A breach involving the compromise of a single user's email account at an Illinois-based multispecialty clinic has affected nearly 503,000 individuals - one of the largest breaches reported so far this year to federal regulator. How can other entities avoid similar email security incidents?
Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.
The disruption of tens of thousands of Viasat consumer broadband modems across central Europe on Feb. 24 when Russia invaded Ukraine may have involved "AcidRain" wiper malware, security researchers at SentinelOne report. Viasat says those findings are "consistent" with the known facts of the attack.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management. As a part of that initiative, CyberEdBoard posts draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter is "Recognize the Threats."
A security researcher found two critical vulnerabilities and one high-severity vulnerability in two separate Veeam products that may allow attackers to perform remote code execution and allow local privilege execution on victims' systems, respectively. Veeam has issued patches for all three bugs.
Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
Critical cybersecurity gaps in smart infusion pumps have put the data and care of hundreds of patients at risk, according to researchers at Unit 42 of cybersecurity firm Palo Alto Networks. They say that 75% of the 200,000 smart infusion pump networks they scanned contained known security gaps.
Since 2019, the Global Cyber Alliance has been using a custom IoT honeypot solution that identifies global attack risks and collects data about IoT attacks. Leslie Daigle discusses its findings about how threats have evolved and offers advice on how to better secure IoT devices and tech.
Chip manufacturer Intel has released 22 security advisories, including seven with a high severity rating that let a privileged user enable local access to targeted devices.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.