Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.
In the 21-month stretch from October 2020 to June 2022, a whopping 48 cybersecurity startups received 10-figure valuations as investors evaluated prospects on potential rather than performance. Now that the financial boom has gone bust, what happens to these unicorns from a different economic era?
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
The situation at LastPass keeps getting worse: The company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
Cybercrime experts have long urged victims to never pay a ransom in return for any promise an attacker makes to delete stolen data. That's because, as a recent case highlights, whatever extortionists might promise, stolen personal data is lucrative, and it often gets sold six ways from Sunday.
A Russian national accused by U.S. federal prosecutors of developing an application for decrypting login credentials pleaded not guilty during a first appearance in Tampa federal court. The man, Dariy Pankov, faces seven criminal counts, including conspiracy, access device fraud and computer fraud.
AT&T wants to unload its cyber assets just five years after doubling down on security through its $600 million purchase of threat intelligence vendor AlienVault. The Dallas-based carrier has been working with British banking firm Barclays to solicit bids for its cybersecurity business, Reuters said.
The cybersecurity industry experienced a dramatic drop-off in funding, stock prices and M&A activity as the economic downturn took hold in late 2022. Venture capital financing tumbled to $18.5 billion in 2022, 39% lower than the record-breaking $30.4 billion invested in 2021, Momentum Cyber found.
Will large language models such as ChatGPT take cybercrime to new heights? Researchers say AI for malicious use so far remains a novelty rather than a useful and reliable cybercrime tool. But as AI capabilities and chatbots improve, the cybersecurity writing is on the wall.
The adoption of new technologies, multi-cloud architectures and multiple data storage sites has resulted in data residing in more places than ever before. That's why enterprises need a single pane of glass to know who's touching their data and why, says Imperva CEO Pam Murphy.
The FBI is investigating a hack of its computer network. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time," the bureau said in a statement provided to Information Security Media Group.
Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok. The "Kia Challenge" went viral in mid-2022 after users discovered how to steal certain cars using a screwdriver and a male USB Type A connector.
Forcepoint's new Security Service Edge offering allows clients to apply access, threat or data loss protection policies across all channels as soon as they're implemented. The firm long offered DLP, SD-WAN, SWG and CASB tools, but the lack of full integration made it tough to apply unified policies.
Russian military intelligence agency hackers walloped Ukraine with waves of data wipers and phishing attacks, but the torrent of destructive cyberattacks doesn't appear to have been as effective as previous Russian cyberattacks, report researchers from the Google Threat Analysis Group and Mandiant.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.