This week, Bitsight found a lot of internet-exposed industrial control systems, Apple issued new patches, Sony confirmed a data breach, Google and Yahoo tackled spam, Qualcomm patched three zero-days, Cisco revealed zero-day exploits in VPN, and the FBI warned of twin attacks.
Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S. Department of Justice's case against him.
Eric Eddy, principal technical marketing engineer at Cisco, discusses critical aspects of user-centric security. From alleviating the security burden on users to the role of zero trust in granting access, Eric provides actionable insights for achieving a seamless and robust security posture.
A clutch of vulnerabilities in an open-source tool used by major corporations to scale up machine learning models could lead to remote takeover, says a cybersecurity firm in a warning downplayed by Meta, which co-manages the open-source project.
Atos snagged the longtime European CEO of Accenture Technology to lead its soon-to-be-independent $5.76 billion cybersecurity, big data and digital unit. Yves Bernaert, 55, will split Atos' infrastructure and data management and business and platform solutions unit from its high-growth Eviden unit.
More than four dozen cybersecurity mavens say a proposed European Union mandate for software publishers to inform the trading bloc's cybersecurity agency of zero-day exploits within 24 hours of their discovery risks harming cybersecurity efforts.
Okta bought a password manager founded by a former Google engineer and backed by Andreessen Horowitz to get a foothold in the consumer identity market. Okta was impressed by Uno's experience in building consumer-first, design-focused and easy-to-use password management and personal identity tools.
Hacktivists who hit healthcare or otherwise target civilians are violating international humanitarian law, warns the International Committee of the Red Cross. As many self-proclaimed hacktivists appear to be Russian government cutouts, will legal threats make them rethink their life choices?
Palo Alto Networks remains a leader in Forrester's zero trust platform rankings while Microsoft and Check Point entered the leaders category for the first time. Vendors in the zero trust platform space ditched point products and pursued organic investments or M&A to create a broader offering.
Discover the crucial insights and predictions from experienced hackers about the intersection of Generative AI and cybersecurity, including emerging risks, vulnerabilities, and innovative approaches to safeguarding data and systems in this brave new world.
UNC3944 and BlackCat have taken over the headlines with a new wave of high-profile ransomware attacks on casinos and other industries, continuing an upward trend of damaging attacks impacting global organizations.
The private equity arm of former Secretary of Homeland Security Michael Chertoff's advisory firm agreed to purchase MDR vendor Trustwave for $205 million. The deal will allow Singtel to refocus its business in APAC and boost shareholder value by optimizing resource allocation.
Large enterprises, including government and educational organizations, are being warned to immediately update their WS_FTP Server, built by Progress Software, to fix serious flaws being actively exploited by attackers. Secure file transfer software remains a top target, especially for extortionists.
Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero-day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.
In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might affect the cybersecurity industry.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.