In an after-action report on how the Lapsus$ crime group hacked "dozens of well-defended companies with low-complexity attacks," the U.S. Cyber Safety Review Board urges organizations to implement more robust two-factor authentication systems, plus regulations to combat SIM swapping.
A nonprofit firm that administers government dental programs in Canada paid a "substantial" ransom for a decryptor key and the destruction of data stolen in a recent ransomware attack. But the company is now notifying nearly 1.5 million individuals that the hack compromised their data.
In the latest "Proof of Concept," Mike Baker, VP/IT CISO at DXC Technology and a CyberEdBoard member, and Chris Hughes, co-founder and CISO at Aquia, join ISMG editors to explore the state of the software supply chain, MOVEit breaches and the role of SBOMs and transparency in software development.
A Chinese state-sponsored spy group called RedHotel has emerged as a dominant espionage agent against government entities of at least 17 countries worldwide. Researchers said the motives and operations of the group closely link it to China's Ministry of State Security.
Perimeter 81 will be sold to Check Point for $490 million, but it had to slash its valuation by more than half to seal the deal. Check Point said its proposed buy of New York-based Perimeter 81 will fuel the adoption of secure access across remote users, sites, cloud, data centers and the internet.
Changing technologies and markets require adapting an organization's overall cybersecurity strategy, including the scope of our risk management, and then reviewing and adjusting our operational program to deliver the revised vision, said Akm Hasan, head of cybersecurity at Hays PLC.
Legacy infusion pumps commonly available for purchase on the secondary market often contain wireless authentication and other sensitive data that the original medical organization owners failed to purge, warned researcher Deral Heiland, citing a recent study conducted by security firm Rapid7.
India's data protection bill, which sets a maximum fine of $30 million for privacy violations, passed both houses of Parliament this week and awaits presidential approval to become the country's first data privacy law. Final changes eased data localization requirements for most companies.
Tampa General Hospital is facing at least three proposed federal class action lawsuits filed in recent days following the nonprofit Florida healthcare provider's disclosure late last month of a data theft incident that affected 1.3 million patients and employees.
Many security awareness training programs fail because organizations don't understand the risks they face, said Culture AI's John Scott. He said a successful training program "will help people by making sure that it's targeting the behaviors that address the key risks for the organization."
Citing several growing concerns, Sen. Mark Warner, D-Va., on Tuesday sent a letter quizzing Google CEO Sundar Pichai about how the tech giant is applying privacy, trust and ethical "guardrails" around the development and use of its generative AI product, Med-PaLM 2, in patient care settings.
Collaborative AI - the process of one AI model learning from another - is one of the most effective ways for financial institutions to fight the sophisticated techniques fraudsters use for scams, said Johan Gerber, executive vice president of security and cyber innovation at Mastercard.
Financial institutions globally have invested heavily in anti-financial crimes strategies and tools that report potential risk to regulatory authorities. But so have their adversaries. David Stewart and Keith Swanson discuss how institutions are using AI/ML to create more effective fraud defenses.
A recently identified security vulnerability in PaperCut print management software holds the potential for high-severity outcomes and could let unauthorized hackers run code remotely. The software is used in a wide array of environments, including large printer fleets supporting over 100,000 users.
WatchGuard's presence on both the endpoint and network allows the company to accelerate response and remediation times on behalf of MSPs, CEO Prakash Panjwani said. MSPs can determine how much of the response they want WatchGuard to automate based on their level of sophistication.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.