Marta Rybczyńska, technical program manager at Eclipse Foundation, discussed best practices for reporting vulnerabilities, adopting AI and bridging the gap between developers and security researchers to adhere to cybersecurity best practices for open-source software.
U.S. authorities seized dark web infrastructure of the BlackCat ransomware-as-a-service group, also known as Alphv, although the Russian-speaking threat actor said it has reestablished operations. The group's data leak site and its Tox instant messaging account went offline Dec. 7.
Cybercriminals increasingly use malicious ads through search engines to deploy new malware targeting businesses, marking a rise in browser-based attacks. Researchers at Malwarebytes observed PikaBot, a malware family that appeared in early 2023, being distributed via malvertising.
U.S. regulators for the first time detailed the risks artificial intelligence poses to the financial system and classified the technology as an "emerging vulnerability." The Financial Stability Oversight Council in its annual report flagged AI's ability to introduce "certain risks."
Erhan Temurkan, technology and security director at Fleet Mortgages, shares his insights on the integration of generative AI into the multifaceted world of cybersecurity and the dynamic threat landscape. Organizations must find a balance between security and usability, he said.
Synthetic IDs and mule accounts will continue to be a huge problem in 2024 even though vendors and financial institutions now recognize the problem and are beginning to address these risks, according to Trace Fooshee, strategic adviser at Datos Insights.
Lobbyists for U.S. hospitals oppose a Biden administration proposal for mandatory cybersecurity requirements and possible financial disincentives for organizations that fail to meet those expectations. Industry experts contend that some type of government actions are needed.
A late October hacking incident at mortgage lender Mr. Cooper affected 14.7 million individuals, the Texas company disclosed Friday. The incident triggered a four-day shutdown of corporate systems and a suspension in lending. Hackers gained access on Oct. 30 and were ejected on Nov. 1.
A group known as Predatory Sparrow claimed responsibility for a Monday cyberattack that shut down a majority of gas stations across Iran as officials blamed the attack on foreign powers. The group has previously taken credit for a number of attacks targeting Iran's fuel supply and rail system.
The U.K. national institute for artificial intelligence urged the government to establish red lines against the use of generative AI in scenarios in which the technology could take an irreversible action without direct human oversight. The U.K. government has sought to cultivate responsible AI.
Co-chairs of the Cyberspace Solarium Commission praised the annual U.S. national defense bill for enacting recommendations from its 2020 report, saying the bill marks "meaningful" advancements for cybersecurity. With the bill, 58 out of the commission's 82 recommendations will have been enacted.
Attorney Jonathan Armstrong examines four cybersecurity legal trends that will shape 2024: heightened personal liability for security leaders, the impact of ransomware, legal and ethical concerns about AI, and the influence of shadow IT, especially regarding messaging apps.
To help organizations refine their use of cryptography and safer software and to smooth their adoption of quantum-resistant cryptography, a team of researchers has released tools that generate a cryptographic bill of materials, or CBOM, says long-time security researcher Daniel Cuthbert.
In the latest weekly update, editors at ISMG discuss whether police have seized ransomware group Alphv/BlackCat's data leak site, how fraudsters are adapting their tactics and techniques to exploit advancements in technology, and which cryptocurrency stories shaped the industry this year.
The Cybersecurity and Infrastructure and Security Agency is urging health sector entities to take critical steps in fortifying their environments based on findings from a risk and vulnerability assessment performed by the federal agency on a healthcare industry organization earlier this year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.