The most significant component of President Biden's recently released executive order on cybersecurity is its call for the creation of software life cycle security standards, says Adam Isles, former deputy chief of staff at the U.S. Department of Homeland Security, who offers a complete assessment.
Hackers are exploiting a critical zero-day flaw in the WordPress plug-in Fancy Product Designer, which allows remote code execution, the Wordfence Threat Intelligence team at Defiant Inc. says. Because a patch has not yet been released, the team urges users to immediately uninstall the vulnerable plug-in.
Vulnerabilities in some antivirus software could have enabled attackers to install malware and deactivate anti-ransomware protection to take over software controls, academic researchers say.
Former customers of the now-defunct encrypted communications service EncroChat, which was infiltrated by police last year, continue to get busted, including members of a crime syndicate that operated "an industrial-scale cocaine laboratory" in the Netherlands, Europol says.
The Department of Justice announced Tuesday that it has seized two domains that were used during a recent phishing campaign that targeted a marketing firm used by the U.S. Agency for International Development - USAID - to send malicious messages to thousands of potential victims.
Retrieving data from a mobile device is complicated technically and legally. How does one navigate the shoals of legal precedent and privacy law? Brian Feucht of Unique Wire discusses the state of the art of digital forensics.
The world's largest meat supplier, JBS, says an "organized cybersecurity attack" has led it to shut down servers in North America and Australia. Experts say a prolonged outage could have a noticeable impact on the global supply of meat. The company has yet to disclose if the attack involved ransomware.
Phishing, ransomware and unauthorized access continue to be the leading cyber causes of violations of data protection rules and personal data breaches, Britain's privacy watchdog reports. U.K. authorities say that breach reporting to regulators and law enforcement agencies remains relatively steady.
SmiNet, Sweden’s infectious diseases database, was temporarily shut down last week by the country’s public health agency, Folkhälsomyndigheten, following several attempted cyber intrusions. The shutdown interrupted the reporting of COVID-19 statistics.
As more cities see their police departments targeted with ransomware attacks, some analysts are voicing concerns that the attacks, which could lead to inaccessible systems and potentially compromised evidence, could impede criminal prosecutions.
The European Union on Wednesday will announce plans to roll out a digital wallet app later this year that will enable citizens to securely access a range of private and public services, such as paying utility bills, with a single online ID, the Financial Times reports.
Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access memory areas, enabling them to read sensitive data and use it to launch further attacks.
Russian national Aleksandr Zhukov has been convicted by a U.S. federal jury of four charges - including wire fraud and money laundering - as part of the so-called Methbot scheme, which prosecutors say led to $7 million in digital advertising fraud.
A newly uncovered ransomware variant dubbed 'Epsilon Red' is targeting organizations in the U.S. hospitality sector, with the threat actor successfully extorting $210,000 from one of its victims, a new report by security firm Sophos notes.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.