The security company Check Point has revealed several vulnerabilities in TikTok, the popular Chinese video app that has raised concerns lately from the U.S. military and lawmakers. The issues are fixed, and TikTok says it doesn't appear the issues were exploited for a breach.
Nearly 16,000 malware-infected MicroTik routers in Southeast Asia have been scrubbed of Coinhive cryptojacking code, which mines for monero, thanks to an international police operation. Globally, however, 26,000 MicroTik routers reportedly remain infected with the stealth monero-mining code.
Healthcare organizations need to carefully assess whether data they hold falls under the scope of the California Consumer Privacy Act, says attorney Anne Kimbol, assistant general counsel of HITRUST - especially now that the regulation's Jan. 1 compliance deadline has hit.
A ransomware attack has held London-based foreign currency exchange firm Travelex hostage since New Year's Day, the company confirmed Tuesday. It appears that the Sodinokibi group is behind the attack and is asking for millions from the company.
The FBI has sent a letter to Apple asking for help in accessing encrypted data from two iPhones belonging to a deceased shooter. The bureau's move may be a prelude to another legal fight between the FBI and Apple over strong encryption.
Complex, manual processes and disparate, disconnected tools make it difficult for security and IT teams to mount a cohesive response. Bryce Schroeder of ServiceNow discusses a more effective approach to vulnerability response.
As tensions between the U.S. and Iran continue to rise, healthcare organizations need to exercise extra vigilance in shoring up their security to defend against potential Iranian cyberattacks on critical infrastructure sectors, says Errol Weiss of the Health Information Sharing and Analysis Center.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.
Accenture plans to buy the former Symantec Cyber Security Services business from Broadcom for an undisclosed sum, the two companies announced Tuesday. The deal comes only five months after Broadcom paid $10.7 billion for Symantec's entire enterprise security division.
Zero Trust has become a cybersecurity marketing buzzword. But Kelsey Nelson of Okta sheds light on the realities of the Zero Trust approach, with a specific focus on the identity and access management component of the strategy.
In the wake of the killing of an Iranian general in a U.S. drone attack last week, organizations - especially healthcare entities and units of government that have been vulnerable to ransomware attacks - need to be on guard against destructive "wiper" attacks, says Caleb Barlow of CynergisTek.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.