Supply chain risk has become more critical in the post-pandemic world, and that means you need to ask "much more focused, targeted questions" about your partners, according to Sawan Joshi, director of information security at Cervest, a climate intelligence startup.
Hackers who turned a zero-day in Fortra's GoAnywhere software into a bonanza of ransomware attacks for Russian-speaking extortion group Clop first penetrated the company's software in January. Hackers exploited some on-premises instances of the file transfer software as early as Jan. 18.
Between April 14 and 20, hackers stole $23 million from Bitrue, $7 million from Hundred Finance and $10.5 million from 11 blockchains. The SafeMoon hacker returned 80% of the stolen $8.9 million, MetaMask suffered a third-party breach and Kyber Network advised LPs to withdraw funds from Elastic.
North Korean hackers' attack on desktop phone developer 3CX was the fruit of a separate and previously undisclosed supply chain attack on a financial trading software developer, is the conclusion of the Mandiant forensics team brought in to investigate.
The potential use cases for generative AI technology in healthcare appear limitless, but they're weighted with an array of potential privacy, security and HIPAA regulatory issues, says privacy attorney Adam Greene of the law firm Davis Wright Tremaine.
The global commercial spyware market will expand over the next five years as demand for advanced surveillance tools by governments surges, says a new report from the U.K.'s National Cyber Security Center. The NCSC assesses that at least 80 countries have purchased advanced spyware apps.
Sanitize IT gear before decommissioning is well-trod cybersecurity advice given to corporations everywhere and yet many persist in disposing of equipment still laden with sensitive data. Cybersecurity firm Eset says it found a wealth of corporate data on secondhand routers.
House Oversight Committee members on Thursday called for the firing of whoever caused the DC Health Benefit Exchange breach and exposed the personal information of Congress members on a dark web forum. The breached was blamed on "human error" and a server configured with no authentication controls.
The U.S. weapons arsenal developed without a zero trust architecture is at growing risk from cyberattacks, lawmakers heard today in a panel dedicated to how artificial intelligence can simultaneously help and hurt efforts to protect warfighters from digital attacks.
An Iranian state hacking group shifted from espionage to direct targeting of U.S. critical infrastructure - a likely indicator of newfound aggression by the national security apparatus, says Microsoft. One sign of Iran's new intensity is quicker uptake of exploits of newly disclosed vulnerabilities.
Britain's National Cyber Security Centre said Russian hacktivists have ambitions of becoming a larger threat to Western critical infrastructure. "Disclosing this threat is not something we do lightly," said U.K. Cabinet Office Secretary of State Oliver Dowden.
The Russian government continues to use an array of phishing attacks and information operations - including hack-and-leak efforts and running hacktivist groups such as CyberArmyofRussia - to support its illegal invasion of Ukraine, Google researchers report.
Akamai Technologies has agreed to purchase a finalist in last year's RSA Conference Innovation Sandbox Contest to get more visibility into the API threat landscape. Silicon Valley-based Neosec will help customers discover all their APIs, assess their risk and respond to vulnerabilities and attacks.
Vendors should be more transparent and faster in communicating when they experience a breach or other security incident that affect clients' data, says Anahi Santiago, CISO at ChristianaCare. "Sometimes we find out about these incidents through our third-party monitoring systems," she said.
Generative AI tools such as ChatGPT will undoubtedly change the way clinicians and healthcare cybersecurity professionals work, but the use of these technologies come with security, privacy and legal concerns, says Lee Kim of the Healthcare Information Management and Systems Society.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.