A critical Linux kernel vulnerability exposed the server message block protocol to remote hacking with highest privileges. The vulnerability received the maximum possible severity rating of 10 on the CVSS scale owing to the kernel-level code execution privileges it gave to the attacker.
She has been a CISO almost longer than there has been cybersecurity. And now Marene Allison, CISO at Johnson & Johnson, eyes retirement and her next adventures. She reflects on her career, her accomplishments and what she wishes for her successor and the next generation of cybersecurity leaders.
Recorded Future has signed an agreement with Ukraine's Ministry of Digital Transformation to help protect the county's critical infrastructure against Russian physical and cyberattacks. The company can help detect novel strains of malware and command-and-control infrastructure run by the Russians.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
Cloud email security: It involves new strategies and tools to defend against a new wave of attacks. Arun Singh of Abnormal Security discusses the latest flavor of email attacks and the new Knowledge Bases created to help enterprises increase their education and defensive capabilities.
Identity and access management company Okta revealed that its private GitHub repositories were accessed earlier in the month, resulting in the theft of its source code in its Workforce Identity Cloud code repositories. "No customer data was impacted," Okta says.
In a surprise move, Britain's Information Commissioner's Office recently named names - lots of names - on the data breach front. The ICO has published detailed information about breaches of personal data, complaints and the civil investigations. Attorney Edward Machin explains the implications.
As the U.S. government's probe of bankrupted cryptocurrency exchange FTX continues, two executives have pleaded guilty to multiple charges, while founder Sam Bankman-Fried waived his extradition rights in the Bahamas and was transferred by the FBI to New York, where he appeared before a judge.
Stop the presses: Britain's Guardian Media Group has been hit by a "serious IT incident," believed to be ransomware, that appears to have encrypted numerous systems. Experts say ransomware groups love to strike over the holidays, adding pressure on victims to pay a ransom quickly and quietly.
The latest edition of the ISMG Security Report discusses why it is always a bad idea for organizations to pay hackers for data deletion, practical steps organizations can and should take to avoid being at the heart of a data subject complaint, and the latest efforts to tackle the ransomware threat.
Ukrainian President Volodymyr Zelenskyy made a historic visit to Washington in a bid to shore up support during a critical moment. Behind the scenes, U.S. assistance includes strengthening Ukrainian cyber resiliency. Russian cyber operations remain a threat.
A banking Trojan is on a rampage thanks to its ability to mimic the appearance of more than 400 applications, including leading financial and crypto exchange applications, in 16 countries. Godfather is an upgraded version of the Anubis banking Trojan, reports cybersecurity firm Group-IB.
Thirteen bot farms transmitting pro-Kremlin messages across more than 1.5 million fake accounts are no longer operating after Ukrainian police raided their locations. Russia's attempted conquest of Ukraine is accompanied by heavy doses of online propaganda aimed at splitting support for Kyiv.
Bad hackers so often get portrayed as bombastic villains who can "hack the Gibson" while breathlessly exclaiming, "We're in!" Real-world "hack attacks" are typically much more mundane, including an alleged scheme enabling taxi drivers to jump to the head of the line at JFK Airport.
Security researchers at Palo Alto Networks say they identified an attempted hack on a large petroleum refining company based inside a NATO member that came from a threat actor known as Gamaredon and Trident Ursa. The Ukrainian government traces the group to a Russian FSB.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.