A cybersecurity incident at Chicago-based CommonSpirit Health, a system of 1,500 healthcare sites across 21 states and one of the nation’s largest nonprofit healthcare systems, is disrupting medical care after the healthcare system took offline some of its electronic health records systems.
A cryptocurrency thief is hacking into other scammers' fraudulent liquidity mining websites to reach directly into the digital wallets of victims. The threat actor, dubbed "Water Labbu" by Trend Micro, has so far filched 316,728 USDT and infected 45 fraudulent decentralized applications.
Paige Thompson, the Capital One hacker known as "erratic," was sentenced to time served and five years of probation following her June conviction in U.S. federal court. The five-time felon exploited a weakness in web application firewalls on AWS accounts to steal data of 100 million individuals.
A hacker exploited a smart contract bug to steal about $29 million from DEX aggregator Transit Finance. Within hours of the theft, the attacker returned nearly $19 million - but not before keeping a $2 million "bug bounty" and losing $1.1 million to a bot theft.
While vArmour has enjoyed success in banking, the U.S. government is now the fastest-growing part of its business. CEO Tim Eades says much of the government doesn't understand the relationships and dependencies among vArmour's applications or the consequences of an application going down.
A Senate committee this week approved a bill that would create governmentwide standards for identity verification and provide grants to help states and local agencies upgrade ID systems and offer online digital identity services. Supporter Jeremy Grant hopes to see a full Senate vote in 2022.
Passwords are supported everywhere. But, says Andrew Shikiar, executive director of the FIDO Alliance, "they have been proven time and time again to simply be unfit for today's networked economy." In this episode of "Cybersecurity Unplugged," Shikiar discusses how to move beyond passwords.
North Korea is using weaponized versions of open-source utilities to spy on the technology, defense and entertainment sectors worldwide. Microsoft says it spotted fake profiles of supposed job recruiters who really are Pyongyang hackers manipulating victims into downloading Trojans.
Security firms must increasingly follow U.S. government security requirements even if they don't serve federal agencies themselves, says Avi Shua, Orca Security co-founder and CEO. That's because cloud vendors such as Orca often serve businesses that contract or subcontract with the U.S. government.
Hackers, possibly Chinese, are exploiting Microsoft Exchange zero-day vulnerabilities to apparently implant backdoors and steal credentials. The computing giant says it doesn't yet have a patch, telling systems administrators to instead implement workarounds.
Over his 23-year career in cybersecurity, Tom Kellermann has focused on policy, endpoints and even strategic investments. Now, in his new role as senior vice president of cyber strategy at Contrast Security, his mission is to protect code security - particularly in the public and financial sectors.
The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
"It's stupid and adds zero value," writes Ian Keller, director of security at a telecom company, about connecting hospital networks - and especially life-sustaining information - to the internet. He encourages CISOs to be socially responsible about their moral obligation to patients.
The latest edition of the ISMG Security Report discusses what went wrong for Optus in the wake of one of Australia's biggest data breach incidents, the state of code security today and the growing trend of private equity firms pursuing take-private deals.
The Department of Treasury and the Cybersecurity and Infrastructure Security Agency are soliciting comments on whether risks to critical infrastructure from a catastrophic cyberattack - and the concurrent potential for ruinous financial exposure by insurers - should lead to a new federal approach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.