data protection | Breaking Cybersecurity News | The Hacker News

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider's storage security controls and default settings. "In just the past few months, I have witnessed two different methods for executing a ransomware attack using nothing but legitimate cloud security features," warns Brandon Evans, security consultant and SANS Certified Instructor. Halcyon disclosed an attack campaign that leveraged one of Amazon S3's native encryption mechanisms, SSE-C, to encrypt each of the target buckets. A few months prior, security consultant Chris Farris demonstrated how attackers could perform a similar attack using a different AWS security feature, KMS keys with external key material, using simple scripts generated by ChatGPT. "Clearly, this topic is top-of-mind for both threat actors and ...

Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea's Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration , he will break down every technical step of a ransomware attack, showing you how hackers exploit vulnerabilities and encrypt data—in clear, simple language. What You Will Learn Attack Initiation: Understand how hackers exploit software bugs and weak passwords to breach your network. Hacker Tactics: See the technical methods hackers use to move laterally, encrypt files, and create backdoors. Identifying Vulnerabilities: Discover common weaknesses like outdated software, misconfigured servers, and unprotected endpoints, plus actionable tips to fix them. Live Simulation: Watch a step-by-step live demo of a ransomware attack—from breach to ransom demand. Expert Analysi...

As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become more critical than ever, organizations find themselves caught in a difficult balancing act. They are struggling to manage the rising costs and complexities of business continuity and disaster recovery (BCDR) while ensuring that their business-critical data remains secure and recoverable. To help IT teams and managed service providers (MSPs) understand how their peers are navigating these challenges, the State of Backup and Recovery Report 2025 has gathered insights from more than 3,000 IT professionals, security experts and administrators worldwide. The report reveals how businesses are tackl...

The Need For Unified Security Google Workspace is where teams collaborate, share ideas, and get work done. But while it makes work easier, it also creates new security challenges. Cybercriminals are constantly evolving, finding ways to exploit misconfigurations, steal sensitive data, and hijack user accounts. Many organizations try to secure their environment by piecing together different security tools, hoping that multiple layers of protection will keep them safe.  But in reality, this patchwork approach often creates blind spots, making it harder—not easier—to defend against threats. To truly secure Google Workspace, businesses need a unified security strategy that offers complete protection without unnecessary complexity. The problem with most security solutions is that they only solve part of the puzzle. Point solutions, like tools that block malware or phishing attacks, might work well for a specific type of threat but fail to recognize suspicious user behavior, unauthori...

Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states - You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice . It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content. A previous version of this clause, which went into effect on February 26, said - When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox. The development came days after the company introduced a T...

Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce. The " Enterprise GenAI Data Security Report 2025 " by LayerX delivers unprecedented insights into the practical application of AI tools in the workplace, while highlighting critical vulnerabilities. Drawing on real-world telemetry from LayerX's enterprise clients, this report is one of the few reliable sources that details actual employee use of GenAI. For instance, it reveals that nearly 90% of enterprise AI usage occurs outside the visibility of IT, exposing organizations to significant risks such as data leakage and unauthorized access. Below we bring some of the report's key findings. Read the full report to refine and enhance your security strategies, leverage data...

Ransomware doesn't hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it's too late to stop the flood.  Each stage of a ransomware attack offers a small window to detect and stop the threat before it's too late. The problem is most organizations aren't monitoring for early warning signs - allowing attackers to quietly disable backups, escalate privileges, and evade detection until encryption locks everything down. By the time the ransomware note appears, your opportunities are gone.  Let's unpack the stages of a ransomware attack, how to stay resilient amidst constantly morphing indicators of compromise (IOCs), and why constant validation of your defense is a must to stay resilient. The Three Stages of a Ransomware Attack - and How to Detect It Ransomware attacks don't happen instantly. Attackers follow a st...

Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service ( Cloud KMS ) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with the National Institute of Standards and Technology's (NIST) post-quantum cryptography (PQC) standards, the final versions of which were formalized in August 2024. "Our Cloud KMS PQC roadmap includes support for the NIST post-quantum cryptography standards (FIPS 203, FIPS 204, FIPS 205, and future standards), in both software (Cloud KMS) and hardware (Cloud HSM)," the company's cloud division noted . "This can help customers perform quantum-safe key import and key exchange, encryption and decryption operations, and digital signature creation." The tech giant said its underlying software implementations of these standards – FIPS 203 (aka ML-KEM), FIPS 204 ...

Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data, arising from threats of foreign interference, espionage and sabotage," Stephanie Foster PSM, the Secretary of the Department of Home Affairs, said . "I have also considered the important need for a strong policy signal to critical infrastructure and other Australian governments regarding the unacceptable security risk associated with the use of Kaspersky Lab, Inc. products and web services." Foster further pointed out that entities are responsible for managing the risks arising from Kaspersky's extensive collection of user data and exposure of that data to extrajudicial di...

Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users' trusted devices retain sole access to the encryption keys used to unlock data stored in its cloud. This includes iCloud Backup, Photos, Notes, Reminders, Safari Bookmarks, voice memos, and data associated with its own apps. "We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy," the company was quoted as saying to Bloomberg. "ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices." Customers who are already using ADP ...

In today's rapidly evolving digital landscape, weak identity security isn't just a flaw—it's a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without a strategic plan, these security gaps can quickly turn into expensive liabilities. Join us for " Building Resilient Identity: Reducing Security Debt in 2025 " and discover smart, actionable strategies to protect your business against modern cyber threats. This webinar offers you a chance to cut through the complexity of identity security with clear, practical solutions. Our seasoned experts will show you how to detect risks early, optimize your resources, and upgrade your systems to stay ahead of emerging threats. What You'll Learn: Spot Hidden Risks: Uncover how weaknesses in identity security can lead to significant breaches and extra costs. Step-by-Step Solutions: Follo...

South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations. Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal Information Protection Commission (PIPC) said in a statement. The web service remains accessible. The agency said it commenced its own analysis of DeepSeek right after its launch and that it "identified some shortcomings in communication functions and personal information processing policies with third-party service providers." DeepSeek is said to have recently appointed a local representative, per PIPC, with the company also acknowledging it had failed to take into consideration domestic privacy laws when launching the service.  To that end, downloads of DeepSeek are being paused until the company implements the necessary improvements that bring the service in compliance...

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences. No question AI benefits users, but it also brings new security challenges, especially Identity-related security challenges. Let's explore what these challenges are and what you can do to face them with Okta. Which AI? Everyone talks about AI, but this term is very general, and several technologies fall under this umbrella. For example, symbolic AI uses technologies such as logic programming, expert systems, and semantic networks. Other approaches use neural networks, Bayesian networks, and other tools. Newer Generative AI uses Machine Learning (ML) and Large Language Models (LLM) as core technologies to generate content such as text, images, video, audio, etc. Many of the applications we use most often toda...

CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren't many resources to guide them on what their role should look like or what they should bring to these meetings.  We've pulled together a framework for security leaders to help push AI teams and committees further in their AI adoption—providing them with the necessary visibility and guardrails to succeed. Meet the CLEAR framework. If security teams want to play a pivotal role in their organization's AI journey, they should adopt the five steps of CLEAR to show immediate value to AI committees and leadership: C – Create an AI asset inventory L – Learn what users are doing E – Enforce your AI policy A – Apply AI use cases R – Reuse existing frameworks If you're looking for a solution to help take advantage of GenAI securely, check out Harmonic Security .  Alright, let's break down the CLEAR framework.  Create an AI Asset Invent...

Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture. With over 18,000 customers, Okta serves as the cornerstone of identity governance and security for organizations worldwide. However, this prominence has made it a prime target for cybercriminals who seek access to valuable corporate identities, applications, and sensitive data. Recently, Okta warned its customers of an increase in phishing social engineering attempts to impersonate Okta support personnel. Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with how continuous monitoring of your Okta security posture helps you avoid miscon...