Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.
Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.
Cryptocurrency exchanges are seeing fraudsters submit doctored photos in an attempt to reset two-step verification on accounts. The ruse appears to have some degree of success, underscoring the difficulties around verifying identity on the internet.
Hackers have breached the Australian Parliament's network, although investigators say they have found no evidence that attackers stole any data. But Parliament's presiding officers said all users have been ordered to reset their passwords as a precaution.
Recent data leaks, including the SBI incident that affected millions of customers, have once again stirred up a debate on the role of auditors in cybersecurity. But a bigger issue is the need to invest in appropriate security technologies and implement stronger policies and awareness programs.
Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K. receiving the greatest number of notifications, according to the law firm DLA Piper.
Without improved coordination, the U.S. government and private companies could be caught flat-footed if a nation-state hit the software supply chain with malware or a worm, according to a new report that echoes conclusions made over the last decade and calls for closer industry-government ties.
With the general election approaching this spring to constitute the 17th Lok Sabha, cybersecurity leaders say India must be prepared to thwart foreign cyberthreats and protect electronic voting machines against hacking by using appropriate security measures.
A U.K. bank says no customers lost money after cyberattackers attempted account takeovers by rerouting one-time passcodes, Motherboard reports. Such attacks involve unauthorized tampering with Signaling System #7, the protocol used to route mobile phone calls worldwide.
In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.
The Unique Identity Authority of India, which administers the Aadhaar program, is again facing harsh criticism about its security measures, this time from State Bank of India. But rather than pointing fingers, all government organizations need to collaborate to enhance security.
Bangladesh Bank, supported by the New York Fed, has filed a lawsuit in U.S. federal court to try to recover $81 million stolen via one of the biggest online bank heists in history. But the Philippine bank the lawsuit targets has dismissed the case as a "political stunt" designed to shift blame.
The digital revolution has given healthcare organizations new tools to increase team efficiency and improve their customer experience. But it's also opened up new vectors that cybercriminals can use to attack. As your attack surface expands to infrastructure that you don't own or control, becomes increasingly...
Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments?
The latest edition of the ISMG Security Report features an update on what U.S. intelligence chiefs told Congress this week about persistent nation-state cyberthreats, plus reports on evasion tactics used by cryptocurrency money launderers and what government CIOs have to say about security funding.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.