CISA, the FBI, the NSA and several of their international law enforcement partners have issued a joint advisory on the known vulnerabilities in the Apache Log4j software library urging "any organization using products with Log4j to mitigate and patch immediately."
An authentication bypass vulnerability in Zoho's widely used unified endpoint management tool, ManageEngine Desktop Central, is being used by advanced persistent threat actors to gain remote access permissions, the FBI says.
A week after announcing a new bug bounty program called "Hack DHS," U.S. Department of Homeland Security Secretary Alejandro Mayorkas announced that DHS is expanding the scope of the program to include finding and patching Log4j-related vulnerabilities in the systems.
Sainsbury's, the U.K.’s second-largest chain of supermarkets, confirms that it suffered an outage in its payroll system caused by a cyberattack affecting its cloud-based payroll service supplier - the U.S.-based multinational firm Ultimate Kronos Group, which was hit by a cyberattack last week.
DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, quarantine suspicious emails, and reject unauthorized emails. But less than 30% of organizations are actually using them. And even fewer...
Personal information and records of 13 million people held by some of Britain's police forces reportedly has been stolen by Russian hackers. The Daily Mail Online reports that the cybercriminal gang Clop has released some of the data on the dark web after successfully breaching a Scotland-based managed service...
The spyware of sanctioned Israeli firm NSO Group was reportedly detected on the smartphones of high-profile Polish figures associated with the nation's opposition party. And the spyware has also reportedly been tied to the phone of Hanan Elatr, wife of the late journalist Jamal Khashoggi.
A Kentucky-based medical specialty practice is notifying nearly 107,000 individuals that their information was potentially compromised in a recent email hack. Meanwhile, a Missouri medical center is still dealing with a phone and IT systems outage that started last week.
The Log4j vulnerability has underscored once again the widespread dependence on open-source software projects and the lurking risks. Patrick Dwyer of OWASP says such projects deserve more resources to avoid major security vulnerabilities.
The Belgian Ministry of Defense, which is responsible for national defense and the Belgian military, announced on Monday that it has fallen victim to a cyberattack officials say relates to the widespread Apache Log4j vulnerability. The attack "paralyzed the ministry's activities for several days."
The banking and financial services sector is the single most important target for cybercriminals. Banks and financial institutions safeguard incredibly sensitive data of users and employees alike, and data breaches can be costly both in terms of leaked data and financial penalties incurred. Cybercriminals constantly...
The Chinese state-sponsored threat group Tropic Trooper has resurfaced as Earth Centaur and is targeting the transportation industry and government agencies associated with that sector, according to new research from cybersecurity firm Trend Micro.
An Indian joint parliamentary committee has reintroduced set penalties for data violations after yielding to opposition demands. Some cyber law experts still believe it is unlikely organizations will be heavily penalized owing to deficiencies in the country's legal procedures.
As the final days of 2021 near, healthcare entities in and outside the U.S. continue to deal with systems disruptions and major data breaches involving ransomware and other cyberattacks. The latest includes a hospital for women and infants in Ireland and a large specialty medical practice in Texas.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.