As investigators probe the SolarWinds hack, they're finding that the supply chain campaign appears to have deeply compromised more than the 50 organizations originally suspected. Meanwhile, the federal agencies overseeing the investigation now officially believe a Russian-linked hacking group is responsible.
Citrix is urging customers to implement a newly provided enhancement to its ADC and Gateway devices that is designed to block attackers from abusing the Datagram Transport Layer Security, or DTLS, protocol to amplify distributed denial-of-service attacks.
Lawmakers who participated in the bipartisan Cyberspace Solarium Commission applauded Congress' override of President Donald Trump's veto of the National Defense Authorization Act, pointing to its 77 cybersecurity provisions, including restoration of the position of national cyber director at the White House.
A British judge has denied a Justice Department request to extradite WikiLeaks founder Julian Assange to the U.S. to face criminal charges related to hacking government computers and then publishing classified information. U.S. prosecutors plan to appeal.
Researchers at the security firm Intezer have detected a new Golang-based worm that is targeting Windows and Linux servers with monero cryptomining malware.
A firmware vulnerability in about 100,000 Zyxel products, including VPN gateways, access point controllers and firewalls, can be used to install a hardcoded backdoor that could give threat actors remote administrative privileges, according to the security firm Eye Control. Users are urged to patch the flaw.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
New regulatory provisions that allow healthcare systems to make donations of cybersecurity technology and services to physician practices could help greatly bolster security in the sector, says attorney Julie Kass of law firm Baker Donelson.
The attorneys general of 27 states have entered into a $2.4 million settlement with Sabre Corp. to resolve a lawsuit tied to a 2017 data breach that struck the company's Sabre Hospitality Solutions hotel booking system, compromising 1.3 million payment cards.
The Cybersecurity and Infrastructure Security Agency has released an emergency directive requiring all federal organizations running the vulnerable SolarWinds Orion software to immediately update to the latest version.
Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.
Ransomware gangs entered 2020 with a full and dangerous set of weapons at their disposal and then rolled out additional tools such as extortion and new distribution methods, a trend that is expected to continue into 2021.
As federal regulators intensify their focus on compliance with requirements to provide patients with access to their health information, healthcare organizations need to sort through a variety of emerging challenges, says health information management and privacy expert Rita Bowen.
The latest edition of the ISMG Security Report offers leadership lessons from Equifax CISO Jamil Farshchi and Mastercard's deputy CSO, Alissa "Dr. Jay" Abdullah. Also featured: An assessment of cybersecurity priorities for President-elect Joe Biden.
The U.S. Treasury's Financial Crimes Enforcement Network is alerting financial institutions about the potential for fraud, ransomware attacks or similar types of criminal activity related to COVID-19 vaccine research and distribution organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.