In the latest weekly update, four ISMG editors discuss the breach of customer engagement platform Twilio, a cyberattack on the U.K.'s NHS that has reignited concerns about supply chain security in the healthcare sector, and the U.S. Treasury clamping down on shady cryptocurrency mixers.
Cyber insurance can defray costs associated with data breaches and ransomware attacks. But Kelly Butler of the advisory firm Marsh & McLennan Companies says insurers are tightening their requirements for policies due to rising costs associated with increasingly severe incidents.
Cisco says it fell victim to a successful hack attack and data breach in May. While an attacker wielding Yanluowang ransomware claimed to have exfiltrated data and crypto-locked systems, Cisco says nothing sensitive was stolen and no systems were infected by ransomware.
ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.
With attack surface sprawl and growing numbers of vulnerabilities to address, security and IT teams are increasingly challenged to meet remediation targets. To overcome this problem, teams need an automated way of identifying and correlating the highest risk vulnerabilities with the right remediation steps.
For...
Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through its bug bounty program in January.
As ransomware attacks continue to pummel organizations, Rapid7 Chief Scientist Raj Samani says victims must identify how the attacker broke in and if they've given themselves persistent ways to regain access. Otherwise, he says, "They'll hit you again and again."
Researchers from cybersecurity firm Mandiant say they've discovered a network of inauthentic news sites transmitting Chinese propaganda apparently all under the control of Shanghai Haixun Technology Co., a Chinese PR firm that advertises "positive energy packages."
What should a good incident response plan contain, and how must enterprises decide on their risk appetite for a good IR program? Two experts - Md. Sanowar Hossain and retired Lt. Col. Dr Santosh Khadsare - discuss how to design an incident response plan.
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
While reports of big health data compromises involving unencrypted computers have been sinking for years, the recent theft of an iPad from a locked storage room - along with the tablet's password - is a reminder that mobile device mishaps can lead to breaches affecting tens of thousands of patients.
An Indian consumer financial company reported a cybersecurity incident to authorities, saying that an initial review found "no significant customer data exposed." PB Fintech reported the findings to the country's stock exchanges, National Stock Exchange and BSE Limited.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
The basic foundation of designing a reliable and dynamic cyber resilience program is to have an elaborate incident response plan that can take into account different cyberthreat scenarios and outcomes, says Singapore-based Christophe Barel, who is managing director for Asia-Pacific at FS-ISAC.
Ransomware operators, crypto miners and initial access brokers are increasingly targeting the same networks for compromise, creating a new set of challenges for defenders. Sophos has brought together three teams of cybersecurity experts to help businesses defend against changing threats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.
