Why are so many fresh zero-day vulnerabilities being exploited in the wild? Google reported that attackers often discover variants of previously exploited flaws, which suggests that vendors aren't doing enough to fix the root cause of flaws - or to avoid introducing fresh ones with their fixes.
Is the Akira ransomware story coming to an end? Security researchers say the group was competing in a competition designed by Royal to give it a new cryptolocker - but lost. Even with a free decryptor now available for Akira victims, however, it's too soon to say if the group might be doomed.
A startup founded by two Israel Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced negotiations to purchase Silicon Valley-based application security posture management vendor Bionic.
The world is moving on from magnetic stripe payment cards, with one notable exception: the United States. Credit card issuers, banks and consumers agree the magnetic stripe is prone to hacking - so why is one of the largest markets for plastic payment still clinging to decades-old technology?
Application security testing, or AST, and API security testing are important components of a comprehensive cybersecurity strategy. We'll discuss the application and API security best practices for each type of testing, the use cases, and how they protect your business from cyberattacks.
The first step in managing risk is recognizing it as a boardroom matter, and it demands that directors be prepared to understand and discuss the cyber issue and strategically guide C-level executives on this complex topic. It requires cyber competence in the boardroom, said CISO Marco Túlio Moraes.
Despite the beating new publicly traded security companies have taken during the economic downturn, Rubrik is looking to test its luck in the public market. Reuters reported Monday the firm is working with Goldman Sachs, Barclays and Citigroup in preparation for an IPO that could take place in 2024.
Attackers adapted their email-based techniques throughout 2022, cycling through tactics in the hopes of evading human and cybersecurity measures. The 2023 OpenText Cybersecurity Threat Report confirms that building a multilayered approach to defense is core to cybersecurity and cyber resilience.
How many hackers can claim to have caused a national cheese shortage, not least in the Gouda-loving Netherlands? Enter Mikhail Matveev, a Russian national who's been indicted for wielding not one but three strains of ransomware, in what experts say is a needed focus on ransomware affiliates.
Losses to fraud reported by Britain's financial services sector exceeded $1.5 billion in 2022, declining by 8% from 2021, says trade association UK Finance. About 40% of losses tied to authorized push payment fraud, in which victims get tricked into transferring funds to attackers.
Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.
Fifteen months after Russia intensified its illegal invasion of Ukraine, experts say top cyber defense lessons policymakers and defenders should apply include focusing on resilience. Building for resilience acknowledges the inevitability of ongoing attacks.
An Illinois man pleaded guilty Monday to eight criminal counts stemming from the three years he spent leading a conspiracy to sell stolen financial information on darknet markets. The man, Michael D. Mihalo, 40, founded a darknet carding site known as Skynet Market.
U.S. authorities revealed the Russian man behind a two-decade span of abetting cybercriminals' theft of credit cards, dismantled his online infrastructure and offered a hefty reward for information leading to his arrest. Prosecutors say the man, Denis Kulkov, ran a service now known as Try2Check.
The cybercrime economy appears to remain alive and well: Compared to last year, researchers report seeing an increase in the number of known ransomware victims as well as initial access listings, which facilitate such attacks. The impact the takedowns of BreachForums and Genesis remains to be seen.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.