Insider threats continue to pose significant concerns in today's digital landscape. While malicious insiders have garnered attention due to harmful intent, negligent users often make unintentional mistakes, contributing to potential cybersecurity risks.
Public-private cybersecurity councils urged the healthcare industry to be more expansive in sharing signs of hacking, warning that traditional indicators aren't enough. Fending off hackers requires additional shared data, such as SIEM rules and automated response playbooks.
Michael Miora, founder and CEO of InfoSec Labs - a pioneer in cybersecurity consulting - started the company in 1989. Security has been an issue for generations, he said, but things started to change once technology came into play. Then the traditional security perimeter expanded, adding complexity.
The fear that ChatGPT could turn a low-sophisticated hacker into a sophisticated adversary is unfounded, said Howard Marshall, global intelligence lead, Accenture Security. He says most hackers lack the expertise and education to create sophisticated malware.
Kroll is warning claimants in three major cryptocurrency bankruptcy cases that hackers obtained their personal data after the attacker convinced a mobile carrier to redirect an employee's phone number to their own device. Hackers appear to have already begun a phishing campaign.
London's Metropolitan Police Service is investigating a serious data breach that may have exposed names, ranks and photographs for potentially all 47,000 personnel, after someone gained "unauthorized access to the IT system" of one of its suppliers.
A backdoor Trojan known as SmokeLoader is deploying a customized Wi-Fi scanning executable to triangulate the location of infected Windows devices. The malware, dubbed "Whiffy Recon," uses nearby Wi-Fi access points as a data point for Google's geolocation API.
Researchers spotted North Korean state hackers deploying a more compact remote access Trojan through a flaw in IT service management software in a campaign affecting European and U.S. critical infrastructure. Cisco Talos said the Lazarus Group in May started to deploy a Trojan it named QuiteRAT.
In the latest weekly update, ISMG editors discuss the shifting dynamics of cyber insurance, why APAC is approaching privacy regulations around emerging technologies, and how U.S. authorities charged the co-founders of cryptocurrency mixer Tornado Cash with money laundering.
Chinese state hackers are targeting Taiwanese organizations, likely for espionage, in a difficult-to-detect campaign that relies on Windows utilities. Microsoft dubbed the threat actor Flax Typhoon in a Thursday blog post and said the hackers seek persistence, lateral movement and credential access.
Four years ago, federal regulators started sending a message to healthcare entities about the need to give patients timely access to their health records. Insurer UnitedHealthcare, the 45th firm penalized for potential "right to access" violations, agreed to an $80,000 fine and corrective action.
A new healthcare-focused research agency is seeking proposals for innovative cybersecurity technologies that can apply a national security approach to protecting this highly targeted civilian industry. Today's off-the-shelf software is falling short, the agency said.
Spain is set to launch Europe's first-ever artificial intelligence regulatory agency as the trading bloc finalizes legislation meant to mitigate risks and ban AI applications considered too risky. Madrid said its goal is to foster AI that is "inclusive, sustainable, and centered on citizens."
Third-party targeting by attackers has intensified due to the interconnectedness of the business world, enabling adversaries to exploit intermediaries for access. With the surge in cloud adoption, visibility in the cloud is paramount, advised Levi Gundert, chief security officer at Recorded Future.
Secure access service edge has evolved significantly over the past four years, transforming from a relatively new idea into a well-defined and widely discussed framework for network and security architecture. NetWitness focuses on integration rather than offering a SASE product.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.