A hacking campaign that exploited Ivanti mobile device manager to target the Norwegian government began in April or possibly earlier, say cybersecurity agencies from the U.S. and Norway. Mobile device management systems are "attractive targets for threat actors," the alert warns.
The ongoing rise in open source vulnerabilities and software supply chain attacks poses a growing threat to businesses, which heavily rely on applications for success. Between 70 and 90 percent of organizations’ code base is open source, while vulnerabilities such as Log4j have significantly exposed organizations...
ISMG's Healthcare Security Summit 2023, held in New York City on July 18, brought together leaders from the cybersecurity and healthcare industries to engage in a dynamic exchange of ideas and address pressing challenges faced by the healthcare community.
Why are so many fresh zero-day vulnerabilities being exploited in the wild? Google reported that attackers often discover variants of previously exploited flaws, which suggests that vendors aren't doing enough to fix the root cause of flaws - or to avoid introducing fresh ones with their fixes.
The latest generation of ransomware and phishing attacks is being designed to evade existing network security controls such as gateways and firewalls, said Menlo Security CEO Amir Ben-Efraim. Threat actors have taken the time to codify, register and customize URLs to impersonate a bank's help desk.
Application journeys are fluid in practice because applications can live anywhere. Complex deployments with too many tools to configure and manage and overwhelmed IT teams lead to mistakes, so organizations should take a cybersecurity mesh platform approach to securing their application journeys.
Is the Akira ransomware story coming to an end? Security researchers say the group was competing in a competition designed by Royal to give it a new cryptolocker - but lost. Even with a free decryptor now available for Akira victims, however, it's too soon to say if the group might be doomed.
Toronto, Canada-based CardioComm Solutions Inc., which sells cardiac monitoring and electrocardiogram software globally, said it is dealing with a cyberattack that could affect the company's business operations "for days and potentially longer."
Post-COVID and digital transformation, consumer expectations are forever changed when it comes to healthcare delivery. The challenge now: how to raise the security bar. Elizabeth A. Sexton of Adobe talks about how to secure the new healthcare consumer experience.
A startup founded by two Israel Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced negotiations to purchase Silicon Valley-based application security posture management vendor Bionic.
Thales has agreed to purchase Imperva for $3.6 billion to enter the application and API security market and expand its footprint in data security. The deal will add a robust web application firewall along with capabilities in API protection and data discovery and classification to Thales' portfolio.
While patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate the serious business risks involving other poorly secured IoT and OT gear used in healthcare settings, said Mohammad Waqas of Armis.
In the latest weekly update, ISMG editors discuss key takeaways from ISMG's recent Healthcare Summit, how the healthcare sector is embracing generative AI tools, and why Microsoft just decided to give all customers access to expanded logging capabilities.
Modern construction techniques are employing a wide range of smart devices to control the environment, facilitate communications and save money. Virtually Informed CTO Sarb Sembhi shared a new report on IoT security for smart buildings with advice on complying with current and upcoming regulations.
While self-proclaimed Russian hacktivist groups such as KillNet, Tesla Botnet and Anonymous Russia claim they're wreaking havoc on anti-Moscow targets, a fresh analysis of their attacks finds that despite rampant self-promotion, their real-world cybersecurity impact is typically negligible.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.