Internet appliance maker Ivanti warned customers Tuesday that attackers are actively exploiting new vulnerabilities in Cloud Services Appliance instances by chaining three security flaws with a zero-day patched in September. The company advised customers to update to version 5.0.
As digital transformation continues to reshape industries, the convergence of operational technology and cybersecurity has emerged as a critical area of focus. But there's a noticeable gap in the workforce. Professionals who truly understand both OT and cybersecurity are in short supply.
With the acquisition of New York-based startup Kivera, Cloudflare will enhance its Cloudflare One platform, adding proactive controls that secure cloud environments, prevent misconfigurations and improve regulatory compliance for businesses using multiple cloud providers.
The United Kingdom's National Health Service said nearly all services disrupted by a June ransomware attack on pathology laboratory services provider Synnovis are finally back online. The incident triggered a national blood supply shortage and forced cancellation of thousands of medical procedures.
Time ran out for a non-binding takeover bid from the French government for the cybersecurity business of beleaguered Parisian IT consultancy Atos. Among the world's largest managed security service providers, the financially struggling firm is strategically important to the French government.
At the recent Cybersecurity Summit: Canada East, hosted by Information Security Media Group, cybersecurity leaders, industry experts and top executives discussed the surge in ransomware attacks, the integration of AI into security frameworks and growing personal liability concerns for CISOs.
With the NIS2 Directive fast approaching, cybersecurity has evolved from a technical challenge to a critical business priority. Avani Desai, CEO at Schellman, highlights the growing responsibility of boards and executives to oversee cybersecurity risk management.
Illumio and Akamai remained atop Forrester's microsegmentation rankings, while ColorTokens and Cisco climbed into the leader space.The microsegmentation market has expanded beyond traditional on-premises networks to address modern public cloud workloads.
Targeted advertising may face additional restrictions following a ruling by the top European Union court that social media giant Meta cannot indefinitely retain user data. Nor can it use data for advertising "without distinction as to type of data," the European Court of Justice said Friday.
Ivanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthenticated attackers within the same network to execute arbitrary code.
Thousands of online stores running Adobe Commerce and Magento software have been hacked since the summer and infected with digital payment skimmers by attackers targeting a vulnerability known as CosmicSting. While patched by Adobe in June, users also need to forcibly invalidate stolen credentials.
A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.
While the number of ransomware attacks stayed about the same in the past year, cybercriminals are using more effective tactics such as weaponizing breach disclosure deadlines to extract higher ransoms, according to ENISA's 2024 Threat Landscape report.
Don't pull data from an operational technology network: OT networks should push data out. Segment critical OT networks. Don't introduce cybersecurity systems into an OT network unless administrators can guarantee they won't hinder a restart after a complete loss of electricity.
A top official from the U.S. Cybersecurity and Infrastructure Security Agency said Thursday the agency is planning to review updated federal implementation plans and ensure agencies are aligning with zero trust security objectives and addressing any funding gaps or technical challenges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.