Dutch National Railway data breach impacts 780,000 customers

by
The Dutch National Railway, known by the initials NS, started notifying 780,000
passengers on March 28 of a data breach exposing their personally identifiable
information.

How it all began

According to the Dutch train operator, the breach originated via a software
supplier of market research firm Blauw, the agency conducting customer
satisfaction surveys for NS.

Although the exact circumstances of the cyberattack and data leak have yet to be
identified, Blauw’s security notification may shed

Law enforcement seized the Genesis Market cybercrime marketplace

by

Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster. The FBI seized the Genesis Market, a black marketplace for stolen credentials that was launched in 2017. Genesis Market was an invite-only marketplace, but it was not complex to find invite codes online. […]

The post Law enforcement seized the Genesis Market cybercrime marketplace appeared first on Security Affairs.

Protect Your Company: Ransomware Prevention Made Easy

by
Every year hundreds of millions of malware attacks occur worldwide, and every year businesses deal with the impact of viruses, worms, keyloggers, and ransomware. Malware is a pernicious threat and the biggest driver for businesses to look for cybersecurity solutions. 
Naturally, businesses want to find products that will stop malware in its tracks, and so they search for solutions to do that.

FBI Dismantles ‘Genesis Market’ Cybercrime Marketplace, Arrests Operators

by
The FBI cracked down on “Genesis Marketplace,” an infamous cybercrime hub that
sold stolen data to perpetrators worldwide.

Yesterday, several domains linked to the underworld marketplace went down;
accessing them would prompt an FBI seizure notice to visitors instead of their
regular homepages. The intervention, dubbed “Operation Cookie Monster,” was the
work of law enforcement agencies from Australia, the US, the UK, Canada,
Denmark, Germany, the Netherlands, Spain and Sweden.

The notice furt

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

by

CISOs are no longer only responsible for the cybersecurity of systems used internally. In many organizations they also focus on securing products and public-facing applications, and one way to do this well is through risk assessment.

Assessing risk requires identifying baseline security criteria around key elements such as customer contracts and regulatory requirements, Neil Lappage, partner at LeadingEdgeCyber and ISACA member, tells CSO. “From the start, you’ve got things you’re committed to such as requirements in customer contracts and regulatory requirements and you have to work within those parameters. And you need to understand who your interested parties are, the stakes they’ve got in the game, and the security objectives.”

To read this article in full, please click here

Let’s pump the brakes on the rush to incorporate AI into cybersecurity

by

It seems that everyone is rushing to embed artificial intelligence into their solutions, and security offerings are among the latest to obtain this shiny new thing. Like many, I see the potential for AI to help bring about positive change, but also its potential as a threat vector.

To some, recent AI developments are a laughing matter. On April 1, 2023, that traditional day when technology and social media sites love to pull a fast one on us and engage in often elaborate pranks, the Twitter account for the MITRE ATT&CK platform launched the #attackgpt Twitter bot, which invited users to employ the hashtag #attackgpt, which would generate an “AI” response to questions about the anti-hacker knowledge base. In reality, it was an April fool’s prank with MITRE’s social media team cranking out funny answers in the guise of a chatbot.

To read this article in full, please click here