A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly 137,000 patients, about five times the number of people originally estimated as having been affected by the incident.
Are unsolicited smartwatches the new USB thumb drive? The U.S. Army warns that service members are being sent free wearables preloaded with malware designed to steal data from mobile devices as well as intercept voice communications and hijack cameras.
Millions of GitHub repositories are vulnerable to a repository renaming flaw that could enable supply chain attacks, a new report by security firm Aqua said. It found 36,983 GitHub repositories vulnerable to repo jacking attacks, including Google and Lyft.
Every week, ISMG rounds up cybersecurity incidents around the world. This week, attackers hit European Investment Bank; a California pension fund suffered a cyberattack related to MOVEit; UPS Canada disclosed a data breach; and a new Android malware campaign spread GravityRAT spyware.
Exabeam will have its third CEO since June 2021 after promoting Chief Product Officer Adam Geller to take over as its top leader. The security operations vendor elevated Geller to replace Michael DeCesare, 57, who joined Exabeam as president and CEO two years ago after leading Forescout for years.
The security benefits of public cloud outweigh the drawbacks since cyber controls can be applied much earlier in the application development life cycle. Palo Alto Networks founder and Chief Technology Officer Nir Zuk said development procedures in traditional data centers are "a complete mess."
The first step in managing risk is recognizing it as a boardroom matter, and it demands that directors be prepared to understand and discuss the cyber issue and strategically guide C-level executives on this complex topic. It requires cyber competence in the boardroom, said CISO Marco Túlio Moraes.
A service selling DDoS disruptions via a Mirai-based botnet called Condi is the latest to target consumer-grade Wi-Fi routers made by TP-Link with firmware not yet patched to fix a known flaw. Unusually, a recently spotted sample of Condi has been stripped down to target only that flaw.
Federal market regulators delayed until October a decision on rules mandating private sector disclosure of cybersecurity incidents and cyber expertise on public boards. The delay comes amid pushback to a mandate to disclose a "material cybersecurity incident" within four business days of discovery.
Pro-Russian and self-declared "hacktivist" group Anonymous Sudan appears to use expensive online infrastructure to perpetuate distributed denial-of-service attacks, undermining its claim to be a volunteer group operating from an impoverished East African country.
A surging Sonatype and Snyk joined stalwart Synopsys atop Forrester's software composition analysis rankings, while Mend.io tumbled from the leaders category. SCA historically didn't get as much attention as application security testing but that’s changing, said Forrester's Janet Worthington.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
The litany of outages plaguing Azure and Microsoft 365 in recent weeks stems from DDoS attacks carried out by a pro-Russian hacktivist group. The threat actor since early June has launched DDoS attacks from multiple cloud services and open proxy infrastructures thanks to its collection of botnets.
The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
C5 Capital extended struggling threat detection firm IronNet a financial lifeline contingent on retired four-star Gen. Keith Alexander stepping down as CEO of the company he founded. The venture capital firm will inject $51 million if IronNet hires ex-Houghton Mifflin Harcourt CEO Linda Zecher.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.