Vulnerabilities in the Cisco ASA and Cisco FTD firewalls can lead to a denial of service attack, says Positive Technologies researcher Nikita Abramov. There is no workaround that addresses these vulnerabilities, but Cisco has released software updates and asks users to install them immediately.
The U.S. government warns all businesses that they're at elevated risk of online attacks during Thanksgiving, given attackers' proclivity to strike on weekends and holidays. The alert is a reminder of the importance of having in place well-practiced incident response plans. Here's where to start.
A new report by Huawei Technologies USA and Reuters calls for greater international collaboration around transparency and cyber accountability. "Just having requirements isn't good enough. There needs to be an ability to tell whether or not the requirements are being met," says CSO Andy Purdy.
Web hosting giant GoDaddy confirms that a data breach which affected about 1.2 million of its active and inactive Managed WordPress customers, has also hit Managed WordPress users tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe.
Reports of NHS data being exposed following a ransomware attack on U.K.-based data capture and storage company Stor-a-File are incorrect, an NHS Digital spokesperson tells ISMG. "Most NHS data was held offline and not affected in the Stor-a-File hack."
U.S. federal banking regulators have approved a new rule that will require banks to notify regulators no later than 36 hours after the organization determines it has suffered a qualifying "computer-security incident," the nation's top financial agencies announced this week.
Federal regulators and Philips issued advisories pertaining to several security vulnerabilities in certain patient monitoring and medical device interface products from the manufacturer. Exploitation could allow attackers to access patient data, launch denial of service attacks and more, they warn.
Cyberattacks perpetrated by criminally or financially motivated bad actors in New Zealand have nearly doubled from 14% in 2019-20 to 27% over the past year, according to a cyberthreat report from the country's National Cyber Security Center.
North Korea-associated advanced persistent threat group TA406, aka Kimsuky or Thallium, has ramped up its cyberespionage operations in 2021, targeting diplomats and policy experts across Asia, the U.K. and the U.S., researchers say.
The U.S. Department of Justice has indicted two Iranians for allegedly interfering in the 2020 U.S. elections. The charges against the men include conspiracy to commit computer fraud and abuse, transmission of interstate threats and voter intimidation.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...
We know they are coming, and yet we are still ill-prepared. Cybereason surveyed 1,200 global cybersecurity professionals on ransomware. And while most are concerned about attacks, nearly one-quarter have no contingencies for weekends and holidays - the favored strike time. Sam Curry explains why.
The latest edition of the ISMG Security Report features an analysis of how cybercriminals are turning to cryptomixing services to conceal the proceeds of ransomware activities from law enforcement officials. Also featured: Criminals exploit a misconfigured FBI server and the future of zero trust.
This is the second episode of "The Ransomware Files," a podcast miniseries focused on stories of resilience in the fight against ransomware. An Australian company, Matthews, saw its backups corrupted and attackers release its data. The company recovered however, and has greatly improved its IT security defenses.