Tech and security analysts predict enterprises will shift to passwordless authentication for users to enable modern digital transformation. This is mainly prompted by the problems that have plagued passwords: they’re costly and burdensome to manage; they cause poor user experiences; and they are easily...
A New York medical imaging services provider is notifying nearly 606,000 individuals that their information was potentially accessed and copied in a recent hacking incident. The entity is one of several medical imaging centers that have reported major hacking breaches in recent weeks and months.
While the global deployment of CNAPPs is on a steady rise, it is essential to note that adoption is primarily among a small percentage of users, particularly large-scale enterprises with ample resources to explore advanced development models and security defenses, as CNAPPs adoption extends beyond just security...
Genetics testing firm 23andMe says hackers, in a credential-stuffing attack this fall, siphoned the ancestry data of 6.9 million individuals. 23andMe disclosed the attack on Oct. 1, stating the attackers had scraped the profiles of 23andMe users who opted in to the company's DNA Relatives feature.
A large, Seattle-based surgical group is notifying nearly 437,400 individuals that their information was potentially compromised in a ransomware and data theft incident earlier this year. The breach is part of a larger, disturbing trend in the healthcare sector in 2023.
It looks as if Carbon Black's days as part of Broadcom are numbered. Broadcom CEO Hock Tan told staff at newly acquired VMware in both an email and town hall meeting that he plans to "review strategic alternatives." The move comes just four years after VMware purchased Carbon Black for $2.1 billion.
Vulnerability management in the cloud sits at the critical intersection of AppSec and Cloud Sec, requiring an understanding of both in order to be effective. The cloud presents us with many new opportunities for vulnerability management, but our approach must take into consideration the unique aspects of cloud...
Okta has paused product development and internal projects for 90 days to beef up its security architecture and operations for applications, hardware and third-party vendors. Okta will move to strengthen its cyber posture, including a security action plan and engaging with third-party cyber firms.
This week, Ukraine's intelligence service hacked Russian aviation agency, a cyberattack targeted Japan's space agency, Google addressed another zero-day, a French-led operation dismantled a Ukrainian ransomware group, and spyware targeted Serbian civil society.
Government-imposed rules on incident reporting by organizations impacted by cyberattacks are not new – many sectors have been subjected to them for decades. What is new is that governments are introducing new, more stringent incident reporting rules that will affect a broader set of organizations.
The new...
2023 was brimming with DDoS attack activity. Cloudflare automatically detected and mitigated thousands of record-breaking DDoS attacks that came as part of a deliberately engineered DDoS campaign. The campaign included dozens of attacks that exceeded 100 million requests per second.
The largest attack peaked at a...
The ever-expanding threat landscape keeps evolving, and it is easy to overlook key areas that could expose your organization. However, you can stay ahead of constantly evolving threats and gain peace of mind with this comprehensive checklist.
These recommendations are based on real-time incident response...
In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."
BlueVoyant purchased a risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations. Buying Conquest Cyber will allow BlueVoyant to provide cyber risk maturity and compliance assessments to both federal and commercial customers.
Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.