Sensitive Information stories - Page 2

CloudSEK has uncovered over 30,000 exposed Postman workspaces leaking sensitive API keys, affecting major firms across healthcare, finance, and sports sectors.

A new report by DeepL reveals that 87% of legal professionals find AI tools enhance their work, marking a significant shift in the legal sector.

Upwind has launched its Shift Left capability, enhancing CI/CD pipelines by integrating runtime context to help developers prioritise vulnerabilities.

Australia's new Scam Prevention Framework compels banks and telecoms to tackle rising scams, with fines of up to AUD $50 million for non-compliance.

Research by Apricorn reveals that the adoption of encryption policies among UK organisations has doubled in 2024, with 46% now mandating encryption for all data.

Genesis Energy partners with Informatica to implement AI-powered data governance, aiming to enhance data quality, streamline operations, and support advanced AI solutions.

A cyberattack disrupted services at 20 UK railway stations, exposing security flaws in public transport infrastructure and raising public anxiety over data breaches.

Vectra AI reveals a critical Transitive Access Abuse vulnerability in Google Cloud's Document AI, raising data exfiltration risk for users.

Cybercriminals exploit popular content platforms to launch sophisticated phishing attacks, targeting users in Singapore and the Asia-Pacific region.

Report reveals grave cybersecurity flaws, with 97% of Non-Human Identities having excessive privileges and 44% of tokens exposed.

Barracuda reveals cybercriminals exploiting content platforms for phishing, targeting educational institutions and businesses worldwide with deceitful emails.

Nuix has launched Cognitive AI to boost its Discover platform's efficiency in document review, promising enhanced speed, accuracy, and cost savings.

Tenable uncovers a critical SSRF vulnerability in Microsoft's Copilot Studio that could expose sensitive information across multiple tenants. Microsoft has since issued a fix.

Businesses adopting generative AI tools must implement Confidential AI solutions to protect proprietary data and maintain robust Zero Trust policies.

Kaspersky has uncovered a sophisticated cyber fraud scheme, 'Tusk,' exploiting popular trends like web3 and AI to steal cryptocurrency and sensitive data.

Thousands of websites using Oracle NetSuite's SuiteCommerce may be leaking private customer information due to misconfigured access controls.

Barracuda Networks reports a new wave of phishing attacks using advanced “infostealer” malware that exfiltrates extensive sensitive data, urging enhanced cybersecurity measures.

Kaspersky warns that AI’s growing accessibility is enabling cybercriminals to launch sophisticated attacks, making robust AI defences crucial.

Cybersecurity experts have commended the Australian Government's PSPF Direction 002-2024 mandate, aimed at enhancing risk management in vulnerable technologies.

Employees' widespread use of GenAI apps poses privacy risks as 30.8% of these tools train on customer data, a new study by Harmonic Security reveals.