The problem of zero-day exploits used by advanced spyware makers such as NSO Group is an urgent problem requiring government intervention, a Google cybersecurity executive told the European Parliament committee investigating member nations' use of the Pegasus spy app.
Cybereason has carried out another round of layoffs, axing 200 workers just days after a report that the endpoint security vendor is pursuing a sale. The company plans to reduce its staff by 17% - or 200 employees - less than five months after laying off 10% of its workforce.
The federal tally of health data breaches reached a new milestone this week: Since its inception in September 2009, more than 5,000 major incidents have been posted to the Department of Health and Human Services' HIPAA breach "wall of shame."
Artificial intelligence-driven technology purporting to recognize human emotional states "may not work yet, or indeed ever," said U.K. Deputy Information Commissioner Stephen Bonner. The office predicts greater commercial use of behavioral analysis in products over the next two to three years.
Ransomware-wielding gang Vice Society, living up to its name, continues to test new strategies to take down more victims. If those bona fides aren't bad enough, the group has a predilection for hitting schools and threatening to dump stolen student data on its dedicated data leak site.
Detection tools can potentially overwhelm security operation center analysts with alerts, many of which are false positives, leading to ticket fatigue and missed attacks. Splunk's Jesse Trucks shares how the latest risk-based alerting technology helps SOCs focus on the threats that really matter.
A Ukrainian man is fighting extradition to the United States, where he faces a four-count criminal indictment for his role in operating the Raccoon malware-as-a-service infostealer malware. Dutch authorities arrested Mark Sokolovsky, 26, in March, shows an unsealed indictment.
As controversy grows around the use of Facebook Pixel code and similar tracking tools that harvest sensitive health and other personal data of consumers, so does the pressure from lawmakers demanding answers from tech vendors about those data collection practices.
An inquiry into European Union countries' use of Pegasus spyware is running into national opposition, said Jeroen Lenaers, head of the investigative committee. Pegasus can invoke national security sensitivities, Lenaers acknowledged, but said the inquiry is concentrated on questions of law.
Payment card data theft remains alive and well in the cybercrime underground, especially via the use of JavaScript skimmers. But security researchers find that some attackers have stayed old-school, continuing to use malware on point-of-sale terminals to steal "dumps" of card data.
Health insurer EyeMed Vision Care will pay New York regulators $4.5 million to settle an investigation into its 2020 data breach incident. States are becoming more aggressive in applying enforcement actions against data breaches, say regulatory attorneys.
Apple has issued a slew of security updates amid reports that its iOS devices are being actively exploited via a zero-day vulnerability in the kernel. While Apple hasn't attributed the exploits to any specific group, experts say surveillance malware developers are a likely culprit.
The chief executive of alcohol delivery app Drizly is set to come under a decadelong requirement imposed by the U.S. Federal Trade Commission to ensure whatever company he oversees has an information security program. A hacker stole customer records of 2.5 million individuals from Drizly in 2020.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.