Scammers are stealing hotels' log-in credentials for online travel site Booking.com and targeting their customers, experts warn. In many cases, attackers use Booking's own messaging system to contact customers and request their payment card data, they say.
A new GAO report says federal agencies fail to provide health are providers and patients with enough resources and information to address critical vulnerabilities in a majority of medical devices in the U.S. that can result in "potential catastrophic impact to hospital operations and patient care."
In the latest weekly update, two analysts at Forrester - Allie Mellen and Jeff Pollard - join three editors at ISMG to discuss important cybersecurity issues, including CISOs' primary inquiries about AI/ML, how organizations can thwart data poisoning attacks, and practical use cases for AI.
Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base. The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont.
With the surge in major cyber incidents involving third-party suppliers, it's critical for healthcare sector entities to raise their security expectations and tighten their requirements for vendors handling sensitive data, said Renee Broadbent, CIO of Southern New England Healthcare.
Google rolled out security updates Wednesday for its Chrome web browser to fix a critical vulnerability exploited in the wild. The zero-day vulnerability is a heap-based buffer overflow bug in the WebRTC framework that allows real-time communication between different browsers and devices.
The explosion in applications using genomic data - from drug and vaccine development and consumer ancestry testing to law enforcement work - is heightening the need to carefully address critical privacy and security concerns around this sensitive data, government authorities say in a new report.
The DFIR landscape is constantly evolving, driven by technological advancements and new cyberthreats. "Tsurugi," developed by Giovanni Rattaro, senior cybersecurity expert, and Marco Giorgi, senior DFIR analyst, is an open-source Linux distribution project designed for blue teams.
Cisco announced plans to acquire another cloud security startup as part of a series of recent acquisitions and investments in the company’s multi-cloud networking capabilities and security offerings, including the major $28 billion acquisition of Splunk.
This week, MongoDB blamed a phishing email for causing unauthorized access to its corporate environment, hackers interrupted VF Corp. holiday shipping, Britain electrical grid operator National Grid dropped a Chinese supplier, German authorities shut down an online criminal bazaar, and more.
Air Force Lt. Gen. Timothy Haugh has been confirmed as the next head of the NSA and U.S. Cyber Command after Sen. Tommy Tuberville, R-Ala., ended a 10-month protest over a Pentagon policy allowing service members to seek travel reimbursement and paid time off when in need of an abortion.
This week, Ledger looked to reimburse hack victims, NFT Trader suffered a $3 million theft, the U.S. DOJ announced the first criminal case involving a DeFi smart contract, a court approved Binance's settlement with the U.S. CFTC and a Nigerian court sentenced a pig -butchering scammer.
The Cybersecurity and Infrastructure Security Agency announced plans to launch a two-year effort beginning in 2024 to modernize its legacy Automated Indicator Sharing program as part of an effort to enhance collaboration with the private sector and provide more actionable data to its partners.
The U.S. National Institute of Standards and Technology is soliciting public guidance on implementation of an October White House executive order seeking safeguards for artificial intelligence. The order directed the agency to establish guidelines for developers of AI to conduct red-teaming tests.
The Federal Trade Commission has banned Rite Aid from using AI-based facial recognition technology for security surveillance for five years after the retail drug store chain failed to implement safeguards such as mitigating risks for inaccurate outputs based on race and gender.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.