In the latest "Proof of Concept," Lisa Sotto of Hunton Andrews Kurth LLP and former CISO David Pollino join ISMG editors discuss the first California consumer protection fine issued against retailer Sephora, defending against new ransomware tactics, and mitigating the impact of Zelle scams.
Australian health insurer Medibank told investors it stopped a probable ransomware attack before the attack could steal data or maliciously encrypt its systems. Australia has been undergoing an apparent spate of data breaches that continues with a breach of email addresses at e-commerce site MyDeal.
Plan for a ransomware attack the same way you plan for a hurricane, says Paige Peterson Sconzo, director of healthcare services at security firm Redacted Inc. A cyber incident capable of disrupting network connectivity requires careful thinking about how to revert to the pre-internet era.
Perennial leaders ForgeRock, Ping Identity and IBM, along with a surging Okta, set themselves apart from the pack of CIAM vendors in the latest report by KuppingerCole analysts. Ping Identity leapfrogged ForgeRock to capture the gold in product leadership, and IBM once again took the bronze.
Australian health insurer Medibank Group says it has found no evidence of data compromise following its Wednesday detection of unusual network activity. The company, which serves nearly 4 million Australians, restored access to its policy websites on Friday.
Looking to rationalize their security stacks and narrow their lists of critical suppliers, cybersecurity leaders are eyeing new consolidation strategies. WatchGuard's Corey Nachreiner opens up on the benefits of working with a single vendor or a small group of vendors.
Probe deep enough into a once-obscure subsystem in the Windows operating system called the Common Log File System and you might come out the other end with system privileges. Researchers on Zscaler’s ThreatLabz research team say the root cause of a recent CLFS zero-day resides in base file metadata.
Since credential leaks are so common in cybersecurity incidents and breaches, how is it even possible to protect identities? Corey Nachreiner of WatchGuard Technologies shares strategies for how enterprises can upgrade their approach to identity security.
The threats come at a scale that no enterprise has seen before, and it is harder to recruit and retain staff to detect and respond. Yet, how can business leaders determine if an MSP is capable of adapting as their organization's security needs change? WatchGuard's Corey Nachreiner shares advice.
In the latest weekly update, ISMG editors discuss the trending themes from the 2022 ISMG Southeast Summit, plans by cryptocurrency exchange Binance to implement security measures to shore up cross-chain vulnerabilities, and the viability of a proposed data flow agreement between the U.S. and Europe.
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
Security flaws in a vital signs monitoring device from a China-based manufacturer could allow hackers to launch an attack that spreads to all other devices connected to the same network. This is among the most serious security issues involving medical devices, says Jason Sinchak of Level Nine.
Cybersecurity firm Eset says its spotted multiple hacks in Israel coming from a Lebanese threat group dubbed Polonium that's affiliated with Iran. The group employs custom-coded backdoors that use a slew of cloud storage accounts to handle command and control.
A ransomware gang published 52 gigabytes of data it says it stole from Consorci Sanitari Integral, a Barcelona health organization of 3,000 physicians and staff. CSI acknowledge a "compromise in data confidentiality" but says its systems are fully recovered thanks to cloud backups.
The toll that cyber incidents can have on healthcare entities and their patients was especially felt this week by the parents of a 3-year-old child who received an accidental megadose of medicine - a mistake attributed to IT systems being offline at an Iowa medical center.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.