Sensitive Information stories - Page 2

Tenable uncovers a critical SSRF vulnerability in Microsoft's Copilot Studio that could expose sensitive information across multiple tenants. Microsoft has since issued a fix.

Businesses adopting generative AI tools must implement Confidential AI solutions to protect proprietary data and maintain robust Zero Trust policies.

Kaspersky has uncovered a sophisticated cyber fraud scheme, 'Tusk,' exploiting popular trends like web3 and AI to steal cryptocurrency and sensitive data.

Thousands of websites using Oracle NetSuite's SuiteCommerce may be leaking private customer information due to misconfigured access controls.

Barracuda Networks reports a new wave of phishing attacks using advanced “infostealer” malware that exfiltrates extensive sensitive data, urging enhanced cybersecurity measures.

Kaspersky warns that AI’s growing accessibility is enabling cybercriminals to launch sophisticated attacks, making robust AI defences crucial.

Australian Government's PSPF Direction 002-2024 mandates stronger cybersecurity measures, sparking industry experts' applause and calls for resourceful implementation to mitigate risks.

Employees' widespread use of GenAI apps poses privacy risks as 30.8% of these tools train on customer data, a new study by Harmonic Security reveals.

Cybercriminals capitalised on a CrowdStrike Falcon outage by creating over 180 fake support websites, targeting 8.5 million affected devices worldwide.

Immutability is vital for Australian enterprises, ensuring data integrity, compliance, and trust amidst rising cyber threats and stringent regulations.

Cybercriminals are leveraging legitimate URL protection services to disguise phishing attacks, targeting hundreds of companies, reports Barracuda Networks.

Harmonic Security launches Harmonic Protect, a zero-touch data protection tool for the generative AI era, eliminating manual data labelling and complex rules.

Barracuda Networks reveals cybercriminals are exploiting URL protection services to embed malicious code in phishing emails, deceiving recipients into clicking harmful links.

Spark and Netskope have expanded their partnership to offer managed Security Service Edge services in New Zealand, bolstering cybersecurity for remote workers and cloud services.

Businesses face growing deepfake threats, as illustrated by a US$25 million scam targeting a Hong Kong employee. Awareness, training, and advanced tools are crucial to safeguard against such risks.

Apple users are being targeted with 'MFA bombing,' a phishing method that exploits repeated password prompts and spoofed calls to gain account access.

Deepfakes now rank as the second most common security threat to UK businesses, with over 32% experiencing such incidents, a new ISMS.online report reveals.

Cyberattacks threaten the public sector's stability and security, Trustwave's new report reveals, urging robust cyber defence to protect critical systems.

ArchTIS has secured a contract worth AUD $466,840 with an Australian national security agency for their Kojensi software to enable secure collaboration on sensitive data.

A report by Uswitch noted that UK citizens lost GBP £1.2 million to credit card fraud in 2022, with an emphasis on thefts in Ireland and America.