Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
The unique characteristics of the telecommunications industry pose significant challenges to the implementation of robust vulnerability management programs. Security director Ian Keller lists the top four challenges and discusses strategies to overcome them.
In recent years, the adoption of public cloud infrastructures has surged, providing organizations with unparalleled flexibility and scalability. But this shift has also introduced a new set of challenges when it comes to protecting web applications and APIs that are hosted on these platforms.
Spanish police arrested 34 members of a cybercrime group that used phishing and other tactics to extort nearly 3 million euros from victims. The group is believed to have stolen data of more than 4 million banking customers to target its victims.
India federal law enforcement busted tech scam fraud rings operating in locations across the subcontinent after Microsoft and Amazon shared intelligence with the Central Bureau of Investigation. Scammers allegedly operated call centers impersonating tech giant customer support.
Threat actors are exploiting another zero-day flaw in Cisco's IOS XE software to implant a malicious backdoor. The IOS XE operating system runs on a wide range of Cisco networking devices, including routers, switches, wireless controllers, access points and more.
In the latest weekly update, editors at Information Security Media Group discuss the impact of the Israel-Hamas war on the threat landscape and the workforce, the role of the U.S. in shaping the future of AI technology, and highlights from ISMG's Financial Services Summit in New York.
Attorneys general across 33 states have reached settlements for three health data breaches that affected nearly 2 million people, including a $1.4 million settlement for a clearinghouse that left patient data exposed for three years. The AGs accused the firms of violating state laws and HIPAA rules.
European police in Paris this week arrested a man accused of being a key developer of Ragnar Locker ransomware. A joint action led by French authorities resulted in one arrest and the questioning of five suspects located in Spain and Latvia in coordinated action that began Monday.
Vietnamese cybercrime groups are targeting the U.K., U.S. and Indian digital marketing sectors with multiple strains of information-stealing malware, including the widely used DarkGate info stealer. Phishing campaigns have used fake emails purporting to contain job opportunities and salary details.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
The hacker who allegedly leaked mental health records online after breaking into a Helsinki-based psychotherapy chain's patient database has been charged in Finnish court with multiple counts of extortion and leaking data. Finnish national Aleksanteri Tomminpoika Kivimäki, 26, has denied guilt.
U.S. government agencies and the private sector embraced information sharing but lack a coordinated response plan in the event of a massive cyberattack, a House Republican said. Public-private partnerships are essential since 80% of critical infrastructure in the U.S. is owned by the private sector.
The FBI is warning plastic surgery practices and their patients of cybercriminals targeting their sensitive health information and medical photos for extortion schemes. The alert followed recent hacking incidents at several plastic surgery practices involving data theft.
This week, Chainalysis busted crypto terrorist financing myths, the Sam Bankman-Fried trial continued, Stars Arena got back 90% of its stolen funds, an EU authority warned about DeFi risks, the U.S. FDIC said it would focus more on crypto, and California's governor approved crypto regulations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.