Attackers wielding ransomware collectively earned over $1 billion last year - breaking previous records. Their increasingly sophisticated attacks targeted "high-profile institutions and critical infrastructure, including hospitals, schools and government," reported Chainalysis.
The U.S. Cybersecurity and Infrastructure Security Agency urged critical infrastructure owners to patch systems after publishing a warning that Chinese hackers are evading detection and maintaining persistent unauthorized access in U.S. information technology environments.
Breathless reports claim 3 million IoT toothbrushes have been remotely compromised and used to target unsuspecting businesses via distributed denial-of-service attacks. Just one problem: This story has more holes in it than the teeth of kid with a 10-pack-a-day Gummy Bear habit.
Chinese espionage hackers penetrated Dutch military systems in early 2023, using a zero-day exploit in a Fortinet virtual private network to obtain access, Netherlands intelligence agencies disclosed Tuesday. They attributed the hacking to Chinese state actors with high confidence.
HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.
The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
A federal judge has denied Kochava's latest attempt to ditch a Federal Trade Commission lawsuit alleging the firm is invading consumers' privacy and exposing them to risk by collecting and selling their location data to third parties. The FTC is also pursuing other cases against data brokers.
The escalating adoption of generative AI has introduced concerns regarding data privacy, fake data and bias amplification. Ashley Casovan, managing director of the IAPP AI Governance Center, discusses the need to develop governance models and standardize AI systems.
Greater diplomacy and faster vulnerability identification and remediation, backed by more bug bounty programs, are needed to combat the ongoing rise of advanced surveillance tools now being offered by at least 40 commercial spyware vendors, said Google's Threat Analysis Group.
In times of conflict, such as the Israel-Hamas war, intelligence becomes even more important than it is in peacetime. Red Curry, chief marketing officer at Tautuk, and his brother, Sam Curry, CISO at Zscaler, discuss the need for a combined intelligence strategy and better resilience in wartime.
Network systems - including phones, email, electronic health records and patient portals - remain offline at a Chicago children's hospital and research center nearly a week after it was hit by a cyberattack. Such incidents targeting entities that cater to kids are especially egregious, experts say.
Fraudsters used deepfake technology to trick an employee at a Hong Kong-based multinational company to transfer $25.57 million to their bank accounts. Hong Kong Police said Sunday that the fraudsters had created deepfake likenesses of top company executives in a video conference to fool the worker.
A U.K. parliamentary committee scrutinizing the artificial intelligence market urged the British competition regulator to closely monitor developers of foundation models and warned against regulatory capture. Already, the market is trending toward consolidation, said a House of Lords committee.
Financial giant EquiLend Holdings said it's brought back online multiple systems, including its NGT platform that handles securities lending transactions worth $2.4 trillion every month, following an outage triggered by ransomware-wielding attackers gaining unauthorized access to its systems.
Remote desktop application provider AnyDesk acknowledged that hackers recently had gained unauthorized access to the company's production systems in a cyberattack. The firm said it has revoked all security-related certificates as a precaution and is rolling out a new code-signing certificate.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.