De Eerste Kamer is akkoord gegaan met het voorstel voor de Wet gegevensverwerking door samenwerkingsverbanden (WGS), door tegenstanders ook wel 'datasurveillancewet' of 'Super SyRI' genoemd.

De fracties van BBB, VVD, CDA, D66, PVV, ChristenUnie, JA21, SGP, 50PLUS en OPNL stemden voor het wetsvoorstel van demissionair minister Yesilgöz van Justitie en Veiligheid. De fracties van GroenLinks-PvdA, PvdD, SP, FVD en Volt stemden tegen.

De WGS biedt een juridische basis voor overheidsorganisaties én private partijen, verenigd in samenwerkingsverbanden, om persoonsgegevens met elkaar te delen voor de bestrijding van fraude.

Astudy conducted by Kaspersky has unveiled that many online passwords are alarmingly vulnerable to being guessed by scammers within a minute.

Out of 193 million passwords analysed, over 87 million could be compromised in less than a minute, while only 23% of the passwords had the resistance to withstand such attacks for over a year.

The research examined passwords that were compromised by infostealers and available on the darknet. According to the findings, a large proportion of these passwords were easy targets for brute force and smart guessing attacks.

Singapore police scored a win with the arrests of two men accused of operating servers that enabled cybercrimes against Singaporeans and the dismantling of their supporting infrastructure.

In 2023, nearly 2,000 victims in Singapore downloaded malicious Android applications that allowed the scammers to steal device data, including bank information, according to a statement from the Singapore police.

Following a deep analysis of the malware by cybersecurity officials in Singapore, Hong Kong, and Malaysia, where the arrests were made, police were able to track the entire organization behind the attacks, including a syndicate accused of operating a fraudulent customer service center in Taiwan.

The private Australian health insurer Medibank did not have multi factor authentication protections on its private network when it was successfully hacked, new court filings allege.

The Office of the Australian Information Commissioner (OAIC) alleges a lack of multi factor authentication at Medibank led to the 2022 data hack of nearly 9.7 million current and previous customers.

Documents filed to the Federal Court on Monday by the OAIC allege the massive data breach stemmed from an employee of a Medibank contractor, an IT service desk operator, who saved his login details to a personal web browser installed on his work computer.

GlobalData predicts that global cybersecurity revenues across healthcare payors and providers will reach $11bn by 2027.

On June 4 2024, several major London hospitals were hit by a cyber-attack. The hospitals affected included Guy’s, St Thomas’, and the Evelina Children’s Hospital.

The hackers behind the attack targeted the pathology services provider Synnovis. As the healthcare sector deals with sensitive data and critical services, cyberattacks are especially costly.

Threat actors are using fake browser updates and software fixes to trick users into cutting/copying and pasting PowerShell scripts loaded with various malware strains — including remote access Trojans (RATs) and infostealers — to infect their computers.

Researchers from Proofpoint observed the socially engineered technique employed by initial access broker tracked as TA571, as well as an unidentified actor in the last three months, starting as early as March 1, they revealed in a blog post published June 17.

There appear to be two methods of social engineering used in the activity — one that offers fake browser updates in yet another ClearFake campaign, and the other that delivers error messages related to Word, Google Chrome, and OneDrive dubbed "ClickFix" by the researchers.

A new body looking to raise the standard of cybersecurity risk assessment across the maritime industry, the International Maritime Cyber Security Organisation (IMCSO), started work on Tuesday.

IMCSO also devised a certification programme for security consultants and a professional register, which will assist shipping organisations select experienced personnel.

The organisation will also validate report outputs to ensure consistency with reports held on a central database and make them accessible to the authorities and third parties that need to determine the risk status of a vessel.

Action1 researchers found an alarming increase in the total number of vulnerabilities across all enterprise software categories.

“With the NVD’s delay in associating Common Vulnerabilities and Exposures (CVE) identifiers with CPE (Common Platform Enumeration) data, our report comes at a critical moment, providing much-needed insights into the evolving vulnerability landscape for enterprise software,” said Mike Walters, President of Action1.

“Our goal is to arm key decision makers with essential knowledge so that they can prioritize their efforts in vulnerability monitoring using alternative approaches while the traditional reliance on NVDs is challenged.

The US Federal Trade Commission (FTC) has referred a complaint against TikTok and its Chinese parent company ByteDance over potential violations of children's privacy to the Department of Justice (DOJ).

The FTC says its own investigation "uncovered reason to believe" that the firms "are violating or are about to violate the law".

In a statement to BBC News, a TikTok spokesperson said they were disappointed by the decision. The case is separate from legislation passed earlier this year to ban TikTok in the US if ByteDance does not sell the business.

SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (NSM), and threat hunting. The project is developed and maintained by Stamus Networks.

SELKS is an effective production-grade solution for many small and medium-sized organizations. Since all the data in SELKS is generated by the Suricata engine, it is popular among network security practitioners who explore the capabilities of Suricata IDS/IPS/NSM and analyze the network protocol monitoring logs and alerts it generates.

By default, SELKS has over 28 default dashboards, more than 400 visualizations, and 24 predefined searches available.

Media analyst house NewsGuard tested chatbots from ten top AI developers, and found they all were willing to emit Russian disinformation to varying degrees.

For this study, the LLM-powered bots – including OpenAI's ChatGPT, Microsoft's Copilot, and Google's Gemini – were each given 57 prompts to complete. These prompts questioned false claims made in articles circulated by what's said to be a network of disinformation outlets dressed up as local news websites that ultimately serve Russian interests and push pro-Putin propaganda.

The prompts did not reference the articles directly. Rather, they queried the accuracy of the narratives of those stories, giving the bots a chance to shoot down the disinformation.