U.S. government agencies and the private sector embraced information sharing but lack a coordinated response plan in the event of a massive cyberattack, a House Republican said. Public-private partnerships are essential since 80% of critical infrastructure in the U.S. is owned by the private sector.
The FBI is warning plastic surgery practices and their patients of cybercriminals targeting their sensitive health information and medical photos for extortion schemes. The alert followed recent hacking incidents at several plastic surgery practices involving data theft.
This week, Chainalysis busted crypto terrorist financing myths, the Sam Bankman-Fried trial continued, Stars Arena got back 90% of its stolen funds, an EU authority warned about DeFi risks, the U.S. FDIC said it would focus more on crypto, and California's governor approved crypto regulations.
Thousands of North Korean IT workers hid their identities to earn hundreds of millions of dollars in IT contract work from overseas companies to help finance the country's weapons development program, U.S. and South Korean agencies said. Officials said to watch for workers who are camera-shy.
Hackers used an updated malware framework dubbed Mata by Kaspersky to target more than a dozen oil, gas and defense sector companies in Eastern Europe, including air-gapped systems. Kaspersky previously associated Mata with North Korea but doesn't attribute this campaign to the Pyongyang regime.
This week, Citrix's update was insufficient, a Navy IT manager was sentenced to prison for accessing a database, a Moldovan man pleaded not guilty to running a credentials marketplace, new details emerged on health data breaches, and a television advertising giant suffered a ransomware attack.
North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.
Tenable held steady atop Forrester's vulnerability risk management rankings while Vulcan Cyber broke into the leaders category and Rapid7 and Qualys tumbled from the leaderboard. The way vendors deliver vulnerability management has shifted away from ingesting vulnerability assessment results.
The U.S. needs to pass federal legislation to establish a national framework of standards and a rules of the road for AI, but first passing federal data privacy legislation is an essential foundational part of that, some witnesses told members of Congress.
Pro-Ukrainian hackers claimed responsibility for wiping the servers of the Trigona ransomware gang, a recently formed group that may have links to the Russian cybercriminal underground. "'Terrible Russian hackers,' yeah, yeah," wrote a self-described spokesman for the Ukrainian Cyber Alliance.
Arctic Wolf last week announced plans to buy SOAR platform provider Revelstoke in a move to boost Arctic Wolf's automated response capabilities and lay the groundwork for "deeply embedded" AI and machine learning. CEO Nick Schneider explained how the deal will benefit customers and drive innovation.
Nation-state hackers are targeting a vulnerability in WinRAR, a popular Windows utility for archiving files, warns Google’s Threat Analysis Group, which said it has seen "government-backed hacking groups" who hail from multiple countries, including China and Russia, targeting the bug.
Watermarking is a core part of a White House trustworthiness initiative to bind companies into observing steps to guarantee the safety of AI products. The problem, say AI experts, is that watermarking is as likely to fail as succeed. Watermarking removal tools are available on the open internet.
Cisco issued an urgent warning Monday about a critical vulnerability in one of its modular operating system's web interfaces that is designed for routers, switches and other appliances. Hackers exploited the IOS XE software UI to gain admin rights that give them full control of compromised devices.
IBM says the personal information of 631,000 people was compromised by a "technical method" that allowed unauthorized access to a third-party database used by a Johnson & Johnson patient medication support platform. IBM said the problem has been fixed, but two lawsuits have already been filed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.