Citing a lack of coordination and transparency, U.S. Sens. Mark Warner and Marco Rubio of the Intelligence Committee are urging the four federal agencies investigating the cyberattack that targeted SolarWinds and other organizations to designate a leader for their investigative efforts.
Microsoft has finally pushed out the second half of the software patch for the "Zerologon" privilege escalation vulnerability in the Windows Netlogon Remote Protocol more than five months after the first half of the patch was issued.
The developers of LodaRAT malware, which has previously only targeted Windows devices, have developed a new variant, Loda4Android, that targets Android devices, according to Cisco Talos.
As the investigation into the hacking of a water treatment facility in Florida continues, cybersecurity experts say the incident points to the urgent need to enhance operational technology security. Here are five key questions the incident raises.
Good news in the fight to prevent COVID-19 infections: Researchers report that a digital contact-tracing app rolled out in England and Wales that's designed to keep users' data private and secure is helping to blunt the spread of the pandemic. They urge continuing global uptake of such apps.
Three CISOs offer real-world insights on addressing the challenges involved in implementing a "zero trust" framework to enhance security in an era when so many remote employees are accessing applications and data in the cloud as well as within internal networks.
A finalized Federal Trade Commission settlement specifies security improvements that SkyMed, a company that provides medical emergency travel services, must implement following the leaking of 130,000 membership records.
In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.
After being hit by SolarWinds hackers, the Administrative Office of the U.S. Courts instructed the nation's district courts to restrict the filing of sensitive information to hard copy or "secure electronic devices." But will this defense create an even bigger bureaucratic fallout than the attack itself?
Microsoft's security team says the company's Office 365 suite of products did not serve as an initial entry point for the hackers who waged the SolarWinds supply chain attack. And SolarWinds' CEO says that no Office 365 vulnerability has been identified that would have opened the door to the attack.
French security vendor Stormshield has launched an investigation after an internal review found that hackers accessed the source code of the company's network security product. The company is a supplier of cybersecurity technology to the French government.
Darknet markets just had their best year ever, led by Hydra, which accounted for 75% of the $1.7 billion in 2020 revenue such markets generated, Chainalysis reports. One key to Hydra's success is the Russian-language marketplace's constant innovation.
Maze was one of the most notorious and successful ransomware operations of recent years until its apparent "retirement" and handover to Egregor in November 2020. Some rivals have suggested both groups have ties to the Russian government. But is that just sour grapes, or even simply an attempted scam?
The operators behind the Trickbot malware are deploying a new reconnaissance tool dubbed "Masrv" to exfiltrate additional data from targeted networks, according to a Kryptos Logic report. Other researchers have noticed increases in the botnet's activity over the last month.
The sentencing this week of a medical researcher who pleaded guilty in a federal case involving conspiracy to steal trade secrets from a children’s hospital and sell them to China spotlights the growing risks to medical intellectual property posed by insiders.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.