Fast-fashion clothing giant Shein has been fined $1.9 million by the New York state attorney general for multiple failings tied to a massive 2018 data breach, including substandard password security as well as failing to alert users or force password resets in a timely manner.
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
Cybersecurity firm Eset says its spotted multiple hacks in Israel coming from a Lebanese threat group dubbed Polonium that's affiliated with Iran. The group employs custom-coded backdoors that use a slew of cloud storage accounts to handle command and control.
A ransomware gang published 52 gigabytes of data it says it stole from Consorci Sanitari Integral, a Barcelona health organization of 3,000 physicians and staff. CSI acknowledge a "compromise in data confidentiality" but says its systems are fully recovered thanks to cloud backups.
The toll that cyber incidents can have on healthcare entities and their patients was especially felt this week by the parents of a 3-year-old child who received an accidental megadose of medicine - a mistake attributed to IT systems being offline at an Iowa medical center.
A phishing and fraud prevention vendor has bought a startup founded by Qualys' longtime engineering leader to help organizations more effectively discover and monitor assets. Red Sift says its purchase of Hardenize will help customers assess the security of their digital asset inventory.
The Biden administration will put more critical infrastructure sectors, such as water, under mandates to ensure minimal cybersecurity standards. The White House is also ramping up interest in consumer cybersecurity by initiating a labeling program for the internet of things.
Earlier this year, Sri Lanka became the first South Asian country to pass privacy legislation, which will go into effect in 2023. ISMG talked to several privacy experts about the highlights of Sri Lanka's Data Protection Act and what companies are doing to comply with the new regulations.
A former doctor who practiced internal medicine in several states has pleaded guilty in a New Jersey federal court to criminal HIPAA violations in a case that also involved a pharmaceutical salesman and a larger alleged $2.5 million healthcare fraud conspiracy.
Immersive Labs completed a funding round just weeks after laying off 10% of its workforce to cover more developer languages and safeguard Azure and Google Cloud. The Ten Eleven Ventures-led funding will help Immersive Labs expand its coverage from frontline cybersecurity staff to development teams.
One zero-day down but two Microsoft Exchange zero-days to go in this month's dose of patches from the Redmond, Washington computing giant. Microsoft fixed a COM+ flaw being exploited in the wild but for now is relying on workarounds for two known email server bugs.
Lloyd's of London says it has fully restored network services and that an investigation uncovered no evidence of a compromise. The insurance and reinsurance marketplace giant took systems offline last week after detecting what it called "suspicious activity."
A hacker who stole cryptocurrency says he should walk away with the majority of his loot and put that plan up for a vote to the people from who he stole, using votes tied to the stolen cryptocurrency to vote yes. "Seriously though, wtf is wrong with our industry?" tweeted a web3 consultant.
In Part 1 of a three part-video series, Andrew Abel, a cybersecurity and zero trust consultant and CyberEdBoard member, and Chase Cunningham, CSO at Ericom Software, share tips on how to create an identity strategy within the broader context of zero trust.
Vista Equity Partners and KnowBe4 have struck a deal to take the security awareness giant private for $4.6 billion in this week's second massive security acquisition. The agreement comes after the Austin, Texas-based investment firm upped its offer by $380 million, or nearly 4%, to $24.90 per share.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.