The new Expel Quarterly Threat Report provides even more data on what we’re seeing, detection opportunities, and resilience recs to help protect your organization — now on a quarterly basis.
When contracting for modern MDR services, Lyndon Brown of Pondurance advises prospective customers to ask about more than the managed service and detection. He says they should ask tough questions about response. Brown shares his insights and strategies.
Novartis says no sensitive information was compromised in an alleged attack involving the drugmaker's data showing up for sale on the dark web. The incident comes as new reports warn of a surge in cyberattacks on healthcare sector entities and the return of Emotet malware.
Undisclosed attackers have likely stolen $1.7 million by deploying Clipminer, a cryptomining and clipboard hijacking malware, on compromised systems, says the Symantec Threat Hunter Team. According to the team, Clipminer is a copycat or an evolved version of cryptomining Trojan KryptoCibule.
The website of the Russian Ministry of Construction, Housing and Utilities was reportedly hacked and defaced on Sunday. The attacker demands a 1-million-ruble ransom be paid by Tuesday to ensure the security of stolen data. A ministry spokesperson told a state news agency that all data is protected.
Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability has a CVSS score of 10 out of 10 for criticality.
Federal authorities have issued advisories about security vulnerabilities identified in several medical device products, including various Illumina Inc. genetic testing and sequencing devices and certain medication dispensing systems and microbiology software products from Becton, Dickinson & Co.
U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group. The threat actor's promises to delete stolen data and not disclose the security incident to the public if its demands are met are false, the agencies say.
A zero-day vulnerability in Atlassian Confluence, a workspace collaboration tool that serves millions of daily active users, is being targeted in the wild. The flaw, according to the company's security advisory, gives attackers unauthenticated remote code execution privileges.
Android spyware FluBot's infrastructure was disrupted by the Dutch police as part of a multinational law enforcement operation in May, rendering this strain of malware inactive, Europol says. The agency is continuing its probe into identifying the actors responsible for the malware campaign.
In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
Boston Children's Hospital thwarted a cyberattack by government-backed Iranian hackers last summer after U.S. authorities received intelligence about the pending assault and alerted the hospital, says FBI Director Christopher Wray, who called Iran's planned cyberattack "despicable."
The U.S. has conducted offensive cyber activities in support of Ukraine, Cyber Command Director Gen. Paul Nakasone reportedly said on Wednesday at the NATO Cooperative Cyber Defense Center of Excellence conference. The White House says these operations do not violate historic policies with Moscow.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.