A breach involving the compromise of a single user's email account at an Illinois-based multispecialty clinic has affected nearly 503,000 individuals - one of the largest breaches reported so far this year to federal regulator. How can other entities avoid similar email security incidents?
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and Eset, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Japanese multinational conglomerate Panasonic has been breached for the second time within six months. The company says its Canadian operation recently discovered that it was a victim of a targeted cybersecurity attack affecting some of its systems, processes and networks.
Acting Comptroller of the Currency Michael J. Hsu says there are compelling arguments for a centralized U.S. stablecoin, but there are also high risks associated with it. Some security experts question whether the technology has advanced enough and consider stablecoin risks.
BlackCat, believed a rebranded version of the BlackMatter or DarkSide ransomware group, claims to have successfully targeted popular Nigerian betting platform Bet9ja, three universities - FIU, NCAT State University, AIT-Thailand, and the largest natural gas supplier in Latin America - TGS. Bet9ja, FIU, and NCAT State...
Federal authorities are warning the healthcare sector of potential threats involving Lapsus$ - including those related to the group's recent hack of Okta - and also of potential phishing attacks arising out of a recent breach experienced by email marketing services provider Mailchimp.
As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and CISOs about the seriousness of these threats and what organizations can do to mitigate the risks.
Ditch the old “castle-and-moat” methods. Instead, focus on critical access points and assets, making sure each individual point is protected from a potential breach.
A group of fraudsters made more than $1.6 million in a massive scam using fake cryptocurrency giveaway YouTube streams attracting more than 165,000 viewers. The campaign also exploited the names of Vitalik Buterin, Elon Musk, Michael Saylor and other crypto enthusiasts.
At a time when applications are more business-critical than ever - and visibility is more challenging to achieve - we need to discuss new strategies and tools for maximizing application intelligence. Sujay Pathakji of Axiom Telecom and Srudi Dineshan of Gigamon share insights.
Five recently reported data breaches involving cyberattacks on a variety of different types of healthcare sector entities have affected a total of more than 1.2 million individuals. Experts say the incidents highlight the intensifying threat landscape in the sector.
A proposed rule requiring publicly traded companies to disclose a breach within four days of deeming it material will force CISOs to determine the consequences of breaches sooner. CISOs will need to have board-level conversations within a day or two of discovering an issue to assess materiality.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
APT-C-23, a politically motivated, Hamas-linked threat actor, is using fake Facebook profiles to trick high-ranking Israeli officials into downloading previously undocumented Trojanized Android and PC direct message applications that grant them access to the victims' devices.
A week after the Spring4shell vulnerability was first detected, security companies Microsoft, Check Point and Akamai have identified exploitation attempts, and Trend Micro has confirmed the first successful attempt - the Mirai botnet leveraging CVE-2022-22965 for its malicious operations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.