According to findings from the Identity Theft Resource Center's 2023 Q1 Data Breach Report, the number of publicly reported data compromises decreased, but the number of data breaches with no actionable information about the root cause of the compromise grew.
Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company. The Swedish firm said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets and land clients in new verticals.
The North Korean software supply chain attack on a Chicago financial trading software developer infected additional victims besides 3CX, including organizations in the energy sector, says Symantec Threat Hunter Team. One organization is located in the United States, the other in Europe.
The Federal Reserve's FedNow Service will launch in July this year. Many banks, including community banks, will be able to leverage FedNow as an instant payment platform. How can these banks prepare for faster payments, and what security controls should they consider adding?
Palo Alto Networks and IBM have joined forces to create a strong partnership designed to deliver best-in-class security solutions and services. In an exclusive interview, Bob West of Palo Alto Networks joins IBM's Abhi Chakravorty to discuss the power of the partnership for customers.
A top HIPAA-enforcement priority for regulators is cracking down on entities that disclose patient information to third parties without permission through the use of website tracking codes, says Melanie Fontes Rainer, director of the Department of Health and Human Services' Office for Civil Rights.
Healthcare entities need to think more strategically about managing risk by implementing a robust cybersecurity framework such as the National Institute of Standards and Technology's CSF, said Bob Bastani, cybersecurity adviser at the Department of Health and Human Services.
Supply chain risk has become more critical in the post-pandemic world, and that means you need to ask "much more focused, targeted questions" about your partners, according to Sawan Joshi, director of information security at Cervest, a climate intelligence startup.
Hackers who turned a zero-day in Fortra's GoAnywhere software into a bonanza of ransomware attacks for Russian-speaking extortion group Clop first penetrated the company's software in January. Hackers exploited some on-premises instances of the file transfer software as early as Jan. 18.
Vendors should be more transparent and faster in communicating when they experience a breach or other security incident that affect clients' data, says Anahi Santiago, CISO at ChristianaCare. "Sometimes we find out about these incidents through our third-party monitoring systems," she said.
A cyber risk quantification startup backed by ex-Cisco CEO John Chambers has raised $50 million to apply ML technology and build more API adapters. The money will allow Safe Security to capitalize on generative AI to help nontechnical leaders better understand their organizations' security postures.
Major internet chat platforms are urging the United Kingdom government to reconsider a bill intended to decrease exposure to online harms but which opponents say would open the door to massive government surveillance. Proponents say online platforms should have a duty of care to protect users.
Hackers have seized on the API revolution to drive a surge in attacks that exploit poorly coded applications, reports Akamai, in a warning echoed by other cybersecurity experts. The vector driving the most growth in API attacks is local file inclusion.
Effective security governance in a healthcare entity is a balancing act that requires sponsorship by top leadership and careful consideration of the concerns of clinicians and others in the organization, according to Eric Liederman and deputy CISO Steven Frank of Kaiser Permanente.
Healthcare entities of all types and sizes could be the next targets of major cybersecurity attacks, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency. Healthcare firms need to be vigilant against ransomware, DDoS and medical device breaches, he said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.