The Latest
-
Threat actors are turning to novel malware as malicious attacks rise
BlackBerry identified 5,300 unique malware samples targeting its customers per day from September through December.
-
Sponsored by Palo Alto Networks
Security consultation is a non-negotiable for M&A activity
Over 20% of external cloud services change monthly. Without visibility, it is easy to lose track of changes and prevent risks. Get the report to learn more.
-
HHS opens investigation into Change Healthcare cyberattack
The Office for Civil Rights will focus on whether protected health information was breached and if UnitedHealth complied with privacy and security requirements.
-
Google Cloud CISO spots asymmetric advantage for AI in defense
Organizations have the upper hand in using generative AI for security because it’s trained on data they own and context they tune against it, Phil Venables says.
-
White House adds teeth to secure software development requirements
CISA and OMB released an attestation form to ensure compliance with secure development practices.
-
White House meets with UnitedHealth, industry groups on Change Healthcare cyberattack fallout
Officials called on payers to cut red tape and offer financial support to providers, including advanced payments.
-
JetBrains says TeamCity servers exploited as it defends disclosure policies
The company is publicly disputing with Rapid7 researchers over the timing and detail provided in connection with critical security vulnerabilities.
-
Ransomware festers as a top security challenge, US intel leaders say
U.S. intelligence leaders warn ransomware activity is growing, despite high profile efforts to seize threat actors’ infrastructure.
-
Visa spends ‘billions’ battling cybersecurity threats
“We are all in an arms race to protect this ecosystem, to protect the network,” Visa CEO Ryan McInerney said at an investor conference last week.
-
CISA attacked in Ivanti vulnerabilities exploit rush
The nation’s cyber defense agency was hit “about a month ago” by widely exploited vulnerabilities in the popular remote access VPN product.
-
Ransomware attacks are hitting critical infrastructure more often, FBI says
The agency received more reports of ransomware last year, but officials remain troubled by the amount of attacks that go unreported.
-
Microsoft’s security woes persist as Midnight Blizzard remains on the offensive
The Russia state-sponsored threat actor is using secrets it stole from Microsoft’s systems to gain or attempt to gain further access to the company’s IT infrastructure.
-
Change Healthcare systems expected to come back online in mid-March
Insurer UnitedHealthcare said it would also advance payments to providers as the outage stretches into its third week.
-
Fidelity Investments Life Insurance says customer data breach linked to third-party hack
The incident at Infosys McCamish also led to a data breach of more than 57,000 Bank of America customers.
-
Change Healthcare faces potential class action as lawsuits rack up
At least six federal lawsuits seeking class-action status were filed since the cyberattack, alleging the technology firm didn’t have reasonable cybersecurity measures.
-
Financial services sees sharp increase in DDoS attacks as geopolitical tensions rise
The industry became the most-targeted sector in 2023, driven by cyber hacktivist groups and more powerful botnets.
-
What’s behind the demand for MDR and IAM systems
It's not just the front door businesses need to protect. Organizations also have to recognize the damage threat actors can do once they’re inside.
-
CrowdStrike dodges pricing war with Palo Alto Networks
CEO George Kurtz called out CrowdStrike's largest competitor, dismissing Palo Alto Network's strategy of free incentives. "Free is never free," he said.
-
Yet another threat actor seen exploiting ConnectWise ScreenConnect
Kroll researchers identified a new malware variant threat actors are deploying against the rapidly exploited security vulnerabilities.
-
Provider groups urge HHS, Congress to mitigate damage from Change cyberattack
The American Hospital Association and the American Medical Association pushed the federal government to offer more financial support as the Change outage limits providers’ ability to receive payment.
-
CMS rolls out provider flexibilities amid fallout from Change cyberattack
Provider groups said the government should go further to financially bolster providers during the outage at Change Healthcare.
-
AWS CISO: Generative AI is just a tool, ‘not a magic wand’
Attackers and defenders have access to the same capabilities in generative AI. Clear advantages for either side have yet to materialize.
-
JetBrains TeamCity a ripe attack target as more vulnerabilities emerge
Despite available security fixes, Rapid7 researchers raised concerns about JetBrains' lack of coordination in vulnerability disclosure.
Updated March 6, 2024 -
Amex cardholder data exposed in merchant processor hack
The point-of-sale attack on a merchant processor may have compromised card numbers, expiration dates and cardholder names, Amex said in a state regulatory filing.
-
Change Healthcare cyberattack having ‘far-reaching’ effects on providers
Providers said the outage at the UnitedHealth-owned technology company has affected billing, eligibility checks, prior authorization requests and prescription fulfillment.
-
AlphV’s hit on Change Healthcare strikes a sour note for defenders
The ransomware group didn’t just regroup quickly after a law enforcement takedown. It carried out the worst attack on U.S. infrastructure to date, according to experts.