Android smartphone device manufacturer Samsung has a patch for a flaw used by commercial surveillance hackers to implant malware in the United Arab Emirates. The U.S. Cybersecurity and Infrastructure Security Agency on Friday gave federal agencies until June 9 to patch the vulnerability.
Proposed class action lawsuits are piling up over hackers' use of a vulnerability in Fortra's GoAnywhere secure file transfer and a resulting data breach affecting 3 million individuals. NationsBenefits Holdings disclosed that hackers accessed personal information by using the widely exploited flaw.
Cyber insurance applicants should provide detailed responses that clarify the nature of their business to avoid claim denials in the event of a security incident. Pasich LLP Senior Managing Associate Tae Andrews urged applicants to "interrogate the interrogator" to push back on vague questions.
Apple is patching actively exploited zero-day flaws in its browser rendering engine for mobile devices, and one cybersecurity firm says the vulnerabilities are likely evidence of takeover attacks. Two of the bugs were the subject of Apple's first-ever Rapid Security Response.
Identity is more important than ever in today's "work from anywhere" world where the need for secure authentication has become paramount. Zero Trust Authentication complements security investments in EDRs, EPPs, SIEMs and existing SSOs and delivers a passwordless experience that drives productivity.
The Federal Trade Commission's proposed changes to its 14-year-old Health Breach Notification Rule come at a time when some advocates say stronger consumer data privacy protections are needed. But will the FTC potentially face legal challenges to its authority to make these sweeping changes?
The Federal Trade Commission on Thursday made a few bold moves to ramp up its oversight of data privacy. They include issuing a notice of proposed amendments to its Health Breach Notification Rule and releasing a policy statement warning of heightened scrutiny over the use of biometric information.
The French data protection authority on Tuesday signaled increased concerns over the privacy impacts of generative artificial intelligence and said issues such as data scraping raise data protection questions. Data scraping by AI companies is a flashpoint in the technology's rollout.
Fifteen months after Russia intensified its illegal invasion of Ukraine, experts say top cyber defense lessons policymakers and defenders should apply include focusing on resilience. Building for resilience acknowledges the inevitability of ongoing attacks.
The Federal Trade Commission has barred the developer of fertility tracking app Premom from sharing users' personal health data with third parties for advertising purposes and has fined the vendor $100,000 for alleged violations of the agency's Health Data Breach Notification Rule.
IBM has bought a startup founded by a longtime security leader in the Israeli Prime Minister's Office to ensure personal identifiable information isn't left unprotected. The deal will ensure sensitive data isn't exposed in public cloud data stores or SaaS apps like Slack, SharePoint or Office 365.
Huntress has completed a Series C round to expand beyond the endpoint protection market and bring managed security to identity and cloud. Hackers are increasingly going after employee accounts at SMBs and using the compromised identity to move into other systems via SSO, CEO Kyle Hanslovan said.
The successful implementation of a zero trust strategy requires a comprehensive vision that combines simplicity, visibility and practicality. By taking a phased approach and aligning it with a unified goal and vision, organizations can establish a robust foundation for zero trust adoption.
Organizations of all types have important work ahead to comply with Washington state's new My Health My Data Act, which pertains to any entity - inside or outside the state - that handles health data of consumers in the state, said Cat Kozlowski, attorney at law firm Polsinelli.
In the latest weekly update, ISMG editors discuss how the Feds have dismembered Russia's 'Snake' cyberespionage operation; the ongoing debate over privacy laws and regulations in the APAC region; and why more companies are banning the use of generative AI tool ChatGPT.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.