Two serious remote-code-execution vulnerabilities have been discovered in VMware's widely used Spring, which is a platform for building online applications. With at least one of the vulnerabilities already being actively exploited, VMware urges immediate patching.
Hackers have allegedly managed to breach the infrastructure belonging to Russia's Federal Air Transport Agency, or Rosaviatsiya, and wiped out its entire database and files consisting of 65TB of data, including documents, files, aircraft registration data and emails from the servers.
Globant, the Luxembourg-based software development company, on Thursday confirmed that an undisclosed actor - reportedly Lapsus$ - has illegally accessed the company's code repository, containing source code associated with some of its clients.
Harold Moss, the CEO of Tautuk, has a background in building products, but many in cybersecurity do not come from a product background. In this interview with Brian Barnier, he discusses the importance of context, listening and collaboration for teams to understand creative and critical thinking.
This edition analyzes how hackers exploited a misconfigured VPN device, gained access to Viasat's satellite network and caused a massive outage in Europe as Russia's invasion of Ukraine began. It also examines the invasion's impact on financial services and how to modernize security operations.
Since threats are becoming increasingly hard to find, it's crucial that your cybersecurity practice adopts a strategy focused on proactive preparedness and takes actions - in advance of an attack - that harden and reduce the threat surfaces that hackers exploit. Adam Mansour of ActZero offers tips.
As Finnish technology giant Nokia announces it is ceasing sales in Russia over the war with Ukraine, the company is facing tough questions over how it helped enable a mass surveillance program that supports President Vladimir Putin's autocratic regime.
An apparent ransomware attack and alleged data theft by the Hive cybercriminal group has left Partnership HealthPlan of California struggling to recover its IT services for more than a week. The nonprofit says it is unable to receive or process treatment authorization requests.
Sophos says it has provided a fix to a critical RCE bug known to be actively exploited primarily in South Asia. Sophos says no customer action is needed if the "Allow automatic installation of hotfixes" feature is enabled, but versions close to their end of life need manual configuration.
The White House is seeking fiscal 2023 budget increases for the Department of Health and Human Services, including a boost in funding for cybersecurity initiatives including medical device security and regulatory and enforcement efforts related to secure health data exchange.
Communications company Viasat says it's been replacing about 30,000 broadband modems to restore service for customers in central Europe affected by a Feb. 24 attack that disrupted part of its satellite communications network and left modems unable to connect.
Days after the recent Okta data breach, parts of a security report, allegedly created by Mandiant, were leaked, giving the breach timeline and how the threat group gained access to Okta's environment. Security experts, including an Okta customer, discuss the report, supply chain risks and redress.
Regulators have slapped four small covered entities with HIPAA enforcement actions, including three settlements and one civil monetary penalty. The most egregious case involves an Alabama dentist who disclosed patient information for use in his unsuccessful campaign for state Senate.
Fifty-three percent of survey respondents say cyberthreats became fiercer during COVID-19, and 17% say the pandemic disrupted their data security initiatives. These are among findings of a new survey sponsored by HelpSystems. Cary Hudgins analyzes the results and discusses how to put them to work.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.