PayPal is notifying 34,942 Americans that a hacker accessed their personal information during a two-day credential stuffing attack in early December. The San Jose, California-based company says it has not detected unauthorized transactions emanating from affected accounts.
The United Kingdom's Royal Mail says it can again deliver simple letters to international destinations as it enters a second week of grappling with the fallout of a ransomware attack. It is testing operational workarounds to reduce its backlog of packages to be delivered.
Security ratings provide a strong indication of potential risk, but boards increasingly want to drill into the underlying risk factors, says CEO Steve Harvey. BitSight has invested in both workflows around third-party risk and research and identification of CVEs on behalf of government agencies.
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
Essential reading for network defenders: CircleCI's report into its recent breach, which began when malware infected an engineer's laptop. After stealing "a valid, 2FA-backed" single sign-on session cookie, attackers stole customers' secrets and gained unauthorized access to third-party systems.
The former head of the U.K.'s National Cyber Security Centre warns that destructive ransomware targeting large enterprises is likely to surge in 2023, adding that recent attacks on Royal Mail and The Guardian newspaper are examples of these early-stage attacks.
Forter bought a bot detection startup founded by a longtime Check Point Software leader to stop malicious actors from purchasing limited-edition items and collectables. The Immue purchase will prevent malicious bots from flooding e-commerce sites with thousands of transaction attempts per second.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
Healthcare workers should think twice about using AI tools such as ChatGPT as productivity boosters, privacy experts warned after a Florida doctor publicized on TikTok how he had used one to write a letter to an insurer arguing for patient coverage. What are the risks?
An international sting operation on Tuesday shut down the operations of cryptocurrency exchange Bitzlato Ltd. as FBI agents hauled co-founder Anatoly Legkodymov into a Miami jail to face U.S. federal charges of conducting an unlicensed money-transmitting business.
Ransomware syndicates continue to earn massive profits for criminals while disrupting victims' operations worldwide. Security researchers tracking known victims say their numbers remain unchanged from 2021 to 2022, as attackers tap abundant cybercrime services to help amass fresh victims.
Sophos will execute the second-largest round of layoffs of any security company in the current economic downturn, axing 450 workers amid a shift to MDR services. Sophos plans to reduce its staff by 10% in a move to balance growth and profitability in a challenging and uncertain economic environment.
Attackers have caught up with legacy multifactor authentication tools that use push technology or one-time passcodes, boosting the need for phishing-resistant MFA, says Jeremy Grant. In response, government officials such as CISA Director Jen Easterly have championed FIDO since it's mature and open.
The U.S. Department of Defense is looking for a few good hackers to penetrate a facilities network underpinning the Pentagon's basement, mezzanine, and the command and communications center used by the president and the secretary of defense. Defense has hosted white hat hacking sessions since 2016.
The U.S. federal government put the healthcare sector on alert for indicators of BlackCat and Royal ransomware, characterizing them as "highly capable" threats. The good news, says a cybersecurity expert, is that a solid defense-in-depth strategy can foil the ransomware-as-a-service groups.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.