Google released a fix on Monday for a Chrome zero-day that allows an attacker to remotely target a vulnerable version of the browser. The bug is tracked as a heap buffer overflow in the WebP image format, which is specifically designed to optimize web images.
Federal regulators have smacked a large California health plan with a $1.3 million fine to settle potential HIPAA violations for two relatively small breaches that affected about 2,250 individuals. But officials indicate "long-standing HIPAA deficiencies" were a "systemic" problem at the insurer.
How does an organization achieve peace of mind with security while overcoming the challenges of complex hybrid and multi-cloud networks? Here are the top reasons why your organization should consider implementing a cloud-native firewall service to protect your AWS environments and applications.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Censys CEO Brad Brooks discusses the stresses a CISO experiences in trying to prevent cyberattacks and in dealing with those that do occur. Topics include breach disclosure and cybersecurity marketing to CISOs.
A federal judge has given the green light for attorneys to proceed with a consolidated class action lawsuit against Meta that accuses the social media giant of intercepting sensitive health information with its Pixel tracking tools used in numerous healthcare websites and patient portals.
Honeypot data collected by CISO Jesse La Grew highlights how attackers continue to target default usernames - including for SSH - together with weak passwords to gain brute force remote access to their targets. Here are essential username, password and remote service practices for combating such attacks.
A Norway court sided with the country's data protection authority in a battle against Facebook over surveillance based-ads, ruling that the agency has the authority to tell the social media giant to temporarily halt behavioral tracking without explicit consent or face daily fines.
Perimeter 81's ease of deployment and embrace of a cloud-based architecture made it stand apart from other secure remote access offerings, according to Check Point Software CEO Gil Shwed. The deal will help Check Point build a scalable network foundation that extends to thousands of users.
Multiple nation-state hacking groups have been exploiting known flaws in Zoho ManageEngine software and Fortinet firewalls to steal data, cybersecurity officials warn. A new alert details exploits of each vulnerability by separate groups that targeted the same aeronautical firm.
In the aftermath of mergers and acquisitions among healthcare entities - and the resulting IT integration and cost-cutting moves - gaps in technology and skills and other gaps often put organizations at higher risk for attacks and other security incidents, said Jack Danahy of NuHarbor Security.
Government agencies are adopting zero trust architectures, both to meet regulatory requirements, but also as a security imperative to mature their security posture, however the specific challenges faced differ from those of commercial entities. Watch this webinar to gain insights into a dedicated Zero Trust practice...
California Gov. Gavin Newsom on Wednesday signed an executive order to study the development, use and risks of artificial intelligence, and develop a process to deploy "trustworthy AI" in the state government. The order calls for a staggered implementation over the next two years.
Tenable will purchase a cloud security startup founded by the longtime leader of Secdo to help security teams make efficient and accurate remediation decisions. The proposed buy of Ermetic will make it easier for security professionals of all cloud expertise levels to spot and quickly address risks.
The number of connected devices used in healthcare is growing as manufacturers constantly introduce new types of IoT equipment. The ever-evolving threat landscape is making it harder for many entities, particularly outpatient care providers, to keep up, said Justin Foster, CTO of Forescout.
Ransomware groups do whatever they can to pressure a victim into paying. Enter the likes of Ransomed, following in the footsteps of Alphv/BlackСat, NoEscape and Good Day-powered Cloak, all of which threaten victims with a world of General Data Protection Regulation violation pain unless they pay.