The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
Vulnerabilities in the Cisco ASA and Cisco FTD firewalls can lead to a denial of service attack, says Positive Technologies researcher Nikita Abramov. There is no workaround that addresses these vulnerabilities, but Cisco has released software updates and asks users to install them immediately.
The U.S. government warns all businesses that they're at elevated risk of online attacks during Thanksgiving, given attackers' proclivity to strike on weekends and holidays. The alert is a reminder of the importance of having in place well-practiced incident response plans. Here's where to start.
A new report by Huawei Technologies USA and Reuters calls for greater international collaboration around transparency and cyber accountability. "Just having requirements isn't good enough. There needs to be an ability to tell whether or not the requirements are being met," says CSO Andy Purdy.
Web hosting giant GoDaddy confirms that a data breach which affected about 1.2 million of its active and inactive Managed WordPress customers, has also hit Managed WordPress users tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe.
More than $12 billion has been lost in decentralized finance, or DeFi, applications in 2021 - $10.8 billion of which is attributed to fraud and theft, a 600% increase from 2020, according to a new report from blockchain analytics firm Elliptic.
Reports of NHS data being exposed following a ransomware attack on U.K.-based data capture and storage company Stor-a-File are incorrect, an NHS Digital spokesperson tells ISMG. "Most NHS data was held offline and not affected in the Stor-a-File hack."
Researchers have uncovered an ongoing spear-phishing campaign using short-lived Glitch apps that host credential-harvesting URLs and reportedly are able to bypass any defensive tooling. These apps host a SharePoint phishing page containing obfuscated JavaScript designed to harvest credentials.
A recent hack of a Utah medical radiology group's network server has compromised sensitive health information of more than a half-million individuals, ranking the incident among the 20 largest health data breaches posted on the federal tally so far this year. What are the risks to patients?
"Garbage in, garbage out." That's a fundamental problem with traditional application security management, which lacks both context and automation. But Idan Plotnik, co-founder and CEO of Apiiro, proposes a new approach to application risk management.
Whether on-premises or in the cloud, secure backups are a necessity. Sam Nicholls and David Hill of Veeam Software discuss backups, the shared responsibility model and IAM considerations for enterprises during their cloud migrations.
U.S. federal banking regulators have approved a new rule that will require banks to notify regulators no later than 36 hours after the organization determines it has suffered a qualifying "computer-security incident," the nation's top financial agencies announced this week.
Federal regulators and Philips issued advisories pertaining to several security vulnerabilities in certain patient monitoring and medical device interface products from the manufacturer. Exploitation could allow attackers to access patient data, launch denial of service attacks and more, they warn.
Cyberattacks perpetrated by criminally or financially motivated bad actors in New Zealand have nearly doubled from 14% in 2019-20 to 27% over the past year, according to a cyberthreat report from the country's National Cyber Security Center.
North Korea-associated advanced persistent threat group TA406, aka Kimsuky or Thallium, has ramped up its cyberespionage operations in 2021, targeting diplomats and policy experts across Asia, the U.K. and the U.S., researchers say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.