A firmware vulnerability in about 100,000 Zyxel products, including VPN gateways, access point controllers and firewalls, can be used to install a hardcoded backdoor that could give threat actors remote administrative privileges, according to the security firm Eye Control. Users are urged to patch the flaw.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020.
The attorneys general of 27 states have entered into a $2.4 million settlement with Sabre Corp. to resolve a lawsuit tied to a 2017 data breach that struck the company's Sabre Hospitality Solutions hotel booking system, compromising 1.3 million payment cards.
The major appliances giant Whirlpool acknowledges it was hit with a ransomware attack in November, with the cyber gang Nefilim taking responsibility for the cyber incident and claiming to have stolen company data.
The FBI is warning of a rise in "swatting attacks," which see hackers use compromised email accounts to access poorly-secured home smart devices that are equipped with cameras and voice capabilities to make hoax calls to emergency services.
The Cybersecurity and Infrastructure Security Agency has released an emergency directive requiring all federal organizations running the vulnerable SolarWinds Orion software to immediately update to the latest version.
Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.
Ransomware gangs entered 2020 with a full and dangerous set of weapons at their disposal and then rolled out additional tools such as extortion and new distribution methods, a trend that is expected to continue into 2021.
As federal regulators intensify their focus on compliance with requirements to provide patients with access to their health information, healthcare organizations need to sort through a variety of emerging challenges, says health information management and privacy expert Rita Bowen.
The latest edition of the ISMG Security Report offers leadership lessons from Equifax CISO Jamil Farshchi and Mastercard's deputy CSO, Alissa "Dr. Jay" Abdullah. Also featured: An assessment of cybersecurity priorities for President-elect Joe Biden.
Facebook's relaunch and rebrand of its Libra digital payment initiative as Diem is seen by some as a shadow of its former self. Financial services commentator Chris Skinner explains why state governments and AML concerns are to blame.
T-Mobile on Tuesday began informing a portion of its customers that some of their mobile phone account information may have been compromised in a data breach that took place in early December. About 200,000 customers are affected.
The U.S. Treasury's Financial Crimes Enforcement Network is alerting financial institutions about the potential for fraud, ransomware attacks or similar types of criminal activity related to COVID-19 vaccine research and distribution organizations.
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.