Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers. The SQL injection vulnerability tracked as CVE-2023-39336 is in all supported versions of Ivanti Endpoint Manager.
The U.S. Department of Justice announced Friday that it has wrapped up its investigation of the xDedic dark web marketplace and successfully dismantled the multinational criminal organizations, leading to charges against 19 individuals, including administrators, developers and customer service reps.
Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection. The move aims to address evolving cyberthreats by offering insights into human behaviors and risks and empowering customers.
A proposed settlement has been reached between Merck & Co. and several insurers that were appealing a 2023 court decision saying the insurance companies could not invoke "hostile warlike action" exclusions in refusing to pay drugmakers' claims filed after the 2017 NotPetya cyberattack.
In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all organizations to beware of copycat attacks - and to lock down their internet registry accounts.
In the latest weekly update, four ISMG editors discussed the number of ransomware victims who are paying a ransom to cybercriminals, the need for greater cyber resilience during wartime, and the critical role of human risk management in organizational cybersecurity in the era of remote work.
It's a new year, but federal regulators are beating an old HIPAA drum: The Department of Health and Human Services has hit a New Jersey medical practice with a $160,000 settlement in the agency's 46th enforcement action involving HIPAA complaint about right of access to health records.
Accenture has finalized its acquisition of U.K. tech consultancy firm 6point6, which specializes in cybersecurity, cloud and digital transformation solutions. The acquisition will add 6point6's 400 staffers to Accenture in support of its business in the U.K. market.
An upstate New York hospital group has filed a lawsuit against cybercriminal group LockBit in a legal maneuver aimed at forcing a Boston-based cloud services firm to turn over patient data LockBit had stolen from the entities last summer and allegedly stored on the tech company's servers.
Mobile password managers are different from computer-based password managers due to different constraints found in the mobile operating system, said Ankit Gangwal, assistant professor at the International Institute of Information Technology. He shed light on the risks introduced by AutoSpill.
Cloud adoption has seen a major uptick in the past three years. While cloud adoption was more of a necessity during the pandemic, businesses are now revisiting their decision given the concerns around cloud security.
As the threat landscape becomes more complex, organizations face challenges in obtaining an accurate picture of their attack surface. People, process, and technology challenges hinder progress and make it difficult for security teams to practice preventive cybersecurity.
The court system of Victoria said it had experienced a serious cybersecurity incident in late 2023 that gave hackers access to video recordings of proceedings at multiple courts, including the Supreme Court and the County Court. The hack took place on Dec. 8 and was discovered two weeks later.
A hacking incident at a New Jersey-based vendor of artificial intelligence-enabled population health management services that involved a network server has affected more than a dozen of its healthcare clients across the country and nearly 4.5 million of their patients.
Chase Cunningham discusses his new book, "How NOT to Lead: Lessons Every Manager Can Learn from Dumpster Chickens, Mushroom Farmers, and Other Office Offenders,” which details critical errors that can undermine your cybersecurity leadership and jeopardize your reputation and your company's future.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.