In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.
The Clop ransomware-as-a-service gang said it is behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot of your data as part of exceptional exploit," the gang says in a misspelled post on its dark web leak site.
Google patched a zero-day vulnerability in Chrome, warning consumers that the vulnerability is under active exploitation. The Silicon Valley giant revealed little Monday in a Chrome advisory about the vulnerability, other than saying it is a type confusion flaw in its V8 JavaScript rendering engine.
The Federal Trade Commission has filed an amended complaint against Kochava, as allowed by a federal judge who last month dismissed the agency's first shot at a lawsuit seeking to permanently stop the data analytics firm from selling geolocation data collected from mobile devices.
In this episode of "Cybersecurity Insights," Antoinette Hodes of Check Point Research discusses the need to consolidate an organization's cybersecurity posture, gain visibility into OT and IT assets, and use cybersecurity education to increase worker safety.
Cisco took its first major step toward realizing its secure cloud vision in April with the debut of a new extended detection and response platform. The next set of enhancements around generative AI, secure access and defending applications across multiple clouds debuted Tuesday at Cisco Live 2023.
Microsoft will pay $20 million to settle a U.S. federal investigation into whether the computing giant violated children's privacy protections during the Xbox Live registration process. The Federal Trade Commission accused the company of a slew of infractions.
Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review. Manasa Health Center will pay $30,000 and implement a corrective action plan, HHS said.
The Iowa Department of Health and Human Services has reported to federal regulators its third major health data breach involving a vendor since April. This time, Iowa HHS/Medicaid says the data of nearly 234,000 individuals was compromised in a mega hack recently reported by MCNA Insurance Co.
Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.
Despite the beating new publicly traded security companies have taken during the economic downturn, Rubrik is looking to test its luck in the public market. Reuters reported Monday the firm is working with Goldman Sachs, Barclays and Citigroup in preparation for an IPO that could take place in 2024.
Adversaries have taken advantage of a zero-day vulnerability in Progress Software's managed file transfer product to deploy web shells and steal data, Mandiant found. An unknown threat actor began exploiting the critical SQL injection vulnerability in MOVEit Transfer on May 27.
The U.S. Department of Defense says it will pay for Starlink satellite broadband access for Ukraine as it battles Russia's all-out invasion. Military experts say Starlink remains essential for supporting Ukraine's battlefield communications, including drone reconnaissance.
This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."
Hackers have exploited a critical zero-day vulnerability in Progress Software's managed file transfer offering in several customer environments. Progress warned of a critical SQL injection vulnerability in MOVEit Transfer that allows for "escalated privileges and potential unauthorized access."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.