Foxit Software, the developer of popular PDF and document software, says user accounts were compromised in a breach. The company, which has 560 million users, isn't saying how the breach occurred, how many accounts were affected or for how long.
Bulgaria's Personal Data Protection Commission has fined the nation's tax agency $2.9 million for failing to stop a breach that leaked tax records for nearly all of the country's citizens. Meanwhile, prosecutors have filed related criminal charges against employees of a penetration testing company.
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
Applying a "zero trust" model is fast becoming essential for organizations as the mobile workforce uses a variety of devices to access applications and services running in-house and with external providers, says Duo Security's Jaret Osborne.
A federal grand jury indictment of Seattle software engineer Paige A. Thompson charges her with stealing 100 million records from Capital One, stealing data from at least 29 other organizations, as well as using hacked cloud computing servers to mine for cryptocurrency.
Security firm Imperva is notifying some of its Cloud Web Application Firewall customers about a "security incident" that exposed certain data, CEO Chris Hylen reports in a blog post. What risks does the exposure create?
French police say they've disrupted the operations of the Retadup malware gang by subverting attackers' command-and-control infrastructure to delete the malicious code from 850,000 infected PCs and servers worldwide. The move came after police received a tip and technical assistance from security firm Avast.
Network detection and response, endpoint detection and response, and SIEM are the "visibility triad" of critical data sources for effective threat hunting and incident response, says Matt Cauthorn of Extrahop, who explains why.
Apple released a patch on Monday that fixes a bug it accidentally reintroduced in a previous patch update. The flaw allowed iOS enthusiasts to jailbreak their up-to-date devices, but also could have been put to malicious use by hackers.
F. Ward Holloway of Forescout Technologies sorts through what he sees as common misconceptions about the "zero trust" approach to security, including the assumption that it can prove to be too costly and complex to implement.
Today's machine-speed attacks require an autonomous machine-speed response to mitigate the risk, says David Masson of Darktrace, who offers strategic insights.
Healthcare organizations must actively manage their in-house medical internet of things to ensure that they can provide high levels of patient care while minimizing the inevitable risks posed by internet-connected medical devices, says Fortified Health Security's Dan Dodson.
When crafting an identity and access management strategy, organizations need to balance the need for improved security with giving employees the freedom they need to do their jobs, says John Bennett of LastPass by LogMeIn.
More organizations are applying a highly automated "zero trust" model to ensure that they only give the right amount of privilege to the right user for the right amount of time, says Markku Rossi, CTO of SSH Communications Security.
The decline of the network perimeter as the cornerstone of enterprise cybersecurity means that CIOs and CISOs are increasingly focusing on identity to ensure that only the right people connect to systems, says Okta's Clare Cunniffe.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.