Rockwell Automation teamed-up with CISA to find two critical flaws that require immediate attention, citing a novel exploit capability attributed to advanced persistent threat actors known for targeting industrial systems and critical infrastructure.
Threat actors are using dedicated mobile Android OS device spoofing tools to defraud customers of online banking, payment systems, advertising networks and online marketplaces globally. Resecurity observed cybercriminals using spoofing tools to exploit stolen cookies and access victims' systems.
Security appliance manufacturers SonicWall and Fortinet fixed multiple critically rated vulnerabilities in their network security products this week. The fixes include authentication bypass flaws that could result in exposure of sensitive information. Regulators urge users to patch soon.
Plaintiffs filed the first of what will likely be many more proposed class action lawsuits against HCA Healthcare just two days after the hospital chain publicly disclosed a hacking incident involving the posting of information for potentially 11 million patients on a dark web forum.
The Biden administration has released an implementation plan for the long-awaited national cybersecurity strategy it published in March, assigning deadlines and responsibilities for federal agencies across 65 different federal initiatives. Parts of the plan face an uphill battle.
Between July 6 and 13, Multichain saw unauthorized outflow of $125 million, the DOJ announced its first DeFi smart contract-focused indictment, Silk Road boss Ross Ulbricht's aide and two others were sentenced, and the FTC and SEC turned up the heat on Celsius.
Supply chain attacks, such as the MOVEit data breach that has affected more than 150 organizations, are "the nature of the landscape now," said security leader Ian Hill of Upp Corp. The answer to this scourge may be using generative AI to qualify partners and to analyze and score supply chain risk.
Apart from some of the threats surrounding AI, this emerging technology can help defenders formulate effective policies and controls to prevent and mitigate BEC scams. With the evolving threat landscape, harnessing AI becomes crucial in defending, said Johan Dreyer, CTO at Mimecast.
API security platforms have become an essential part of any organization's cybersecurity strategy, but with so many options available, it can be difficult to know how to choose the right one. In this article, we'll discuss how to evaluate API security platforms and what factors to consider.
Cryptocurrency is the lifeblood of ransomware gangs, and their illicit use of crypto could hit record numbers this year. While overall crypto proceeds, including from crimes such as scams, fell dramatically over the past year, ransomware funds are expected to hit $899 million in 2023.
Russia is mulling a ban on iPhone use by government employees after a suspected American intelligence campaign exploited vulnerabilities in the device to spy on Russian staff. The ban is the latest in a slew of similar measures taken by Moscow against Western tech devices.
Security experts say China-based hackers are "leading their peers in the deployment of zero-days" in the wake of another wide-ranging attack that abused a flaw in Microsoft Outlook and used forged authentication tokens to access email accounts of governments in the United States and Western Europe.
British prosecutors have accused two teenagers of several high-profile hacks while being part of the now-inactive, teenager-dominated Lapsus$ hacking group, clearing the way for their legal prosecution. The two suspects face charges related to blackmail, fraud and Computer Misuse Act violations.
Orca has accused cloud security rival Wiz of violating two patents associated with securing virtual machines and virtual cloud assets at rest against cyberthreats. Orca's complaint accused Wiz of patent infringement across its portfolio, including in its CNAPP, CSPM, CIEM, DSPM, IaC and CDR tools.
TikTok executives were unable to answer Liberal senator and chair of the committee James Paterson when he questioned them on how many times Australian user data had been accessed by TikTok staff in China, but the executives admitted it had happened.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.