Silicon Valley giant Google called on tech companies to be more robust in their approach to patching vulnerabilities in an afternoon marked by announcements designed to boost vulnerability research. Google money is supporting the Hacking Policy Council and the Security Research Legal Defense Fund.
A member of the Massachusetts Air National Guard has been arrested for leaking highly classified military and intelligence documents. The U.S. Department of Justice announced that Jack Teixeira, 21, was taken into custody by FBI agents following the leaking of more than 100 documents.
An online alcohol abuse counseling service is notifying about 109,000 clients of a data breach involving the company's prior use of tracking tools on its websites dating back to 2017. The breach affects members of Monument Inc. and Tempest, a counseling service acquired in May 2022.
Cybersecurity authorities issued a road map Thursday detailing how software manufacturers should go about baking security into their design processes. The document details how manufacturers should adjust their design and development programs to ensure software is secure.
While most organizations carry out risk assessments and cybersecurity audits, security practitioners need to go beyond these manual processes to ensure proper protection, says Angel Redoble, group CISO, PLDT Group. He recommends starting with identifying all of the potential attack entry points.
Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, attributed to North Korea.
The launch of Microsoft's Security Copilot may have attracted the most attention in the market since it was developed by the company that brought generative AI chatbots to the masses, but it's neither the first nor the only security product to incorporate OpenAI's ChatGPT into its design.
Federal regulators have issued proposed changes to the HIPAA privacy rule aimed at protecting reproductive healthcare information from disclosures or uses involving law enforcement and related purposes in the wake of the Supreme Court last year overturning Roe v. Wade.
The cybercrime economy appears to remain alive and well: Compared to last year, researchers report seeing an increase in the number of known ransomware victims as well as initial access listings, which facilitate such attacks. The impact the takedowns of BreachForums and Genesis remains to be seen.
With enterprises revisiting their cybersecurity posture to defend against new challenges stemming from the ever-expanding threat landscape, CISOs have the daunting task of unlocking new strategies and tracking the next move of the hackers.
Further punishment of Moscow-based Kaspersky by the Biden administration could be the final nail in the coffin of the company's deeply wounded North American business. The U.S. Commerce Department is weighing enforcement action against the Russian cybersecurity giant under its online security rules.
Apple issued security updates to address two zero-day vulnerabilities being actively exploited in the wild and targeting iPads, Macs and iPhones. Both vulnerabilities can lead to arbitrary code execution, but Apple said it found no exploits related to cybercrime or nation-state groups.
Regulators are scrutinizing the use of website tracking codes and analytics such as Meta Pixel and Google Analytics. Health entities must carefully assess how those tools are being used on their health-related websites, say privacy attorneys Cory Brennan of Taft and Mark Swearingen of Hall Render.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.