The Wormhole network, a token bridge that allows users to trade multiple cryptocurrencies without a centralized exchange, has been exploited for 120,000 wETH tokens ($321 million). The company says it has issued a fix for the flaw and is working to "get the network back up as soon as possible."
The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.
The Log4j vulnerability exists in unpatched versions of Ubiquiti's UniFi Network applications, and is being actively targeted by attackers via a customized exploit, researchers at security firm Morphisec warn. While updates are available, systems remain at risk until patched.
The House Oversight and Reform Committee today advanced its version of the Federal Information Security Modernization Act of 2022, which entails cybersecurity updates for federal civilian agencies. The bipartisan measure was sent to the full House on a voice vote.
Of the $5.6 billion obtained by the Department of Justice in civil settlements and judgements involving false claims and fraud against the U.S. government in 2021, more than $5 billion - or nearly 90% - involved healthcare sector entities. Why? Healthcare fraud, including false claims.
Learn to understand the gray space in which malicious attack campaigns function in order to get ahead of attackers, and avoid data breaches or negative outcomes for your business.
Organizations today need to rethink how cloud security not only drives stronger predictions, but adds value with ease of use. Learn how you can stop the most evasive attacks automatically with adaptive security.
Two major EU pieces of legislation - the Digital Markets Act and the Digital Services Act - are about to change the digital landscape.
Academic Victoria Baines discusses how the proposed legislation might be problematic for information security.
Russia's threat to Ukraine is reshaping notions of what it means to employ cyber operations as part of a conflict. If Russian military forces do invade, experts warn that cyberattacks meant to support military operations and disrupt critical infrastructure may not be restricted to Ukrainian targets.
Democratic lawmakers outlined several provisions of the proposed America COMPETES Act, a measure to counter anti-competitive actions taken by China. Crypto advocates were quick to criticize one measure they say could have caused privacy and due process concerns. The language has now been amended.
With tensions mounting in Ukraine, U.S. cybersecurity officials have grown increasingly concerned over the threat of direct cyberwarfare. As such, the U.S. has dispatched its top cyber official, Deputy National Security Adviser Anne Neuberger, to Europe to discuss the Russian threat.
The European Systemic Risk Board has proposed a new systemic cyber incident coordination framework called EU-SCICF. This framework will be designed to counter any major cross-border cyber incidents in the financial sector space with a coordinated response.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.