An online alcohol abuse counseling service is notifying about 109,000 clients of a data breach involving the company's prior use of tracking tools on its websites dating back to 2017. The breach affects members of Monument Inc. and Tempest, a counseling service acquired in May 2022.
Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. In the days between April 6 and April 13, the spotlight was on European Hyundai dealerships, Yum! Brands, former RaidForums users, a German shipbuilder, a Taiwanese PC vendor and Tasmania.
Cybersecurity authorities issued a road map Thursday detailing how software manufacturers should go about baking security into their design processes. The document details how manufacturers should adjust their design and development programs to ensure software is secure.
Every week, Information Security Media Group rounds up cybersecurity incidents in the world of digital assets. Between April 7 and April 13, hackers stole millions from GDAC, Yearn Finance and SushiSwap. We found out how bad cybersecurity was at FTX, and the U.S. Treasury warned DeFi to shape up.
As field CTO, EMEA for Noname Security, Filip Verloy spends lots of time talking with customers and analysts about API security. Two common themes: Few organizations know the number and types of APIs in their enterprise, and fewer understand exactly how data is being exchanged among them.
Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, attributed to North Korea.
Federal regulators have issued proposed changes to the HIPAA privacy rule aimed at protecting reproductive healthcare information from disclosures or uses involving law enforcement and related purposes in the wake of the Supreme Court last year overturning Roe v. Wade.
Australian non-bank lender Latitude Financial said it will not pay a ransom demand from extortionists behind the theft of 14 million customers' data. Australian Minister for Home Affairs Clare O'Neil called Latitude's decision "consistent with Australian government advice."
The Biden administration plans to develop a road map for certifying and assessing that artificial intelligence systems work as intended without causing harm. The Commerce Department has asked for public input on top policies to support the development of AI audits, assessments and certifications.
Federal regulators have issued new rules aimed at securing certified healthcare software, helping patients decide which records to keep private, and protecting data used by AI and predictive tools. The 556-page proposed rule seeks to promote innovation and data sharing while tightening security.
A low-profile Israeli advanced spyware firm used a suspected zero-day to surveil the lives of journalists, political opposition figures and a nongovernmental organization worker across multiple continents, say researchers from the Citizen Lab and Microsoft.
The onslaught of distributed denial-of-service, ransomware, data exfiltration and other attacks on the healthcare sector highlight the importance of optimizing the many sources of threat intelligence available today, says Taylor Lehmann, director of the office of the CISO at Google Cloud.
The Biden administration is probing how highly classified military and intelligence documents detailing national security secrets came to be leaked via Discord servers and social media. Experts say the leaked documents appear to be genuine, although some have been crudely doctored.
Apple issued security updates to address two zero-day vulnerabilities being actively exploited in the wild and targeting iPads, Macs and iPhones. Both vulnerabilities can lead to arbitrary code execution, but Apple said it found no exploits related to cybercrime or nation-state groups.
Cisco Talos on Wednesday identified four arbitrary code execution flaws in the Ichitaro word processor. The maker of the word processor, JustSystems, said it has not confirmed any attacks exploiting the vulnerabilities and also said it has issued fixes for the flaws.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.