This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.
On Tuesday, Ireland's Data Protection Commission imposed an $18.6 million penalty on tech firm Meta. That same day, the privacy watchdog was sued by a member of the nonprofit Irish Council for Civil Liberties over its "prolonged inaction" in the Google data breach case.
Russian state-sponsored threat actors are exploiting default MFA protocols, along with PrintNightmare, the Windows Print Spooler vulnerability, to illegally access the network of a nongovernmental organization, the U.S. Cybersecurity and Infrastructure Security Agency and the FBI say.
War in Ukraine continues into its third week, and Russia is closing in on major Ukrainian cities, upping its targeting of civilian infrastructure. In the U.S., cybersecurity officials continue to urge a "Shields Up" approach - while the digital conflict has devolved deeply into the underground.
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
It is critical for medical device manufacturers to take a threat modeling approach early in a product's design stage, say MITRE medical device cybersecurity experts Margie Zuk and Penny Chase, co-authors of the recently released Playbook for Threat Modeling Medical Devices commissioned by the FDA.
We look at cybersecurity largely focused on the immediate future. But educator Gary Henderson says we need to look a little further ahead. He makes the case for educating teachers about cybersecurity so they can educate their students, who can then go on to use those best practices in their careers.
As the Russia-Ukraine war continues, healthcare sector entities need to be prepared to deal with potential spillover cyber incidents, says Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware. She discusses current cyber challenges.
A proposed class action lawsuit against a Montana-based healthcare organization after a recent hacking incident affecting 214,000 individuals - the entity's second significant breach since 2019 - alleges, among other claims, that the entity was negligent when it failed to protect sensitive data.
XDR: Because it's new to the market, it comes with a trail of hype. Stephen Davis of Rapid7 cuts through the buzz and discusses four tangible business benefits that are likely from XDR adoption - including high-fidelity detections and accelerated incident response.
The ransomware-as-a-service group LockBit 2.0 has claimed that it will leak all the stolen data from an attack on tire manufacturer Bridgestone Americas. The attack reportedly came to light in late February, which led to the disruption of some plant operations.
As war in Ukraine rages and the Putin regime continues to drive toward population centers in the former Soviet state, U.S. cybersecurity officials remain on high alert - questioning whether the Russians will elevate the cyberwar against their Western neighbor or even NATO networks.
Automotive technology/parts supplier Denso confirmed that it suffered a ransomware attack last week. Investigations are ongoing. The company has not disclosed the ransom demanded or the attacker's name, but dark web monitoring platform DarkTracer says it's the work of the Pandora ransomware group.
Healthcare sector entities increasingly need to implement a zero trust approach with their security, says federal adviser Erik Decker, CISO of Intermountain Healthcare. Zero trust, he says, integrates "a lot of different architecture and systems … that have to work in concert with each other."
A healthcare services contractor agrees to pay a $933,000 settlement in a whistleblower case about alleged false claims about the security of electronic medical records of military personnel and diplomats. It is the first settlement under the Department of Justice's new Civil Cyber-Fraud Initiative.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.