Cybersecurity authorities issued a road map Thursday detailing how software manufacturers should go about baking security into their design processes. The document details how manufacturers should adjust their design and development programs to ensure software is secure.
Every week, Information Security Media Group rounds up cybersecurity incidents in the world of digital assets. Between April 7 and April 13, hackers stole millions from GDAC, Yearn Finance and SushiSwap. We found out how bad cybersecurity was at FTX, and the U.S. Treasury warned DeFi to shape up.
As field CTO, EMEA for Noname Security, Filip Verloy spends lots of time talking with customers and analysts about API security. Two common themes: Few organizations know the number and types of APIs in their enterprise, and fewer understand exactly how data is being exchanged among them.
Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, attributed to North Korea.
Companies have rapidly adopted digital strategies to fuel growth and profitability, yet many of these changes have inadvertently accelerated the risk of cyberattacks. As evidenced by the recently released 2023 OpenText Cybersecurity Threat Report, cybercriminals are taking advantage of these gaps.
The launch of Microsoft's Security Copilot may have attracted the most attention in the market since it was developed by the company that brought generative AI chatbots to the masses, but it's neither the first nor the only security product to incorporate OpenAI's ChatGPT into its design.
Federal regulators have issued proposed changes to the HIPAA privacy rule aimed at protecting reproductive healthcare information from disclosures or uses involving law enforcement and related purposes in the wake of the Supreme Court last year overturning Roe v. Wade.
Australian non-bank lender Latitude Financial said it will not pay a ransom demand from extortionists behind the theft of 14 million customers' data. Australian Minister for Home Affairs Clare O'Neil called Latitude's decision "consistent with Australian government advice."
The Biden administration plans to develop a road map for certifying and assessing that artificial intelligence systems work as intended without causing harm. The Commerce Department has asked for public input on top policies to support the development of AI audits, assessments and certifications.
Federal regulators have issued new rules aimed at securing certified healthcare software, helping patients decide which records to keep private, and protecting data used by AI and predictive tools. The 556-page proposed rule seeks to promote innovation and data sharing while tightening security.
A low-profile Israeli advanced spyware firm used a suspected zero-day to surveil the lives of journalists, political opposition figures and a nongovernmental organization worker across multiple continents, say researchers from the Citizen Lab and Microsoft.
The cybercrime economy appears to remain alive and well: Compared to last year, researchers report seeing an increase in the number of known ransomware victims as well as initial access listings, which facilitate such attacks. The impact the takedowns of BreachForums and Genesis remains to be seen.
The onslaught of distributed denial-of-service, ransomware, data exfiltration and other attacks on the healthcare sector highlight the importance of optimizing the many sources of threat intelligence available today, says Taylor Lehmann, director of the office of the CISO at Google Cloud.
The Biden administration is probing how highly classified military and intelligence documents detailing national security secrets came to be leaked via Discord servers and social media. Experts say the leaked documents appear to be genuine, although some have been crudely doctored.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.