This week, Japan's cybersecurity agency reportedly was breached, social media companies were urged to ward off data scraping, the NSA said it respects foreign intelligence targets, Polish authorities arrested two for hacking a rail network, and a ransomware gang used GDPR fines as scare tactics.
The shift from traditional malware-led attacks to identity-based attacks in the realm of cybersecurity has become more prominent than ever. Attackers continuously adapt their tactics, seek the path of least resistance and focus on exploiting vulnerabilities in identity-related weaknesses.
Cybersecurity doublespeak is never a good sign, especially when it comes in a letter this week addressed to half a million current and former employees of fast-fashion retailer Forever 21, warning them that their personal information was stolen in an eight-week breach discovered in March.
SailPoint has agreed to buy U.K.-based privileged access management vendor Osirium for $8.3 million to better protect privileged and non-privileged identities on a single platform. The deal will allow Osirium to benefit from SailPoint's increased scale and enhanced sector and regional capabilities.
Costa Rica will build a national cybersecurity operations center with substantial U.S. backing following a crippling cyberattack last year and will also commit to using only trusted 5G providers. The U.S. Department of State has extended $25 million to build a virtual security operations center.
The number of major health data breaches is decreasing, but a recent disturbing trend reflects the vulnerability of critical vendors and the tenacity of cybercriminals, say John Delano, a vice president of Christus Health, and Mike Hamilton, CISO and co-founder of security firm Critical Insight.
What's behind the profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business models and at least one case of a ransomware group leader with poor morale-building skills.
Chinese espionage hackers behind an eight-month campaign to hack Barracuda email security appliances intensified their focus on high-priority targets around the time the company moved to fix the zero-day flaw behind the campaign. A custom backdoor suggests China was prepared for remediation efforts.
In today's evolving digital landscape, application security is crucial. That’s why it is increasingly important to normalize the use of two-factor authentication in the developer community to the point that it is "effectively ubiquitous," said John Swanson, director of security strategy at GitHub.
Government agencies are recognizing that the seven pillars of zero trust, as outlined by U.S. federal agencies such as CISA and the DOD, should be strategically applied across various elements, including data and identity management, said Manuel Acosta, senior director and security analyst, Gartner.
Cloud-native application protection platforms are emerging as a game-changing solution to the evolving challenges in cloud security. Mattan Shalev, head of product management at Wiz, outlined the power of CNAPPs in reducing risk and fortifying cloud security.
Insider threats continue to pose significant concerns in today's digital landscape. While malicious insiders have garnered attention due to harmful intent, negligent users often make unintentional mistakes, contributing to potential cybersecurity risks.
Michael Miora, founder and CEO of InfoSec Labs - a pioneer in cybersecurity consulting - started the company in 1989. Security has been an issue for generations, he said, but things started to change once technology came into play. Then the traditional security perimeter expanded, adding complexity.
London's Metropolitan Police Service is investigating a serious data breach that may have exposed names, ranks and photographs for potentially all 47,000 personnel, after someone gained "unauthorized access to the IT system" of one of its suppliers.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.