Suspected nation-state hackers are using that malware researchers say straddles between the line between off-the-shelf and advanced tactics in order to target the U.S. aerospace industry. Researchers from Adlumin in May found the malware on a defense contractor's network.
Dragos has axed 50 workers after longer sales cycles and smaller initial deployment sizes caused the industrial cybersecurity vendor to miss its first quarter revenue target. Dragos revealed plans to reduce its staff by 9% to ensure the company can stay independent through an IPO or Series E round.
A former employee of an Arizona hospital has been sentenced to federal prison and ordered to pay restitution to victims after pleading guilty to criminal HIPAA violations and his participation in an identity theft scam that compromised the data of nearly 500 patients.
The Biden administration stepped up regulatory enforcement against cryptocurrency trading platforms in consecutive lawsuits targeting Binance and Coinbase for alleged violations of securities laws. "We already have digital currency. It's called the U.S. dollar," said U.S. SEC Chairman Gary Gensler.
With the federal government's software bill of materials regulations looming, many organizations are not ready to respond, warned CISO Sean Atkinson of the Center for Internet Security. He provided tips for ensuring transparency in the software supply chain and preparing for SBOM regulations.
Snyk plans to purchase an Israeli startup founded by members of Wix's application security team and backed by CyberArk to help organizations govern developer security. The developer security vendor said its proposed buy of Enso Security will give clients a view of their application security posture.
At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.
In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.
The Clop ransomware-as-a-service gang said it is behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot of your data as part of exceptional exploit," the gang says in a misspelled post on its dark web leak site.
Google patched a zero-day vulnerability in Chrome, warning consumers that the vulnerability is under active exploitation. The Silicon Valley giant revealed little Monday in a Chrome advisory about the vulnerability, other than saying it is a type confusion flaw in its V8 JavaScript rendering engine.
Ukrainian cyber defenders say they've identified a cyberespionage campaign active since mid-2022 that gained unauthorized access to "several dozen" computers. A government spokesperson said Tuesday the campaign targets government agencies and media organizations.
The Federal Trade Commission has filed an amended complaint against Kochava, as allowed by a federal judge who last month dismissed the agency's first shot at a lawsuit seeking to permanently stop the data analytics firm from selling geolocation data collected from mobile devices.
Pretexting incidents, a social engineering technique that manipulates victims into divulging information, have nearly doubled, representing 50% of all social engineering attacks, according to Verizon's 2023 Data Breach Investigations Report, which analyzed more than 16,312 security incidents.
Criminals are continuing to wield stolen credentials, compromise attacks, ransomware and social engineering to earn an illicit payday, according to Verizon's latest annual analysis of data breaches and how they happened, which finds that post-ransomware cleanup costs are rising.
Cisco took its first major step toward realizing its secure cloud vision in April with the debut of a new extended detection and response platform. The next set of enhancements around generative AI, secure access and defending applications across multiple clouds debuted Tuesday at Cisco Live 2023.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
