This week, the U.S. ambassador to China was the latest Chinese hack victim, Linux malware infected 70,000 routers, Norway banned Meta ads, the MOVEit breach affected 1.2 million more customers, a Russian medical lab suffered a ransomware attack, and Estée Lauder shut down systems after a breach.
Days after attributing the recent breach in its customer environment, enterprise software company JumpCloud on Thursday confirmed the involvement of a North Korean nation-state actor who appears to be financially motivated to steal cryptocurrency.
The proposed $2.45 billion sale of Forcepoint's government security business to TPG will fuel investment and growth for both public sector and commercial customers, CEO Manny Rivelo said. Forcepoint determined that its government practice would benefit from an additional set of investments.
Adobe released a fresh out-of-band security update to patch an improperly fixed ColdFusion zero-day vulnerability being actively exploited in the wild that allows attackers to bypass security controls. The update includes fixes for two other critical vulnerabilities.
The U.S. Federal Trade Commission and the Department of Health and Human Services are jointly warning dozens of hospitals and telehealth providers of potential patient data privacy and cybersecurity violations involving the use of online tracking technologies.
Between July 14 and 20, senators introduced a bill to address DeFi risk, Nasdaq held back crypto custody plans, DeFi hackers laundered lesser amounts of stolen funds in the first half of this year than in H1 2022, and an Australian bank blocked payments to high-risk crypto exchanges.
Kevin Mitnick, the self-described "world's most famous hacker" - thanks in no small part to his being featured on the FBI's Most Wanted list during a two-year manhunt - has died at the age of 59. After serving time in prison, Mitnick went legit, warning others about the dangers of social engineering.
While self-proclaimed Russian hacktivist groups such as KillNet, Tesla Botnet and Anonymous Russia claim they're wreaking havoc on anti-Moscow targets, a fresh analysis of their attacks finds that despite rampant self-promotion, their real-world cybersecurity impact is typically negligible.
Despite the significant advances technology has made over the past few years, email remains one of the best tools for cybercriminals. Training is just one piece of the puzzle. The best defense against today's cybercrime landscape is a multilayered security strategy.
The Biden administration on Tuesday initiated a nationwide cybersecurity certification and labeling program aimed at helping consumers choose smart devices that offer enhanced protection against hacking risks. Products will have a QR code and follow NIST standards.
The Russian Turla hacker group has targeted the Ukrainian defense sector and other Eastern European entities with a novel backdoor, dubbed DeliveryCheck, to deploy secondary payloads likely used for espionage, according to security researchers at Microsoft.
Top U.S. and Australian cybersecurity agencies strongly urged users to patch a critical zero-day flaw in Citrix ADC and Gateway appliances being exploited by unnamed threat actors in the wild. The bug, which is tracked as CVE-2023-3519, gives unauthenticated attackers RCE privileges.
The U.S. government has added two more commercial spyware vendors - Cytrox and Intellexa - to its list of organizations that face restrictions if they attempt to procure American goods or services, owing to the firms' "threatening the privacy and security of individuals and organizations worldwide."
Product security is the other half of the security picture. While IT security focuses on an internal audience, product security teams must respond quickly to issues identified by customers and researchers. Quentyn Taylor of Canon EMEA discussed the value of product security programs.
Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
