Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through their bug bounty program in January.
Accused cryptocurrency money launder Alexander Vinnik made his first appearance in U.S. federal court today. The Russian national faces 55 years imprisonment for his alleged involvement in laundering hacking proceeds through bitcoin on the BTC-e cryptocurrency exchange.
The Federal Financial Institutions Examination Council is asking for comments regarding the Cybersecurity Assessment Tool, the ostensibly voluntary way for banks and credit unions to self-assess exposure to risk and the maturity of their cybersecurity.
The U.K.'s National Health Service is experiencing IT outages resulting from a cyberattack on a third-party vendor. Birmingham-based technology provider Advanced's Adastra system supplies digital services for urgent healthcare services number 111.
Federal authorities, in two separate advisories issued Thursday, urge healthcare sector entities to proactively address security risks from internet of things devices equipped with sensors, software and other technologies to connect and exchange data over the internet and from open web applications.
An unnamed Eastern Europe company became a victim of that continent's largest-ever distributed denial-of-service attack, says Akamai. The report comes in a season with a record-breaking volume of DDoS attacks, fueled greatly by geopolitical events led by Russia's invasion of Ukraine.
Ivan Milenkovic became the group information security director of Webhelp in January 2020. Six weeks later, the pandemic changed everything. Today, Webhelp is twice the size it was in 2020, and Milenkovic discusses the cybersecurity challenges his team has overcome to support that growth.
The hackers who stole $190 million from cross-chain bridge Nomad stand to keep up to 10% of the loot and escape civil liability and criminal prosecution. The only caveat: They must return the rest of the money. Then, the firm says, it will label them as white hats and won't pursue legal action.
In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.
Is a practicing cardiologist living in Venezuela also a ransomware mastermind? U.S. prosecutors claim Moises Luis Zagala Gonzalez is a cybercriminal polymath. But Zagala's wife says he is innocent and there's a reason for his predicament. "The Ransomware Files" podcast looks at the evidence.
The impending recession should accelerate cloud adoption as firms look to reduce infrastructure costs, but these moves will introduce a new set of security challenges. Arctic Wolf Chief Product Officer Dan Schiappa predicts many companies will start building security into their applications sooner.
Increased collaboration between the public and private sectors hasn't slowed the increased frequency and ease of ransomware intrusions, but efforts to change the financial incentives of ransomware are having "a pretty good effect," says Marc Rogers, vice president of cybersecurity strategy at Okta.
The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.
The government of India withdrew a long-anticipated personal data protection bill from Parliament. The government of Prime Minister Narendra Modi vowed to instead introduce a comprehensive framework of global standard laws including digital privacy laws
An Indiana-based neurology practice is notifying nearly 363,000 individuals that their sensitive information was compromised in a recent ransomware attack - and that some of the data was made available on the dark web. Russian ransomware group Hive has been implicated.