CISA and the FBI released an advisory recommending that critical infrastructure organizations implement a series of recommendations to thwart a unique hacking group known for targeting commercial facilities, as seen in the recent cyberattack targeting MGM Resorts International.
Russian state hackers targeted European embassies and international organizations in espionage attacks exploiting a recently patched vulnerability in a popular Windows utility for archiving files, say Ukrainian government cybersecurity researchers.
SonicWall acquired a longtime master MSSP partner to bring MDR, SOC and vulnerability management capabilities to its managed service providers. Buying Solutions Granted will help SonicWall detect and respond to endpoint or cloud-based threat activity on behalf of its MSP and MSSP partners.
The estates of two deceased UnitedHealthcare Medicare Advantage policyholders allege in a proposed federal class action lawsuit filed this week that the insurance giant is using an AI tool to illegally deny necessary coverage for post-acute care, such as skilled nursing, to elderly plan members.
The U.S. Securities and Exchange Commission's requirement for publicly traded companies to report cyber incidents that have a material impact within four days is "not about playing gotcha with public companies," said the commission’s director of the corporation finance division.
The BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days. The group, also known as Alphv, listed MeridianLink on its data leak site and threatened to leak stolen data.
This week, BiBi malware hit Israeli computers, the Clorox CISO stepped down, the FCC proposed a school cybersecurity program, U.K. ICO issued a Black Friday warning, a pro-Palestine APT group unleashed a cyberespionage campaign, the FBI dismantled the IPStorm botnet and VMware disclosed a flaw.
European lawmakers behind an artificial intelligence regulation that's close to finalization predicted Thursday the law will set global standards. "We want AI to develop in Europe, and this is why we want to build a trustworthy ecosystem," said Brando Benifei.
This week, Poloniex prepared to resume operations after a $100 million hack, a OneCoin executive pleaded guilty, the SEC reported an "impactful" crypto enforcement year, a bug put $2.1 billion at risk, $27 million was stolen, the Data Act vote happened in Europe, and China released an NFT theft law.
A zero-day flaw in the Zimbra Collaboration email server proved to be a bonanza for hackers as four distinct threat actors exploited the bug to steal email data and user credentials, says Google. Most of the exploit activity occurred after Zimbra had posted a hotfix on July 5.
Ukraine's national computer emergency response team, CERT-UA, says it sees an increase in cyber incidents as Russia's invasion continues. While wiper attacks are ongoing, a rising Russian hacker tactic involves stealing private CCTV footage to study the efficacy of missile strikes and drone attacks.
Regulating AI is "like regulating Jell-O," said Massachusetts risk counsel Jenny Hedderman, but states are looking at regulating "areas of harm" rather than AI as a whole. In this episode of "Cybersecurity Insights," Hedderman discusses privacy, third-party vendor risk, and lawyers' use of AI.
Palo Alto will spent nearly $670 million buying Talon and Dig to broaden its cloud security portfolio and protect unmanaged devices without affecting usability. Purchasing Tel Aviv, Israel-based Talon Cyber Security for $435 million will help safeguard the 36% of the workforce that's independent.
The European telecom standards body behind a widely used radio encryption system will soon open-source its encryption protocols. The European Telecommunications Standards Institute on Tuesday said it will soon publish Terrestrial Trunked Radio, or TETRA, a European standard for radio communication.
FBI officials said Wednesday that the federal government is preventing advanced ransomware attacks targeting a range of institutions with the help of new information-sharing and victim engagement initiatives with organizations across the public and private sectors.