Identity management company Okta and Microsoft have confirmed breaches by the Lapsus$ group, which has been on a high-profile hacking spree. Okta is facing increasing pressure to more fully describe the impact of its incident, as Okta's identity systems are widely used across enterprises.
(ISC)² released results of an online poll about the Log4j vulnerability and the human impact of the efforts to remediate it. CISO Jon France shares findings from the survey, revealing the severity and long-term consequences of the Log4j attack for security teams and the organizations they protect.
Prospects of Russia reviving its economy via cryptocurrency remain limited, officials have said, but the U.S. Treasury Department is reportedly warning that it has detected a rise in the use of digital assets for illicit transactions, including after Feb. 24, when the war began.
In the coming weeks, U.S. President Joe Biden will announce a new executive order to prevent and detect identity theft involving public benefits. Jeremy Grant, coordinator of the Better Identity Coalition, discusses the challenges ahead for the government in combating criminal and identity fraud.
The ransomware-as-a-service operation AvosLocker has been amassing "victims across multiple critical infrastructure sectors in the United States," the FBI warns in a new alert that includes known indicators of compromise and tactics employed the group and essential defenses for all organizations.
A Texas dental and orthodontic practice that boasts of being "the official dentist" of the National Basketball Association team the Dallas Mavericks is notifying more than 1 million individuals of a 2021 breach involving patient information being viewed and copied by attackers.
The U.S. National Rifle Association States reportedly fell victim to a ransomware attack in October 2021. The NRA did not acknowledge the attack at the time, but a recent FEC filing explaining a financial discrepancy has forced it to confirm the ransomware attack and detail its impact.
Researchers have uncovered a full-time initial access broker group that serves both Conti and Diavol ransomware groups. Google's Threat Analysis Group - TAG - observed this financially motivated threat actor, dubbed Exotic Lily, exploiting a zero-day in Microsoft MSHTML tracked as CVE-2021-40444.
SentinelOne plans to buy security firm Attivo Networks, and the acquisition is scheduled to close sometime this summer. Some cybersecurity analysts and experts speak with Information Security Media Group about the gains and possible pitfalls of this $615.5 million deal.
As the Ukrainian military resists Russian advances toward its major population centers, its IT security teams are contending with record cyber incidents - although the same is true of their eastern neighbors, with Russia reporting "unprecedented" cyberattacks on its networks.
Federal authorities are advising healthcare sector entities to take precautions, including enhancing their cybersecurity posture and being prepared to implement four- to six-week business continuity plans, as they continue to face potential cyber incidents related to the Russia-Ukraine war.
In the latest weekly update, four editors at ISMG discuss how Russia's invasion of Ukraine complicates cybercrime ransomware payments, a former U.S. Treasury senior adviser's take on Biden's cryptocurrency executive order, and important points regarding the upcoming identity theft executive order.
If Russia uses hack attacks to support its invasion, would Western governments want to immediately attribute those attacks or disruptions? Enter a Thursday alert from the U.S. government warning that it is "aware of possible threats to U.S. and international satellite communication networks."
Two trends that have only grown over the past two years: Hybrid workforce and adoption of the zero trust architecture. Peter Newton of Fortinet shares how zero trust network access is now key to helping ensure security with workers now balancing on-premise and remote work.
The interplay between security and privacy has changed some aspects of data management and protection. Nader Henein, vice president analyst at Gartner, discusses the factors driving the nexus, how companies can take advantage of it and tips on sharing data with third parties securely.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.