Members of a U.S. House panel got their first look at the Biden Administration's new National Cybersecurity Strategy and quizzed the White House cybersecurity director on the timeline, proposed regulations and incentives for private businesses.
Threats that traditionally menaced other industries - including synthetic accounts and abuse of IT product platforms - are emerging worries for the healthcare sector, warns an industry report. Other experts also predict a similar evolution among criminal activities affecting the healthcare sector.
Utility companies have increasingly refrained from purchasing large power transformers from China given greater awareness of the security risks. Lawmakers sparred with the Energy Department's cybersecurity leader over how much of the electric grid contains components manufactured in China.
This week's roundup of cybersecurity incidents around the world includes attacks on luxury car manufacturer Ferrari, the Indian health system and a Dutch maritime logistics company. Other data breach incidents involve the NBA, Lionsgate, the city of Oakland, McDonald's and Samsung.
Attackers are deploying modified MageCart malware against WordPress websites that use the WooCommerce shopping cart plug-in, says website security firm Sucuri. Hackers inject PHP and JavaScript code and hide stolen credit card numbers in .jpg files.
EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.
TikTok CEO Shou Chew appeared Thursday before the U.S. congressional panel to defend his company against accusations that it's imperiling Americans' national security, privacy and mental health. Lawmakers pressed Chew on the company's Chinese ownership, source code and privacy practices.
Dark web merchants have been offering Russians - consumers and criminals alike - services for bypassing international sanctions that may indirectly involve U.S. financial institutions, demonstrating the need for more robust "know your customer" and anti-money laundering checks, researchers warn.
Remote access provider Splashtop has bought server and network access management vendor Foxpass to get better visibility across co-managed and multi-tenant environments. The acquisition of Foxpass will simplify the onboarding experience for developers while ensuring passwords aren't being shared.
The DC Health Benefit Exchange Authority - the online health insurance marketplace servicing Washington, D.C., residents and congressional staff - is facing two proposed class action lawsuits in the aftermath of a hack that affected more than 56,400 individuals, including members of Congress.
Orca Security has promoted Chief Product Officer Gil Geron to CEO to help the agentless cloud security vendor maintain its market leadership and rapid growth. The leadership swap at Portland, Oregon-based Orca will result in Avi Shua moving to the newly created position of chief innovation officer.
Hackers have been actively exploiting vulnerabilities in ColdFusion to remotely compromise servers, Adobe warns. Since at least early January, attackers have been dropping web shells via ColdFusion, but it's unclear if only now-known vulnerabilities are being exploited, security researchers say.
The U.S. Federal Trade Commission is asking for public comment on cloud computing provider business and security practices. The top three providers - AWS, Microsoft Azure and Google Cloud - account for approximately two-thirds of worldwide cloud spending, which reached nearly $250 billion in 2022.
Not all ransomware groups wield crypto-locking malware. Some have adopted other strategies. Take BianLian. After security researchers released a free decryptor for its malware, instead of encrypting files, the group chose to steal them and demand ransom solely for their safe return.
Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. Chinese security researchers say they found code designed to monitor users inside Pinduoduo versions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
