Hackers who are possibly members of a criminal group affiliated with numerous ransomware-as-a-service operations are exploiting a directory traversal vulnerability in a Python library that allows unauthenticated remote attackers access to sensitive information from server files.
A Mississippi women's health clinic has filed a proposed class action lawsuit against UnitedHealth Group alleging the disruption in claims processing caused by the cyberattack on the company's Change Healthcare unit and the resulting IT outage is threatening to push the practice into bankruptcy.
If software is eating the world, cloud computing is eating infrastructure. Look no further than a push for cloud-hosted alternatives to SCADA systems. Cloud-hosted SCADA presents both opportunities and challenges for OT organizations, said the U.K. National Cyber Security Center.
Amazon Web Services hired Gee Rittenhouse to help organizations protect their data and applications in the cloud. Rittenhouse spent more than two years atop San Jose, California-based security service edge vendor Skyhigh and prior to that, more than three years leading Cisco's cybersecurity unit.
Microsegmentation is a fundamental approach to achieving a mature zero-trust-guided strategy. But before tackling the complex job of microsegmenting infrastructure, IT teams must understand the business context and criticality of the data, said Robert LaMagna-Reiter, CISO at Hudl.
What if the world had access to memory-safe hardware for both IT and operational technology environments that could outright block many types of vulnerabilities from being exploited as well as make code safer to run on legacy systems? Enter the U.K.'s Digital Security by Design initiative.
Corporate and cybersecurity leaders are starting to realize AI can be a pivotal ally in the fight against rising cyber threats. To illustrate, Microsoft Copilot for Security is already helping to streamline and enhance security operations and empower teams with AI-driven insights and efficiencies.
Today’s security tools capture a wealth of data. Yet when incidents occur, threat data from siloed platforms can take hours or days to gather, analyze and act upon. Correlating threat data takes time, as does developing the right remediation plans, stopping the attack, and sharing the results with colleagues....
Every day, cyber threats become more sophisticated, putting your organization’s data, reputation, and bottom line at risk. Microsoft Copilot for Security equips your team with the most advanced AI tools available to detect and respond to the threats faster and more accurately than ever before.
Ransomware groups hope threats are enough to sway victims so they don't have to follow through. For victims who pay ransoms, the results are almost guaranteed to be less than advertised - more akin to buying a pig in a poke than a contractual guarantee of service.
The many kinds of OT and IoT gear that are not regulated medical devices but are critical to run hospitals and other care facilities present a variety of cybersecurity and patient safety concerns, said Dr. Benoit Desjardins, professor of radiology at the University of Pennsylvania Medicine.
Facebook's attempt to navigate European privacy regulations by giving users a fee-based opt-out from behavioral advertising triggered backlash from more than a dozen European politicians who accused the social media giant of treating human rights as a commodity.
In the latest weekly update, Grant Schneider of Venable LLP joined three ISMG editors to discuss the future of U.S. federal cybersecurity and privacy legislation, AI integration and recent CISA developments - all set against a backdrop of political complexities.
The underrepresentation of women in cybersecurity is a complex issue. The reasons behind it include stereotypes and biases, educational barriers, workplace culture, and the lack of visibility and role models. We need to consider the implications and discuss potential strategies for change.
For the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed the most victims. That's not what data leak sites actually document.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.