An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
Microsoft has issued a slew of software updates to patch numerous flaws, including three zero-day vulnerabilities that are already being exploited via in-the-wild attacks. Another fix addresses a prior update that inadvertently reintroduced vulnerable components to Windows 10.
Maintaining user experience, unmanaged devices, securing the hybrid workspace - these are three edge security challenges for enterprises in 2024. How has the SASE approach evolved to help them? Angshuman Chattopadhyay of Wipro and Anupam Upadhyaya of Palo Alto Networks weigh in on SASE's evolution.
ColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.
The British data protection authority and national law enforcement agency signed onto a cyber risk information-swapping agreement. The National Crime Agency and the Information Commissioner's Office will share cyberthreat assessments and information about incidents.
Commerce Secretary Gina Raimondo unveiled a new data tool Tuesday called Scale. It assesses a wide range of factors affecting supply chains to provide a detailed analysis of potential risks and challenges, from labor shortages to climate challenges and geopolitical tensions.
Progress Software released an urgent patch Thursday to fix a critical vulnerability that hackers could exploit to launch remote attacks. The company is no stranger to urgent patching. It was at the center of a Memorial Day 2023 mass hacking incident.
Security experts are urging all Veeam Backup & Replication users to immediately update their software to patch a flaw that attackers can remotely exploit to take full control of a system. Experts say ransomware groups likely will target the critical-severity vulnerability for double extortion.
Texas Attorney General Ken Paxton is suing the Biden administration, alleging that "unlawful" HIPAA Privacy Rule regulations are hindering the state's law enforcement investigations into abortion cases and other reproductive health care cases.
Absolute Security has strengthened its platform with the acquisition of Syxsense, adding powerful automated vulnerability management tools to its existing endpoint security capabilities. The move aims to improve security compliance and simplify complex remediation tasks for organizations.
Federal authorities are alerting healthcare entities of vulnerabilities - including older flaws - that put Apache Tomcat at risk for attacks if left unmitigated. The open-source web server is heavily used in healthcare for hosting electronic health record and other systems and applications.
Cybercriminals are using a critical remote code execution vulnerability in an open-source geospatial data platform to spread malware globally across several industries. GeoServer Project maintainers released a patch on July 1. The vulnerability has a CVSS score of 9.8 out of 10.
ISMG's Cybersecurity Pulse Report Black Hat 2024 Edition delivers a deep dive into the most critical security challenges discussed at this year's conference. This report, created through advanced AI-driven analysis, compiles expert insights on topics ranging from AI tech to critical infrastructure.
Competition has been increasing in the cyber insurance market, leading to a "moderate" decrease in insurance premiums after several years of rate increases. So reports Moody's Ratings, which said that the changes were driven by an influx of new players that is likely to continue.
IT concentration risk could pose major problems for financial institutions that rely heavily on one vendor for critical services. United Overseas Bank's Gaurav Gupta recommends CIOs hold vendors accountable for resilience and look for ways to diversify to ensure business continuity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.