A hacker exploited a smart contract bug to steal about $29 million from DEX aggregator Transit Finance. Within hours of the theft, the attacker returned nearly $19 million - but not before keeping a $2 million "bug bounty" and losing $1.1 million to a bot theft.
A council chaired by Treasury Secretary Janet Yellen and comprised of the heads of major federal financial regulatory agencies called on Congress to more closely regulate the spot market for crypto assets. A report from the council identifies risks in digital assets, including cybersecurity.
The healthcare sector has long faced unique challenges involving identity and access management, but the novel coronavirus pandemic and various other key drivers are accentuating those issues, says Rebecca Archambault, senior director analyst at Gartner.
Upscale Asian hotelier Shangri-La Group has copped to a data breach incident that may affect hundreds of thousands of guests. The hotel detected unauthorized access to its guest database in July but didn't notify guests or regulators until September.
While vArmour has enjoyed success in banking, the U.S. government is now the fastest-growing part of its business. CEO Tim Eades says much of the government doesn't understand the relationships and dependencies among vArmour's applications or the consequences of an application going down.
A Senate committee this week approved a bill that would create governmentwide standards for identity verification and provide grants to help states and local agencies upgrade ID systems and offer online digital identity services. Supporter Jeremy Grant hopes to see a full Senate vote in 2022.
Passwords are supported everywhere. But, says Andrew Shikiar, executive director of the FIDO Alliance, "they have been proven time and time again to simply be unfit for today's networked economy." In this episode of "Cybersecurity Unplugged," Shikiar discusses how to move beyond passwords.
The steady barrage of acquisition reports around publicly traded digital experience vendor Akamai has intensified in recent weeks. The latest salvo landed Monday when StreetInsider reported that the intelligent edge platform provider held talks with a private equity firm about a potential takeover.
The U.S. Department of Defense uncovered almost 350 vulnerabilities in the department's networks as part of its experimental bug bounty program launched on American Independence Day. The weeklong bug bounty challenge called "Hack U.S." ran from July Fourth to July 11.
North Korea is using weaponized versions of open-source utilities to spy on the technology, defense and entertainment sectors worldwide. Microsoft says it spotted fake profiles of supposed job recruiters who really are Pyongyang hackers manipulating victims into downloading Trojans.
Cloudflare has joined forces with 26 venture capital firms to provide up to $1.25 billion in financing to startups building on the company's developer platform. The Workers Launchpad Funding Program will connect developers with investors around the world to scale their startups faster.
A Maryland couple faces federal indictment for an alleged conspiracy to provide the Russian government with military medical records. Anna Gabrielian and U.S. Army Maj. Jamie Lee Henry supplied an undercover FBI agent with medical records of military personnel.
Security firms must increasingly follow U.S. government security requirements even if they don't serve federal agencies themselves, says Avi Shua, Orca Security co-founder and CEO. That's because cloud vendors such as Orca often serve businesses that contract or subcontract with the U.S. government.
In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
Hackers, possibly Chinese, are exploiting Microsoft Exchange zero-day vulnerabilities to apparently implant backdoors and steal credentials. The computing giant says it doesn't yet have a patch, telling systems administrators to instead implement workarounds.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.
