Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
Ransomware groups continue to target critical infrastructure sectors internationally. An FBI alert says that ransomware group RagnarLocker has targeted 52 entities across 10 critical infrastructure sectors, while Romania's premier petrol supplier, Rompetrol, has reportedly been hit by Hive.
Studying software engineering practices from 100,000 production applications and 4,000,000 open source component migrations, Sonatype uncovered eye-opening behaviors in modern software development, including a surprising trend that nearly 70% of dependency management decisions are suboptimal.
Understanding these...
Studying software engineering practices from 100,000 production applications and 4,000,000 open source component migrations, Sonatype uncovered eye-opening behaviors in modern software development, including a surprising trend that nearly 70% of dependency management decisions are suboptimal.
Understanding these...
As Third-Party Cyber Risk Management (TPCRM) evolves, organizations are finding themselves in the precarious position of knowing that their third parties bring with them an increased level of risk, while being unsure if their current methods of managing third-party cyber risk are sufficient–or even...
Guidance from the Healthcare Sector Coordinating Council provides healthcare delivery organizations and vendors with recommendations for including cybersecurity in contracts pertaining to the procurement of medical device products and related services.
Every business depends on suppliers such as vendors, partners, and service providers to help run their day-to-day operations. Their usefulness is unquestionable, but do you keep up to date with their security practices and policies? These days suppliers can become the targets of cyber-attacks, and these attacks can...
The federal agency enforcing HIPAA is urging covered entities and business associates to sharpen their focus on protecting their organizations against cyberattacks. The agency has also laid out a list of priorities for rule-making, enforcement and other activities in 2022.
The Lapsus$ ransomware group says it has released some of the data trove stolen from chipmaker Nvidia. Leaked data contains proprietary source code, drivers and documentation on Nvidia's Falcon and LHR products. Experts discuss the impact on Nvidia, the stolen data's worth and remediation measures.
Toyota Motor Corp. reportedly decided to suspend all operations starting Tuesday because of a suspected cyberattack on Kojima Industries, its manufacturing partner. The suspension means the company’s output will be down by around 10,000 cars, according to a report from media agency Nikkei Asia.
An advanced persistent threat campaign named TiltedTemple is now using a sophisticated tool called SockDetour for maintaining persistence and targeting U.S. defense contractors, according to researchers at Unit 42.
As the Russian invasion of Ukraine escalates, organizations in the U.S. and Western Europe wonder: What is the potential blowback if the U.S. strikes back at Russia? Sam Curry, veteran CSO of Cybereason, reviews the possibilities and advises about how best to approach risk and preparedness.
As Russia has invaded Ukraine, the likelihood of nation-state cyberattacks continue to escalate, and banks remain a top target. On this week's "Sound Off," David Pollino, the former CISO of PNC Bank, discusses how financial institutions should - and must - strengthen their incident response plans.
As fresh wiper malware attacks target Ukrainian government and financial services organizations and contractors, security experts are urging organizations outside the country to avoid catastrophizing and stay focused on maintaining basic, essential cybersecurity defenses.
Technology giant ASUS subsidiary Asustor, which specializes in network-attached storage devices, on Friday issued updated guidelines on eliminating the Deadbolt ransomware strain from its NAS devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.