Critical, unpatched vulnerabilities that could enable hackers to access sensitive data have been found in India's National Critical Information Infrastructure Protection Center, according to ethical hacking group Sakura Samurai.
French authorities are warning the country's healthcare sector of the discovery of a glut of stolen credentials, apparently belonging to hospital workers, that were found for sale on the dark web. The alert comes amid a recent rise in ransomware attacks on hospitals and other healthcare entities.
A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.
A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the NSA's Equation Group before Microsoft patched the Windows flaw being exploited, according to Check Point Research. The analysis shows how some U.S. cyber weapons have been turned against their developers.
Venture capital firm Sequoia Capital confirmed it was recently involved in a "cybersecurity incident," but offered no details on exactly what may have transpired. Cybersecurity teams and law enforcement agencies have been notified.
The Good Health Pass Collaborative is developing a road map for digital health passes that international travelers could use to prove they have been tested for COVID-19. Dakota Gruener, executive director of ID2020, which launched the project, describes the effort, including privacy-protection measures.
Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.
Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report.
A security researcher has uncovered what is believed to be the first-ever malware variant that can be successfully executed in Apple's M1 chips, its latest central processor unit for Mac computers.
Security firms Crowdstrike, Palo Alto Networks and Sailpoint are making acquisitions to bolster their product portfolios. Here's a rundown of the deals.
The "Cuba" ransomware gang has hit Seattle-based Automatic Funds Transfer Services, which processes data from California's Department of Motor Vehicles as well as many cities in Washington. Victim organizations say AFTS is investigating the incident and that an unknown amount of individuals' data was exposed.
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
In an update on the investigation into the SolarWinds supply chain attack, Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing "executive action" to address security shortcomings that have come to light.
A Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice.
Three North Koreans have been indicted for allegedly taking part in a criminal conspiracy that attempted to steal or extort $1.3 billion in cryptocurrency and cash from banks and other organizations around the world, the U.S. Justice Department announced Wednesday.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.