Microsoft's September dump of fixes addresses two actively exploited zero-day vulnerabilities, including one in Microsoft Word that has a proof-of-concept code available publicly. "Definitely put this one on the top of your test-and-deploy list," wrote Dustin Childs.
To some extent, ransomware has become like COVID-19 - a threat we all need to learn to live alongside. But Aaron Bugal, field CTO of Sophos, says there is still much that security and technology leaders can do to reduce their risk by addressing activity that often precedes a ransomware attack.
Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.
Google released a fix on Monday for a Chrome zero-day that allows an attacker to remotely target a vulnerable version of the browser. The bug is tracked as a heap buffer overflow in the WebP image format, which is specifically designed to optimize web images.
Federal regulators have smacked a large California health plan with a $1.3 million fine to settle potential HIPAA violations for two relatively small breaches that affected about 2,250 individuals. But officials indicate "long-standing HIPAA deficiencies" were a "systemic" problem at the insurer.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Censys CEO Brad Brooks discusses the stresses a CISO experiences in trying to prevent cyberattacks and in dealing with those that do occur. Topics include breach disclosure and cybersecurity marketing to CISOs.
A federal judge has given the green light for attorneys to proceed with a consolidated class action lawsuit against Meta that accuses the social media giant of intercepting sensitive health information with its Pixel tracking tools used in numerous healthcare websites and patient portals.
According this report, the rate of ransomware attacks has remained steady. Sixty-six per cent of research respondents said their organization was hit by ransomware in the previous year. With adversaries now able to consistently execute attacks at scale, ransomware is arguably the biggest cyber risk facing...
A Norway court sided with the country's data protection authority in a battle against Facebook over surveillance based-ads, ruling that the agency has the authority to tell the social media giant to temporarily halt behavioral tracking without explicit consent or face daily fines.
Perimeter 81's ease of deployment and embrace of a cloud-based architecture made it stand apart from other secure remote access offerings, according to Check Point Software CEO Gil Shwed. The deal will help Check Point build a scalable network foundation that extends to thousands of users.
Multiple nation-state hacking groups have been exploiting known flaws in Zoho ManageEngine software and Fortinet firewalls to steal data, cybersecurity officials warn. A new alert details exploits of each vulnerability by separate groups that targeted the same aeronautical firm.
There’s more to securing your business than firewalls and VPNs. We live in a day when digital transformation is critical and moving your business to the cloud is our present and future. It’s difficult to navigate through all the architecture complexities and industry jargon.
Let’s keep it simple! In this...
In the aftermath of mergers and acquisitions among healthcare entities - and the resulting IT integration and cost-cutting moves - gaps in technology and skills and other gaps often put organizations at higher risk for attacks and other security incidents, said Jack Danahy of NuHarbor Security.
The new SEC compliance regulations require organizations to have processes to assess, identify, and manage cybersecurity risks, as well as report material incidents quickly. To do this effectively, cybersecurity efforts must be aligned with business strategy, and a comprehensive approach to risk management is...
Government agencies are adopting zero trust architectures, both to meet regulatory requirements, but also as a security imperative to mature their security posture, however the specific challenges faced differ from those of commercial entities. Watch this webinar to gain insights into a dedicated Zero Trust practice...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.