This week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPI package and a Russian threat actor shifted tactics. BreachForums' admin faces prison, and scammers used the release of Ross Ulbricht.
Under the Trump administration, the proposed update to the HIPAA Security Rule - issued in the final weeks of the Biden administration - is likely to get trimmed but not totally cut, predicts regulatory attorney Sharon Klein of the law firm Blank Rome. What else should the health sector expect?
On his second day in office, U.S. President Donald Trump pardoned Ross Ulbricht, founder of Silk Road, an online marketplace tied to over $200 million in illegal bitcoin transactions. Ulbricht has been in federal prison since 2015, sentenced to life with no possibility of parole.
This week, Microsoft laid off security staff and released Patch Tuesday, Russian hackers intensified attacks on Ukraine in 2024, Telefónica confirmed a breach, a Tennessee mortgage leader reported a breach and the Texas AG sued Allstate over driver data collection.
A ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS's server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.
AI-powered phishing attacks are on the rise. At the same time, our growing digital footprints provide cybercriminals with almost limitless information they can weaponize.
Join Erich Kron, Security Awareness Advocate at KnowBe4, and Jack Chapman, SVP of Threat Intelligence for Egress, as they discuss how...
A Florida-based behavioral health holding company has paid federal regulators a $337,750 HIPAA settlement for a 2018 incident involving the deletion of electronic protected health information pertaining to nearly 3,000 patients. How should other entities avoid these data loss situations?
This week, a Russian tanker linked to cable sabotage detained in Finland, a claimed Gravy Analytics breach exposed location data, a Mirai-based botnet exploited zero-day flaws, Dell updated framework flaws and a court sentenced a Florida woman for laundering millions in romance scams.
Experts tell Information Security Media Group that a controversial United Nations cybercrime convention is unlikely to be ratified in the U.S. Senate due to mounting concerns from technology, human rights and privacy advocates over its potential impact on internet security and privacy protections.
How many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.
Hackers are deploying an updated strain of EagerBee malware to target internet service providers and government organizations in the Middle East, warn security researchers. EagerBee operates in memory and comes with advanced stealth and security evasion capabilities.
This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea's contagious interview campaign deployed new malware.
What a year 2024 has been on the cybersecurity front, showing that data breaches aren't in decline, and how attackers will exploit built-in backdoors, when they aren't simply hacking edge devices. Even so, promising efforts to boost the collective defense continue.
A serving member of the U.S. Army has been arrested on a two-count indictment tied to the theft and sale of "confidential phone records," reportedly tied to the theft of terabytes of data from AT&T, Verizon and other customers of cloud data warehousing platform Snowflake.
This week, cyberattack disrupts Japan Airlines, U.S. court rules NSO Group violated hacking laws, the European Space Agency’s web store hacked, FTC orders Marriott to overhaul data security, Sophos patches critical firewall flaws and Apache fixes critical SQL injection in Traffic Control.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
