"Brazil data protection authority bans META from training AI models with data originating in the country."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 04 July 2024, 1537 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed/Security Affairs.

Please scroll down to read your selections.   Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

65K followers22 articles per week#security#tech

20

MOST POPULAR

Brazil data protection authority bans Meta from training AI models with data originating in the country

Google updates terms for AI training

•

by Pierluigi Paganini / 4h

Brazil’s data protection authority temporarily banned Meta from using data originating in the country to train its artificial intelligence. Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has imposed a temporary ban on Meta from processing users’ personal data for training its artificial intelligence (AI) models. “The National Data Protection Authority (ANPD)

Healthcare fintech firm HealthEquity disclosed a data breach

HealthEquity data breach exposes information

•

by Pierluigi Paganini / 2h

Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. after a partner’s compromised account was used to access its systems. The intruders have stolen protected health information from the company systems. The company discovered an anomalous behavior from the partner’s personal device and immediately launched an i

China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

5 TTPs

•

by Pierluigi Paganini / 2d

•

CVE-2024-20399

Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-2024-20399 (CVSS score of 6.0), that the China-linked group Velvet Ant exploited to deploy previously unknown malware as root on vulnerable switches. The flaw resides in the CLI of Cisco NX-OS Software, an

YESTERDAY

Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

3 TTPs

•

by Pierluigi Paganini / 7h

Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including four high-severity flaws. The vulnerability CVE-2024-36985 is a Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archi

Hackers obtained user data from Twilio-owned 2FA authentication app Authy

7 TTPs

•

by Pierluigi Paganini / 8h

•

Twilio hack exposes Authy users

Twilio states that threat actors have identified the phone numbers of users of its two-factor authentication app, Authy, TechCrunch reported. Last week, the notorious hacker ShinyHunters claimed to have stolen 33 million phone numbers from Twilio. This week the messaging firm told TechCrunch that “threat actors” identified data of Authy users, a two-factor authentication app owned by Twilio, incl

Operation Morpheus took down 593 Cobalt Strike servers used by threat actors

5 TTPs

•

by Pierluigi Paganini / 20h

•

Cybercriminals exploit Cobalt Strike

An international law enforcement operation code-named Operation Morpheus led to the takedown of 593 Cobalt Strike servers used by crooks. An international law enforcement operation, code-named Operation Morpheus, aimed at combatting the criminal abuse of an older, unlicensed version of the Cobalt Strike red teaming tool. The Cobalt Strike platform was developed for Adversary Simulations and Red T

LockBit group claims the hack of the Fairfield Memorial Hospital in the US

Monti gang hacks Wayne Memorial Hospital

•

by Pierluigi Paganini / 1d

The LockBit ransomware group breached another hospital in the United States, the victim is the Fairfield Memorial Hospital in Illinois. It has happened again, another US healthcare organization suffered a security breach, this time the victim is the Fairfield Memorial Hospital in Illinois. Fairfield Memorial Hospital is a not-for-profit critical access hospital located in Fairfield, Illinois. It

American Patelco Credit Union suffered a ransomware attack

Patelco Credit Union faces security breach

•

by Pierluigi Paganini / 1d

The American credit union Patelco Credit Union shut down several of its banking systems to contain a ransomware attack. Patelco Credit Union is a member-owned, not-for-profit credit union that serves Northern California, particularly the San Francisco Bay Area. Founded in 1936, it is one of the oldest and largest credit unions in the country. With more than $9 billion in assets, it is the 22nd la

JUL 2, 2024

Polish government investigates Russia-linked cyberattack on state news agency

Poland probes Russian cyberattacks

•

by Pierluigi Paganini / 1d

The Polish government is investigating a potential connection between Russia and a cyberattack on the country’s state news agency. The Polish government is investigating a suspected link between Russia and the cyberattack on the country’s state news agency Polish Press Agency (PAP). “The Polish Press Agency (PAP) has been hit by a cyberattack; all pertinent information regarding this critical inc

Evolve Bank data breach impacted fintech firms Wise and Affirm

Evolve Bank faces cyber breach

•

by Pierluigi Paganini / 1d

Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by the recent data breach at Evolve Bank . At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data

Prudential Financial data breach impacted over 2.5 million individuals

KADOKAWA hit by ransomware attack

•

by Pierluigi Paganini / 2d

Prudential Financial confirmed that more than 2.5 million individuals were affected by the data breach it suffered in February 2024. The insurance company Prudential Financial confirmed that the data breach it suffered in February 2024 affected over 2.5 million individuals. The incident occurred on February 4, 2024, and was discovered on February 5, 2024. The company did not share details of the

JUL 1, 2024

Australian man charged for Evil Twin Wi-Fi attacks on domestic flights

Wi-Fi scam targets airport users

•

by Pierluigi Paganini / 2d

An Australian man has been charged with carrying out ‘Evil Twin’ Wi-Fi attack during a domestic flight to steal user credentials and data. An Evil Twin Wi-Fi attack is a type of cyberattack where a threat actor sets up a rogue wireless access point that mimics a legitimate one. The goal is to trick users into connecting to the fake access point, thereby allowing the attacker to intercept, capture

Critical unauthenticated remote code execution flaw in OpenSSH server

2 TTPs

•

by Pierluigi Paganini / 3d

A critical flaw in the OpenSSH server can be exploited to achieve unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintainers addressed a critical vulnerability, tracked as CVE-2024-6387, that can lead to unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintained have addressed the vulnerability with

Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania

by Pierluigi Paganini / 3d

Wayne Memorial Hospital in Pennsylvania was the victim of a cyber attack, Monti gang claimed to have hacked the healthcare infrastructure. Another critical infrastructure healthcare suffered a security breach, this time the victim is the Wayne Memorial Hospital in Pennsylvania. Wayne Memorial Hospital is