The Log4j vulnerability has underscored once again the widespread dependence on open-source software projects and the lurking risks. Patrick Dwyer of OWASP says such projects deserve more resources to avoid major security vulnerabilities.
The Belgian Ministry of Defense, which is responsible for national defense and the Belgian military, announced on Monday that it has fallen victim to a cyberattack officials say relates to the widespread Apache Log4j vulnerability. The attack "paralyzed the ministry's activities for several days."
Cyber GRX senior director and CyberEdBoard executive member Peter Gregory discusses data everyone has that is an asset, but also a liability - your contact list - and how to decrease your chances of it turning toxic.
Oracle announced on Monday that it plans to acquire healthcare technology vendor Cerner Corp. in an all-cash deal valued at $28.3 billion, which is expected to close by the end of 2022. But what are the potential health data privacy and security implications?
The Chinese state-sponsored threat group Tropic Trooper has resurfaced as Earth Centaur and is targeting the transportation industry and government agencies associated with that sector, according to new research from cybersecurity firm Trend Micro.
A Trojanized malicious software known as "Joker" malware has made a comeback and was detected in a Google Play app downloaded more than 500,000 times, researchers say. Found this time on an app called Color Message, Joker had the ability to go undetected for long periods of time.
A top U.S. Department of the Treasury official said financial regulators are prepared to extend existing authorities to rein in stablecoins, although Treasury officials hope instead that Congress will move on key legislation to regulate the space.
As the final days of 2021 near, healthcare entities in and outside the U.S. continue to deal with systems disruptions and major data breaches involving ransomware and other cyberattacks. The latest includes a hospital for women and infants in Ireland and a large specialty medical practice in Texas.
Garry Hargreaves, director of the NATO Communications and Information - or NCI - Academy, discusses the institution's mission to train and educate NATO’s cyber workforce by creating an "enduring NATO cyberspace curriculum."
For anyone hoping to celebrate the decline and fall of ransomware by year's end, think again. While some notable operations have bowed out - at least in name - threat intelligence firm Intel 471 warns that newcomers now account for the majority of attacks, and attack volume is "still on the rise."
Apache has released Log4j version 2.17 to fix yet another high-severity denial-of-service vulnerability - tracked as CVE-2021-45105 with a CVSS score of 7.5 - that affects all versions from 2.0-beta9 to 2.16.0.
Multiple new attacks exploiting the explosive Apache Log4j vulnerabilities have been uncovered, including a newly discovered JavaScript WebSocket attack, threat actors injecting Monero miners via Remote Method Invocation and the comeback of an old and relatively inactive ransomware family.
In an emergency directive issued on Friday regarding the explosive Apache Log4j vulnerabilities, CISA has required federal civilian departments and agencies to assess their internet-facing network assets and immediately patch the systems or implement appropriate mitigation measures.
Healthcare sector entities, like organizations across most industries, are being warned by authorities to carefully assess how the recently identified remote code execution vulnerability in the Apache Log4j Java logging library might affect their environments. What steps should they take?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.