Convergence of the threat landscape looms large for defenders, and Cybercrime as a Service potentially will enable more destructive attacks at scale. These are among the 2023 threat landscape predictions of Derek Manky of Fortinet's FortiGuard Labs. He shares these and other insights.
How are threat actors taking advantage of unsecured SAP deployments, and what are some of the truly unique aspects of securing SAP? Fortinet's Dan Schrader and Aidan Walden discuss the need to secure SAP migrations and share recommendations for improved defenses.
The British data watchdog says the U.K. Department for Education shouldn't have allowed a private company to use student records to check whether new users of gambling apps were underage. A departmental spokesperson said it will ensure such misuse of the database doesn't reoccur.
Cybersecurity basics are still an overlooked ransomware defense, Lindy Cameron, CEO of the National Cyber Security Center, told the CyberScotland Summit in Scotland. "We still think that 90% of incidents in the U.K. could have been prevented if people had followed the basics," she said.
Embattled Australian private health insurer Medibank says it won't pay hackers' extortion demand, saying it can't trust cybercriminals to delete personal data. A ransomware gang claiming affiliation with REvil is threatening to publish the data, which Medibank says affects 9.7 million individuals.
Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
A hack of an Australian legal aid group this week may have exposed the personal information of domestic violence, sexual assault victims and other vulnerable people around the nation’s capital. Legal Aid ACT says systems are disrupted and an investigation will find out if data was stolen.
Distribution of airspace safety notices are affected by a cyber incident at Boeing subsidiary Jeppesen, the nature of which the company won't disclose. "At this time we have no reason to believe that this incident poses a threat to aircraft or flight safety," a company spokesperson said.
A hacking incident at a New York-based administrative management services firm has so far resulted in 20 anesthesiology practices reporting to federal and state regulators breaches affecting a total of about 430,000 individuals.
Ransomware-as-a-service group LockBit is threatening the release of data it says it stole from German auto parts maker Continental. The company in August acknowledged an incident involving its IT systems, but didn't respond Friday with additional information.
In the latest weekly update, ISMG editors share how amateur tactics employed by ransomware gangs are leading fewer victims to pay ransoms, why traditional identity controls can't protect against the growing authorized payment scams, and highlights from ISMG's Crypto and Payments Summit.
SolarWinds, maker of network management software famously hacked by the Russian government, may be the subject of an investigation by the U.S. Securities and Exchange Commission after staff made a preliminary determination in its favor. The company says it will contest the staff recommendation.
A surging Fortinet and Check Point have joined perennial stalwart Palo Alto atop the firewall Forrester Wave while Cisco slipped to the strong performers category. The leaderboard now belongs solely to pure-play cybersecurity vendors, with all three having at least 15 years of firewall experience.
Join Immersive Labs Appsec Experts, Mat Rollings and Kev Breen, as they discuss the latest threats and vulnerabilities affecting APIs in web applications.
DropBox is the latest company to have employees fall for phishing emails tricking them into supplying login credentials and a one time password to threat actors. Hackers got away with copies of 130 code repositories. The company says it's speeding up an internal transition to Web Authentication.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.