Page 3
-
Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears
Researchers at SentinelLabs warn the new variant, called AcidPour, could place IoT, networking devices at risk.
-
Threat groups hit enterprise software, network infrastructure hard in 2023
Recorded Future observed an approximately threefold increase in actively exploited high-risk vulnerabilities in enterprise software and network infrastructure, such as VPNs.
-
Change Healthcare’s drawn-out recovery catches flak from cyber experts
At least 100 services remain offline four weeks after the UnitedHealth Group detected an intrusion in its medical claims clearinghouse. Experts say the impacts are unprecedented.
-
Change Healthcare cyberattack could damage credit at small providers: Fitch
Smaller companies may already have worse credit ratings and could struggle with cash flow disruptions caused by the outage.
-
More warnings emerge about state-linked cyber threats to water infrastructure
The White House and EPA set an urgent virtual meeting with state homeland security and other top officials, citing efforts to boost the resiliency of drinking and wastewater treatment systems.
-
Five Eyes implores critical infrastructure execs to take China-linked threats seriously
Officials are pushing tips to help potential victims detect and mitigate Volt Typhoon’s evasive techniques as the was warnings take on urgency.
-
How companies describe cyber incidents in SEC filings
The words businesses use in cybersecurity disclosures matter. They can channel confidence in the recovery process, potential impacts and legal liabilities.
-
AI’s copyright problem will soon slow adoption, Gartner says
The analyst firm said efforts to mitigate intellectual property leaks and copyright infringement will diminish ROI.
-
What’s material to the SEC, 3 months into cyber disclosure rules?
As attacks become more sophisticated and destructive, companies are struggling to find conclusive estimates of the financial impact of cyberattacks.
-
Opinion
Threat environment is changing for individuals and SMBs, White House order shows
An executive order is trying to prevent the large-scale transfer of Americans’ data, as countries seek troves of U.S. data for blackmail, AI training and analysis, among a multitude of other purposes.
-
FCC approves voluntary cyber labeling program for smart home IoT devices
The Biden administration wants the U.S. Cyber Trust Mark program to incentivize higher security standards in future IoT product development.
-
Stronger FCC data breach reporting rules for telecom go live
The updated rules expand the scope of breach disclosure requirements to cover all PII and carriers have to notify customers within 30 days of determining a breach occurred.
-
Audit committees rank cybersecurity as top priority amid SEC crackdown
Cyberattacks are just one of several rapidly changing threats confronting audit committees, according to the Center for Audit Quality and Deloitte.
-
Change Healthcare locates ransomware attack vector
Though the UnitedHealth Group subsidiary’s recovery efforts are ongoing, a forensic analysis identified a safe system restoration point.
-
Threat actors are turning to novel malware as malicious attacks rise
BlackBerry identified 5,300 unique malware samples targeting its customers per day from September through December.
-
HHS opens investigation into Change Healthcare cyberattack
The Office for Civil Rights will focus on whether protected health information was breached and if UnitedHealth complied with privacy and security requirements.
-
Google Cloud CISO spots asymmetric advantage for AI in defense
Organizations have the upper hand in using generative AI for security because it’s trained on data they own and context they tune against it, Phil Venables says.
-
White House adds teeth to secure software development requirements
CISA and OMB released an attestation form to ensure compliance with secure development practices.
-
White House meets with UnitedHealth, industry groups on Change Healthcare cyberattack fallout
Officials called on payers to cut red tape and offer financial support to providers, including advanced payments.
-
JetBrains says TeamCity servers exploited as it defends disclosure policies
The company is publicly disputing with Rapid7 researchers over the timing and detail provided in connection with critical security vulnerabilities.
-
Ransomware festers as a top security challenge, US intel leaders say
U.S. intelligence leaders warn ransomware activity is growing, despite high profile efforts to seize threat actors’ infrastructure.
-
Visa spends ‘billions’ battling cybersecurity threats
“We are all in an arms race to protect this ecosystem, to protect the network,” Visa CEO Ryan McInerney said at an investor conference last week.
-
CISA attacked in Ivanti vulnerabilities exploit rush
The nation’s cyber defense agency was hit “about a month ago” by widely exploited vulnerabilities in the popular remote access VPN product.
-
Ransomware attacks are hitting critical infrastructure more often, FBI says
The agency received more reports of ransomware last year, but officials remain troubled by the amount of attacks that go unreported.
-
Microsoft’s security woes persist as Midnight Blizzard remains on the offensive
The Russia state-sponsored threat actor is using secrets it stole from Microsoft’s systems to gain or attempt to gain further access to the company’s IT infrastructure.
To find more content, use the "Topics" in the menu above.