Multiple new attacks exploiting the explosive Apache Log4j vulnerabilities have been uncovered, including a newly discovered JavaScript WebSocket attack, threat actors injecting Monero miners via Remote Method Invocation and the comeback of an old and relatively inactive ransomware family.
Healthcare sector entities, like organizations across most industries, are being warned by authorities to carefully assess how the recently identified remote code execution vulnerability in the Apache Log4j Java logging library might affect their environments. What steps should they take?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including mitigating the Apache Log4j zero-day vulnerability, findings from a new report analyzing the Conti ransomware attack on Ireland's Health Services Executive and President Biden's drive to...
Sherry Lowe, who has been in senior leadership in the marketing space for over a decade, focuses on not letting metrics kill marketing. She discusses injecting more creativity into cybersecurity marketing strategy and standing out in a market full of look-alikes.
The latest edition of the ISMG Security Report features an analysis of the Log4j security flaw, including the risks and mitigation techniques, how to patch Log4j, and CISO Dawn Cappelli on Log4j response.
The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
The effort and cost involved in staying safe in this environment is driving many organizations to work with IT and managed security service providers (MSSPs).
From the rain forest of northern Brazil to the business hub of Sao Paulo, Marco Túlio has built an impressive career in cybersecurity. He discusses the opportunity and challenge of enabling people to step up, succeed and eventually rise to be leaders in their own right.
The new U.K cyber strategy calls for a balanced partnership across the public, private and third sectors. The government is to provide a 2.6 billion-pound investment in a more proactive approach to fostering and protecting the U.K.’s competitive advantage critical cyber technologies.
A New Jersey cancer treatment center and two of its affiliated entities have agreed to pay $425,000 and to bolster data security and privacy practices in a settlement with state regulators in the wake of two related 2019 data breaches.
Attackers tied to China, Iran, North Korea and Turkey have been targeting or testing exploits of the ubiquitous Apache Log4j vulnerability. Vendors are rushing to identify and patch supported software and hardware as cybersecurity agencies urge organizations to mitigate the threat and beware exploit attempts.
It’s no secret that the recent large-scale ransomware attacks are a call to action for greater federal cybersecurity regulations. As it stands, security policies are not mandated and are largely a voluntary mechanism. But it has become apparent that at-will standards are not getting the job done. According to a...
The must-pass annual defense spending bill, authorizing nearly $770 billion in funding for the Pentagon, passed the Senate in a bipartisan vote on Wednesday, with several cybersecurity provisions, including measures to "empower and expand" CISA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.