3rd Party Risk Management, Governance & Risk Management, Next-Generation Technologies & Secure Development SysTrack LsiAgent Installer Flaw Elevates Local Privileges Akshaya Asokan (asokan_akshaya) • February 7, 2025 Image: Shutterstock A critical vulnerability has been identified in the Microsoft installer for SysTrack LsiAgent, a product by Lakeside Software, enabling users with…
Hewlett Packard Enterprise Confirms Data Breach Linked to Russian State-Sponsored Hackers Hewlett Packard Enterprise (HPE) has notified a group of employees that their personal information was compromised during a cyberattack in May 2023, which was conducted by attackers affiliated with the Russian government. This breach specifically targeted HPE’s Office 365…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Summit to Address Open-Source, AI Governance, and Development Akshaya Asokan (asokan_akshaya) • February 7, 2025 Élysée Palace, the venue for the upcoming AI Action Summit in Paris (Image: Shutterstock) The prestigious Élysée Palace in Central Paris is set to welcome…
In a concerning development for cybersecurity, everyday employees are being targeted by malicious actors, encouraging them to participate in ransomware operations against their own employers. Recent insights from GroupSense, a cybersecurity firm, reveal that malware operators are not only delivering ransomware notices but are also attempting to recruit victims to…
The American Civil Liberties Union (ACLU) has raised significant concerns regarding the actions of Elon Musk’s Department of Government Efficiency (DOGE), asserting that it has gained unauthorized control over several federal computer systems that manage sensitive data protected by federal law. In a recent communication to federal lawmakers, the ACLU…
AI Safeguards Under Fire: DeepSeek’s Security Oversights DeepSeek, a cutting-edge open-source AI model developed by a Chinese tech firm, has come under intense scrutiny following revelations of significant security lapses and a data breach that compromised user information and API keys. During this week’s ISMG Editors’ Panel discussion, Sam Curry,…
Data Privacy Violations Under Investigation at CODAC Behavioral Health EDELSON, Pa. – February 7, 2025 – Edelson Lechtzin LLP, a prominent national class action law firm, has launched an investigation into potential data privacy violations involving CODAC, Inc. operating as CODAC Behavioral Health. The examination follows the organization’s discovery of…
Zero-Day Vulnerability Discovered in 7-Zip Amid Ongoing Conflict in Ukraine In recent developments, security researchers have identified a zero-day vulnerability in the widely used 7-Zip archiving application, which has reportedly been exploited in connection with Russia’s military operations in Ukraine. The vulnerability poses a significant security risk, as it allows…
Data Governance, Data Privacy, Data Security Experts Express Concern Over Musk’s Team and Health Data Access Marianne Kolbasuk McGee (HealthInfoSec) • February 6, 2025 The White House’s DOGE initiative, spearheaded by Elon Musk, has begun accessing federal IT systems to investigate fraud, raising significant privacy concerns (Image: CMS) Privacy experts…
