Security researchers from Microsoft disclosed flaws in a software development kit used for industrial applications, warning that hackers could attempt remote code execution. The computer giant says the flaws are in the Codesys software environment developed by the Germany company of the same name.
Public companies disclosing a cyber incident under the new U.S. reporting requirements should focus on the business impact and stay away from the technical pieces, said Venable's Grant Schneider. The disclosure should examine how the incident will affect revenue, profitability and public perception.
In the latest weekly update, ISMG editors discuss the White House's debut of a $20 million contest to exterminate bugs with AI, a New York man admitting to being behind the Bitfinex hack, and a new malware campaign that is targeting newbie cybercriminals in order to steal sensitive information.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Aaron Cockerill of Lookout discussed the benefits and concerns associated with generative AI and how to solve challenges related to zero-day attacks, misconfigurations, the cyber skills gap and privacy.
In an after-action report on how the Lapsus$ crime group hacked "dozens of well-defended companies with low-complexity attacks," the U.S. Cyber Safety Review Board urges organizations to implement more robust two-factor authentication systems, plus regulations to combat SIM swapping.
A nonprofit firm that administers government dental programs in Canada paid a "substantial" ransom for a decryptor key and the destruction of data stolen in a recent ransomware attack. But the company is now notifying nearly 1.5 million individuals that the hack compromised their data.
In the latest "Proof of Concept," Mike Baker, VP/IT CISO at DXC Technology and a CyberEdBoard member, and Chris Hughes, co-founder and CISO at Aquia, join ISMG editors to explore the state of the software supply chain, MOVEit breaches and the role of SBOMs and transparency in software development.
A Chinese state-sponsored spy group called RedHotel has emerged as a dominant espionage agent against government entities of at least 17 countries worldwide. Researchers said the motives and operations of the group closely link it to China's Ministry of State Security.
Perimeter 81 will be sold to Check Point for $490 million, but it had to slash its valuation by more than half to seal the deal. Check Point said its proposed buy of New York-based Perimeter 81 will fuel the adoption of secure access across remote users, sites, cloud, data centers and the internet.
Changing technologies and markets require adapting an organization's overall cybersecurity strategy, including the scope of our risk management, and then reviewing and adjusting our operational program to deliver the revised vision, said Akm Hasan, head of cybersecurity at Hays PLC.
Legacy infusion pumps commonly available for purchase on the secondary market often contain wireless authentication and other sensitive data that the original medical organization owners failed to purge, warned researcher Deral Heiland, citing a recent study conducted by security firm Rapid7.
Tampa General Hospital is facing at least three proposed federal class action lawsuits filed in recent days following the nonprofit Florida healthcare provider's disclosure late last month of a data theft incident that affected 1.3 million patients and employees.
Many security awareness training programs fail because organizations don't understand the risks they face, said Culture AI's John Scott. He said a successful training program "will help people by making sure that it's targeting the behaviors that address the key risks for the organization."
Citing several growing concerns, Sen. Mark Warner, D-Va., on Tuesday sent a letter quizzing Google CEO Sundar Pichai about how the tech giant is applying privacy, trust and ethical "guardrails" around the development and use of its generative AI product, Med-PaLM 2, in patient care settings.
Collaborative AI - the process of one AI model learning from another - is one of the most effective ways for financial institutions to fight the sophisticated techniques fraudsters use for scams, said Johan Gerber, executive vice president of security and cyber innovation at Mastercard.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.