New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm bracket f.
Obsidian Security has closed a Series C funding round to prevent session hijacking on more platforms and increase the number of SaaS applications being defended. Obsidian wants to go from protecting 25 major SaaS applications today to safeguarding hundreds of SaaS applications in a year or two.
Ronin Network, which powers the popular NFT game Axie Infinity, announced it had been the victim of a security breach that amounted to about $615 million in stolen funds. The company tweeted that the attacker's wallet had been connected to Binance and that an investigation is currently underway.
A lawsuit filed alleges, among other claims, that respiratory care provider SuperCare Health Inc. was negligent in failing to protect sensitive health information from a 2021 hacking incident affecting more than 300,000 patients. Experts say the litigation follows an increasingly familiar trend.
Researchers discovered a new social engineering-heavy malware campaign focused on defrauding employees in West Africa's banking sector. Although this campaign is not exactly new, it shows a detailed account of what social engineering looks like, according to cybersecurity veteran Tari Schreider.
Microsoft says it has seized control of 65 domains that the ZLoader gang has been using to grow, control and communicate with its botnet. ZLoader, a descendant of the ubiquitous Zeus banking malware, is run by a global, internet-based, organized crime gang operating malware as a service.
U.S. government agencies, including the Department of Energy, CISA, the NSA and the FBI issued a joint cybersecurity advisory about advanced persistent threat actors using new tools and malwares to target industrial control systems and supervisory control and data acquisition devices.
Accenture's new ransomware report reveals key challenges in executing an effective communications plan. Robert Boyce, managing director of global cyber response, discusses why existing recovery strategies aren't enough and offers practical steps for managing a ransomware response.
The latest edition of the ISMG Security Report analyzes the latest cyberthreats to the energy sector as Russia's invasion of Ukraine continues. It also examines best practices for Customer Identity and Access Management and how healthcare institutions can sharpen their defense strategies.
A week after Microsoft announced the Windows Autopatch feature and declared that, come July, the tradition of Patch Tuesday will end, it's Patch Tuesday again, and the company has issued more than 100 security fixes for software that resolve critical issues, including two zero-day vulnerabilities.
Researchers say five critical vulnerabilities in certain mobile hospital robots - if exploited - could allow hackers to interfere with delivery of medication and supplies, elevator operation and patient privacy. Some experts say the situation is a reminder of commonly overlooked IoT device risks.
A yearlong joint operation by law enforcement agencies across several countries led to the shuttering of darknet marketplace RaidForums and the seizure of three domains hosting the website. Its 21-year-old alleged founder and two unidentified co-conspirators have also been arrested.
KKR plans to buy Barracuda Networks to support growth in managed detection and response, extended detection and response, and secure access service edge. KKR plans to provide resources and expertise to fuel Barracuda's growth past the $500 million sales figure it hit under Thoma Bravo's ownership.
A breach involving the compromise of a single user's email account at an Illinois-based multispecialty clinic has affected nearly 503,000 individuals - one of the largest breaches reported so far this year to federal regulator. How can other entities avoid similar email security incidents?
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and Eset, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.