Federal regulators accused SolarWinds and CISO Tim Brown of fraud and internal control failures for misleading investors about the company's cybersecurity practices and risks. The SEC said SolarWinds and Brown disclosed only generic and hypothetical risks even though they knew about specific issues.
Costco warehouse customers often get free samples of cheese and beef jerky. But members who fill their prescriptions online at Costco pharmacies allegedly get their sensitive information unlawfully scraped and transmitted to third parties, claim two proposed federal class action lawsuits.
U.S. President Joe Biden is invoking a Cold War-era law in an executive order directing developers of advanced AI models to notify the government and share safety tests. The order is "the strongest set of actions any government in the world has ever taken on AI safety," a White House official said.
The U.K. communication regulator laid down plans to implement a controversial regulation intended to prevent online child sexual abuse material after it officially became law. The Online Safety Bill received royal assent on Thursday after it was cleared by the parliament in September.
In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.
Consumer lenders such as mortgage brokers, auto dealers and payday lenders must soon report data breaches to the Federal Trade Commission under a revised regulation that mandates public disclosure. The new disclosure requirement will become effective in six months.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential-stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
Welcome to "Cyber Fail." In this ISMG program, our experts uncover fails so we can strengthen our defenses. In this episode, we take on deepfakes, hallucinating chatbots, the fate of humanity and why you should never put your trust in a ransomware gang.
In the latest "Proof of Concept," DXC Technology IT CISO and CyberEdBoard member Mike Baker and Chris Hughes, co-founder and CISO of Aquia, join ISMG editors to discuss benefits, challenges and misconceptions of adopting open-source software in modern code bases - plus best practices for securing them.
This week: Sam Bankman-Fried says he'll testify, FinCEN proposed recording crypto transactions involving mixers, a financial investigation firm used NFTs to track stolen funds, Atomic Wallet froze $2 million of $100 million in hacked funds and advocates challenged the US SEC's Binance lawsuit.
The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: long-timer LockBit followed by newcomer LostTrust, with other new groups also having a notable impact.
A top European official pushed back against accusations she let American and British organizations influence a proposal requiring messenger apps to scan for child sexual abuse material. "The proposal was drafted under my direct guidance," said Commissioner for Home Affairs Minister Ylva Johansson
The Australian government is close to introducing standards to shore up the security of the down under country's fast-growing solar market amid reports that Chinese state-sponsored hackers might target internet-connected solar inverters and cause blackouts.
The unique characteristics of the telecommunications industry pose significant challenges to the implementation of robust vulnerability management programs. Security director Ian Keller lists the top four challenges and discusses strategies to overcome them.
In recent years, the adoption of public cloud infrastructures has surged, providing organizations with unparalleled flexibility and scalability. But this shift has also introduced a new set of challenges when it comes to protecting web applications and APIs that are hosted on these platforms.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.