defense Secretary Pete Hegseth shared sensitive info about an attack on Yemen's Houthis in unauthorized Signal chats, prompting security investigations.

fromABC7 Los Angeles

2nd Signal chat reveals Hegseth messaging about Yemen strikes with family members, sources say

Defense Secretary Pete Hegseth allegedly shared sensitive military attack details in a private Signal group chat, raising security concerns.

fromHackernoon

1 year ago

Prompt Injection Is What Happens When AI Trusts Too Easily | HackerNoon

Generative AI is becoming essential in daily life, but it poses significant security threats like prompt injection, which can manipulate AI systems.

NIST calls time on older vulnerabilities amid surging disclosures | Computer Weekly

NIST to stop updating older CVEs, marking them as deferred due to resource prioritization amid backlog strains.

fromTheregister

Oracle plays coy on reported Cloud, Health security breaches

Oracle is facing severe data security allegations, with potential evidence of a breach that the company denies.

Information security

fromTechzine Global

An 'IngressNightmare' haunts Kubernetes clusters

Ingress NGINX Controller vulnerabilities expose Kubernetes clusters to unauthorized access, affecting 43% of cloud environments with a CVSS score of 9.8.

fromPoynter

You're a journalist added to a classified group chat. Here's what you need to consider. - Poynter

When journalists receive sensitive information, they should always consider the ethical implications, especially in light of past breaches and the current political climate.

Privacy professionals

The Trump Administration Accidentally Texted Me Its War Plans

The leak of sensitive military plans to a reporter raises critical questions about security and information sharing during conflicts.

fromInc

fromIPWatchdog.com | Patents & Intellectual Property Law

Why You Need to Follow Consumer Trends

Consumer expectations are rising, emphasizing the need for businesses to prioritize trust, transparency, and customer communication.

Trade Secrets Outlook: Cloudy with a Chance of Exposure

Cloud-based solutions enhance collaboration but pose new risks to trade secret protection.

Companies can implement strategies to mitigate risks associated with cloud sharing of sensitive information.

fromTheregister

Malicious GitHub repositories linked to nearly 1M infections

Microsoft uncovered a malvertising campaign exposing nearly one million devices to information theft via GitHub-hosted malware.

fromBusiness Insider

fromwww.securitymagazine.com

Social Security workers aren't allowed to read news sites at work anymore

The SSA has imposed new internet restrictions, limiting access to news and shopping websites to protect sensitive information.

Information security

Niel Harper Top Cybersecurity Leaders 2025

Strong leadership blends technical expertise and management skills.

Privacy technologies

fromMail Online

Alarming report finds Apple is giving Americans' data to US government

Big Tech companies are increasingly sharing personal data with the US government, raising privacy concerns.

Significant increases in data-sharing rates have been reported among major companies like Apple, Google, and Meta.

fromeLearning Industry

How Can Encryption Protect Your Data? A Guide For eLearning Students

In a world where cyber threats are more prevalent than ever, understanding how encryption works is crucial for eLearning students to protect their personal data.

Privacy professionals

fromAbove the Law

But Her Emails Redux: Team Trump Makes CIA Send List Of All Recently Hired Employees Over Unclassified Email - Above the Law

The White House demanded that sensitive CIA hiring information be sent via unclassified email, risking exposure to adversaries, despite prior warnings about email security.

Law

fromTheregister