A new self-assessment tool aims to help public and private sector organizations assess their level of vulnerability to insider threats, according to CISA. The agency also indicated this week it will keep its "rumor control" website active ahead of the 2022 midterm elections.
California is extending a waiver that was set to expire this week. Similar to action taken by federal regulators, the extended California waiver relaxes enforcement of certain privacy and security regulations related to healthcare providers that offer telehealth services.
Hacktivist collective Anonymous has, for the second time this month, leaked data belonging to Washington-based domain name registrar and web hosting service Epik. The size of the second set: more than 300GB - double the amount in the first leak.
A bipartisan effort to implement cybersecurity incident reporting and the tracking of ransomware payments has been introduced by leaders of the Senate Homeland Security and Governmental Affairs Committee. While it differs from legislation introduced in July, lawmakers hope to reconcile the bills.
Researchers at the University of Birmingham and University of Surrey say they have uncovered a vulnerability in the Apple Pay-Visa setup that could allow hackers to bypass iPhone’s Apple Pay lock screen, perform contactless payments and skirt transaction limits.
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
Cybersecurity vendor VMware has published a security advisory detailing 19 vulnerabilities affecting its vCenter server and Cloud Foundation products and has released fixes for all of them. One of the flaws has a high CVSS of 9.8, and CISA is warning of its "widespread exploitation."
The pandemic and the rise in cyberattacks has put CISOs in a new spot, says Amit Dhawan, CISO and DPO at Birlasoft. He discusses why it's critical for them to understand business risks.
Microsoft has indicated it will make changes to reduce the risk around what a security vendor says is a vulnerability that lets attackers run brute-force credential attacks against Azure Active Directory. The issue was reported to Microsoft in June by SecureWorks' Counter Threat Unit.
The founder of Group-IB, one of Russia's largest cybersecurity companies, has been detained on state treason charges and will be held in custody for two months, with alleged crimes punishable by up to 20 years in prison, according to wire reports.
A Philadelphia-based mental health services provider has begun to notify tens of thousands of individuals that their health and personal information was potentially viewed or stolen by hackers in a data security incident discovered more than six months ago.
Trust but verify, privilege access and continuous monitoring with an "assume breach" mindset are the principles an enterprise must follow to begin its "zero trust" journey, says Terence Gomes, country head of Microsoft Security India.
In a bid to address security risks associated with the use of virtual private network solutions, the National Security Agency and the Cybersecurity and Infrastructure Security Agency on Tuesday offered government leaders guidance on selecting remote access VPNs and strengthening their security.
You can't decrease the motivation of ransomware attackers. But you can curb their success by bolstering your own enterprise's approach to access, credentials and privileges. Morey Haber and James Maude of BeyondTrust share insights on ransomware defense.
Cybersecurity and computer science experts testifying before Congress on Tuesday expressed concerns about their inability to access key social media data sets that could allow them to analyze and potentially counter the spread of misinformation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.