The decentralized money market platform Qubit Finance, which runs on the Binance Smart Chain, has been hacked for more than $80 million, it confirmed via tweet on Friday. Blockchain security experts say it's the largest DeFi hack of 2022.
Attack scans and attempts related to the Log4j flaw may have declined, but some security experts believe the attack vectors will continue to pose a problem up to two years. Also, the Ukraine Computer Emergency Response Team reports Log4j could be a possible attack vector in recent cyberattacks.
A new malware dubbed DazzleSpy has been found targeting macOS users in Hong Kong. The malware is being planted through pro-democracy radio station D100's news website, which was earlier compromised through a watering hole campaign, researchers from cybersecurity firm ESET report.
A memory corruption vulnerability has been uncovered in Polkit’s pkexec, a SUID root program that is installed by default on every major Linux distribution, allowing any unprivileged user to gain root privileges on the vulnerable host.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
Healthcare organizations must carefully scrutinize any implementation of applications, software suites and other technology platforms that could contain open-source code because of the risks - including potential patient safety issues - posed by these components, says attorney Steven Teppler.
Lawmakers on the House Committee on Financial Services this week announced nine provisions of its America COMPETES Act of 2022 - one of which has been criticized by cryptocurrency proponents for potential privacy and due process concerns.
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
The risks posed by Apache Log4j continue, as a previously seen initial access broker group with the codename Prophet Spider IAB appears to be targeting vulnerabilities in Apache's logging utility to infiltrate the virtualization solution VMware Horizon, researchers at BlackBerry warn.
Not even one week after a massive supply chain attack that compromised 93 WordPress plug-ins and themes, a new critical vulnerability with RCE capabilities and a CVSS score of 9.9 was discovered Tuesday, impacting yet another WordPress plug-in, AdSanity.
SLC Lab, a Florida county laboratory that performs drug testing, is notifying thousands of individuals of a web portal misconfiguration incident that left sensitive information accessible to others for more than four years. How can other entities avoid such incidents?
How do you identify a BIN - Bank Identity Number - attack, let alone stop it? Ernie Moran, senior vice president of risk at Brightwell Payments, shares his experience of how he managed a BIN attack on his firm.
Kyle Flaherty has worked with a range of companies, changing the worlds of big data, IoT, BYOD, SaaS, open-source software, network security, fraud detection, data analytics, marketing automation and network management. He weighs in on brands and how metrics feed different audiences.
Maersk was one of dozens of organizations crippled by the NotPetya malware in June 2017. Gavin Ashton and Bharat Halai worked in identity and access management at Maersk and share how the company's technology team tirelessly brought the company back from the brink of an IT systems meltdown.
The U.S. Department of Homeland Security is reportedly warning that the U.S. could witness a retaliatory cyberattack at the hands of Russia if it decides to respond to the latter's potential invasion of Ukraine, where 100,000 or more troops have been amassed for weeks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.