Ransomware gang Lapsus$ has leaked credentials of 71,000 Nvidia employees on a Telegram page, Information Security Media Group has found. The data was stolen in a breach, data breach notification service Have I Been Pwned confirms.
Critical cybersecurity gaps in smart infusion pumps have put the data and care of hundreds of patients at risk, according to researchers at Unit 42 of cybersecurity firm Palo Alto Networks. They say that 75% of the 200,000 smart infusion pump networks they scanned contained known security gaps.
A previously undocumented advanced persistent threat campaign named Daxin has been found. It uses a stealthy rootkit backdoor to enable remote actors to communicate with secured devices not connected directly to the internet. Researchers say Chinese attackers used it to run an espionage campaign.
Belarus has renounced its nonnuclear status and is set to support moving the Kremlin's nuclear weapons into the country - within striking distance of Ukrainian capital Kyiv. This has sparked backlash from cyber hacktivist groups, who have now targeted and disrupted Belarus' critical services.
Since 2019, the Global Cyber Alliance has been using a custom IoT honeypot solution that identifies global attack risks and collects data about IoT attacks. Leslie Daigle discusses its findings about how threats have evolved and offers advice on how to better secure IoT devices and tech.
An advanced persistent threat campaign named TiltedTemple is now using a sophisticated tool called SockDetour for maintaining persistence and targeting U.S. defense contractors, according to researchers at Unit 42.
As the Russian invasion of Ukraine escalates, organizations in the U.S. and Western Europe wonder: What is the potential blowback if the U.S. strikes back at Russia? Sam Curry, veteran CSO of Cybereason, reviews the possibilities and advises about how best to approach risk and preparedness.
Iran-linked hacking group MuddyWater is targeting government and private sector organizations in Asia, Africa, Europe and North America as part of its cyberespionage and other malicious cyber operations, according to a joint advisory from U.S. and U.K. law enforcement and intelligence agencies.
Grant Schneider of Venable and three ISMG editors discuss preparedness, response and resilience in light of the Ukraine-Russia crisis; the White House and allies’ efforts to counter ransomware; and future guidance to expect from the Biden administration's cybersecurity executive order.
As Russia has invaded Ukraine, the likelihood of nation-state cyberattacks continue to escalate, and banks remain a top target. On this week's "Sound Off," David Pollino, the former CISO of PNC Bank, discusses how financial institutions should - and must - strengthen their incident response plans.
Russia-linked threat actor Sandworm aka Voodoo Bear has been found using a new malware, dubbed Cyclops Blink. Law enforcement and intelligence agencies in the U.S. and the U.K. have shared details of the malware, as well as the threat group's TTPs and indicators of compromise.
Security researchers have spotted a Mac coinminer using personalized open-source apps to augment its malicious routine. A departure from other malwares that use Tor, this effective malware leverages i2pd to hide its network traffic from the untrained eye.
On Feb. 13, Adobe patched a critical vulnerability that affected its Commerce and Magento platforms, which customers use to manage their businesses' e-commerce. But a proof-of-concept exploit for the latest patch has resulted in yet another out-of-band patch update from Adobe for CVE-2022-24087.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
Chip manufacturer Intel has released 22 security advisories, including seven with a high severity rating that let a privileged user enable local access to targeted devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.