Google will soon release a security update to address eight vulnerabilities in its Chrome browser, including a high-severity zero-day flaw that's being exploited in the wild. It also plans to upgrade all Chrome page loads to HTTPS.
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. and U.K., demanding ransom payments as high as $1.6 million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.
The U.S. Department of State is now offering rewards of up to $10 million for information about cyberthreats to the nation's critical infrastructure. Meanwhile, the government has launched a StopRansomware website offering a central repository of resources.
Facebook's threat intelligence team says it has disrupted an Iranian advanced persistent threat group that was using the social network as part of an effort to spread malware and conduct cyberespionage operations, primarily in the U.S.
Lessons learned by first responders' efforts to deal with natural disasters can be applied to cyberattack responses, according to organizations that have teamed up to launch a cybersecurity first responder credentialing program - a first step toward creating a network of pros to help respond to cyberattacks.
Security software firm NortonLifeLock says it is in "advanced discussions" to acquire Avast, a rival security firm known for its freemium antivirus software. NortonLifeLock was formerly Symantec's consumer-focused business.
SonicWall is urging users of its Secure Mobile Access 100 series and its Secure Remote Access products running unpatched and end-of-life 8.x firmware to immediately apply patches or disconnect the devices because a ransomware campaign using stolen credentials is targeting the them.
Forefront Dermatology S.C., a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a recent hacking incident. The attack apparently involved a ransomware strain known as "Cuba."
The FCC has finalized a $1.9 billion plan that will help smaller, rural telecommunications carriers pay to rip and replace technology from the Chinese firms Huawei and ZTE. The commission says using the gear poses a threat to U.S. national security.
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
Extended detection and response, or XDR, can play an important role in improving the detection of ransomware and supply chain attacks, says Peter Firstbrook of Gartner.
Microsoft on Tuesday released patches for four zero-day vulnerabilities that are being exploited in the wild, including an official patch for a critical remote code vulnerability dubbed "PrintNightmare" for which an out-of-band fix was issued earlier.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.