Hacking incidents - including ransomware attacks, phishing scams and episodes involving vendors - are still the dominant culprits in major health data breaches being reported to federal regulators so far this year. Why?
U.S. public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. This led to a spike in school cancellations, as IT staff members struggled to get systems back online while dealing with the COVID-19 pandemic, reports the K-12 Cybersecurity Resource Center.
U.S. Rep. Suzan DelBene, D-Wash, has reintroduced a bill that would create a national-wide data privacy standard that in its latest incarnation makes an attempt to placate Republicans. The bill, if passed, would replace a patchwork of current state laws.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
Although CISA has made significant strides since it was established in 2018, the agency still has important work to do to fulfill its cybersecurity and national security obligations, the GAO finds. This includes better communications with industry partners that share responsibility for critical infrastructure.
Attackers wielding DearCry - aka DoejoCrypt - ransomware have begun to exploit the serious proxy-logon flaw in unpatched versions of Microsoft Exchange running on premises. The vulnerability is one of four zero-day flaws patched last week by Microsoft, which APT attackers began exploiting in January.
John Matherly, founder of Shodan, a search engine that can find devices connected to the internet using a variety of filters, explains why some cyber insurers and companies considering mergers and acquisitions are using the search engine to probe for network vulnerabilities.
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
With the explosion of remote business, we are now digitizing many of our documents and processes. Entrust’s Jay Schiavo explains what new mindset this shift requires, what’s needed to ensure document authenticity and integrity.
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
The $1.9 trillion economic relief package known as the American Rescue Plan, which the House approved Wednesday and President Biden signed Thursday afternoon, includes about $2 billion for cybersecurity and IT modernization, rather than the $10 billion the president originally proposed.
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 APT groups that have been collectively been hitting thousands of companies over the last three months, including prior to when Microsoft was first alerted to the flaws and issued a patch, security researchers warn.
Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get?
The Cybersecurity and Infrastructure Security Agency will take over the day-to-day management of the official .gov top-level domain in April, adding a greater emphasis on security for the domains used for government websites.
Microsoft's rerelease on Patch Tuesday of the seven patches for the widely exploited Exchange vulnerabilities has given security experts a chance to reiterate the urgent need to install these and other critical security updates.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.