As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and CISOs about the seriousness of these threats and what organizations can do to mitigate the risks.
Ditch the old “castle-and-moat” methods. Instead, focus on critical access points and assets, making sure each individual point is protected from a potential breach.
A group of fraudsters made more than $1.6 million in a massive scam using fake cryptocurrency giveaway YouTube streams attracting more than 165,000 viewers. The campaign also exploited the names of Vitalik Buterin, Elon Musk, Michael Saylor and other crypto enthusiasts.
Five recently reported data breaches involving cyberattacks on a variety of different types of healthcare sector entities have affected a total of more than 1.2 million individuals. Experts say the incidents highlight the intensifying threat landscape in the sector.
A proposed rule requiring publicly traded companies to disclose a breach within four days of deeming it material will force CISOs to determine the consequences of breaches sooner. CISOs will need to have board-level conversations within a day or two of discovering an issue to assess materiality.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
APT-C-23, a politically motivated, Hamas-linked threat actor, is using fake Facebook profiles to trick high-ranking Israeli officials into downloading previously undocumented Trojanized Android and PC direct message applications that grant them access to the victims' devices.
A week after the Spring4shell vulnerability was first detected, security companies Microsoft, Check Point and Akamai have identified exploitation attempts, and Trend Micro has confirmed the first successful attempt - the Mirai botnet leveraging CVE-2022-22965 for its malicious operations.
David Pollino, former CISO of PNC Bank, joins two editors at ISMG to discuss what organizations can do to harden their cybersecurity defenses, how we need to think about our adversaries differently in today's threat landscape and how the "Great Resignation" is affecting cybersecurity.
Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.
Investment platform Cash App, a subsidiary of U.S.-based payments company Block, says it has been breached. The incident happened last year when a former employee downloaded reports containing Cash App U.S. customer information, including full names, brokerage account numbers and portfolio values.
In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
The Justice Department has announced that it has successfully disrupted "Cyclops Blink," a botnet controlled by the Russia-linked threat actor Sandworm, aka Voodoo Bear. The court-authorized operation was conducted in March and removed the botnet from thousands of infected devices worldwide.
Chinese state-backed threat actor Cicada, aka APT10, is attacking global organizations in what appears to be a monthslong espionage campaign. On its radar are government, legal, religious and nongovernmental organizations in Europe, Asia and North America, the Symantec Threat Hunter team says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.