A mobile security vendor patched a critically rated zero-day vulnerability in its endpoint management platform that had been used by unknown hackers to attack the Norwegian government. The flaw is rated 10 on the CVSS scale. Multiple governments use the platform - the Ivanti Endpoint Manager Mobile.
The rapid adoption of cloud is a double-edged sword. While it offers organizations great opportunities for embracing innovation, it also outpaces security measures, leaving gaps for attackers to exploit. James Campbell, CEO of Cado Security, discussed the risks and vulnerabilities.
General cyber hygiene has gotten worse at small and midsized businesses, according to Simon Newman, CEO of the Cyber Resilience Center for London. "Businesses are less able to spot that they've been a victim than they perhaps have in previous years," he said.
Attackers are increasingly using carefully crafted business logic exploits in which attackers effectively social engineer an API to do something it wasn’t intended to do, according to Stephanie Best, director of product marketing for API security at Salt Security.
The average cost of a data breach worldwide dropped slightly to $4.45 million in 2023, according to a new IBM survey. But breach victims in Japan, India and the ASEAN region have faced rising data breach costs over the past year, rivalling the losses suffered by organizations in Europe.
Thales has agreed to purchase Imperva for $3.6 billion to enter the application and API security market and expand its footprint in data security. The deal will add a robust web application firewall along with capabilities in API protection and data discovery and classification to Thales' portfolio.
Security researchers uncovered multiple vulnerabilities in a widely used radio communication system used by law enforcement and in critical infrastructure for data transmission that could allow remote decryption of cryptographically protected communications.
In a bid to revolutionize information security training and make it more engaging and memorable for employees, Ivan Milenkovic, group CISO at WebHelp, advises firms to adopt gamification and interactive content in corporate training to make it more accessible and memorable for employees.
SMBs must deal with heightened digital risk despite having less resources, personnel and intelligence than their larger counterparts, said Qualys CEO Sumedh Thakar. Firms rely on different teams and tools to discover assets, find misconfigurations and vulnerabilities, prioritize them and patch them.
A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago.
OneTrust hauled in $150 million a year after laying off 950 employees but had to slash its valuation by $800 million to seal the deal. The Atlanta-based company intends to use the proceeds to accelerate its growth and fulfill customer demand for trust intelligence software.
Now that the long-awaited FedNow faster-payment program is operating, experts debate whether U.S. financial institutions will embrace the payment ecosystem and whether the Federal Reserve and the banking industry can overcome implementation challenges and mitigate cybersecurity and fraud issues.
Hackers are targeting Japanese Android users with a new smishing campaign to employ a new version of SpyNote malware. The attackers impersonate a Japanese public utilities company putatively concerned about payment problems to lure victims onto rogue website and infect their devices.
Unknown hackers attacked a dozen Norwegian government ministries through a zero day vulnerability present in a shared digital platform, the Oslo government disclosed Monday. The prime minister's office and the ministries of defense, justice and foreign affairs were unaffected.
The count of organizations and individuals affected by Clop's attack on MOVEit file-transfer users has increased, with the Teachers Insurance and Annuity Association of America reporting that 2.6 million members' personal details were exposed when Clop hit service provider PBI Research.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.