U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
The latest edition of the ISMG Security Report analyzes whether a leaked database compiled by a Chinese company should be a cause for serious concern. Also featured are discussions on vulnerability disclosure challenges and risks posed by using social media apps for payments.
Many financial institutions have deployed fraud fusion centers as a way to help mitigate risks. But as fraudsters revamp their techniques, banks need to revamp these centers to keep up, says Jeff Dant of BMO Financial Group, who will speak at ISMG's Virtual Cybersecurity and Fraud Summit: Toronto.
Dunkin' Brands' settlement with the New York state attorney general of a lawsuit tied to a 5-year-old data breach affecting its Perks rewards cardholders could open the door to suits by other states - as well as customers.
A security incident in which hackers used social engineering techniques to divert Department of Veterans Affairs payments intended for healthcare providers compromised the personal information of 46,000 U.S. veterans.
What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less reason to trust in their public health system to handle the crisis. Enter a data breach that has exposed personal information for everyone who's ever tested positive for the disease in Wales.
A leaked database compiled by a Chinese company has suddenly become the focus of news media reports warning that it could be used as an espionage instrument by Beijing. But on closer examination, the alleged "social media warfare database" looks like public information largely scraped from social media sites.
The number of individuals affected by the May ransomware attack on cloud-based software vendor Blackbaud continues to soar. And breach reports tied to the incident now total over 170, according to one estimate.
The start of classroom and online instruction at Hartford Public Schools in Connecticut was canceled Tuesday as a result of a ransomware attack - the latest in a series of online attacks, including distributed denial-of-service disruptions, that have interrupted some schools' return to teaching this fall.
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
Twitter is investigating the hacking of an account associated with Indian Prime Minister Narendra Modi for an apparent cryptocurrency scam, according to news reports. The incident appears similar to a July Twitter hack that hit well-known targets in the U.S. and Europe.