Page 3
-
Ransomware attacks hit manufacturing hard in 2023
The sector was among the top industries to pay ransom demands. The average payment increased 88% to almost $2.4 million last year, Sophos found.
-
What we know about the Snowflake customer attacks
Analysts and threat hunters warn more companies are confronting significant exposure from the identity-based attacks, and damages are spreading.
-
TellYouThePass ransomware widely targets vulnerable PHP instances
CISA added the CVE to its known exploited vulnerabilities catalog, but so far most of the infected hosts have been observed in China.
-
Microsoft president promises significant culture changes geared towards security
Brad Smith detailed plans to tie compensation to security, as lawmakers raised new questions about the company’s commitment to transparency.
-
Ascension says cyberattack may have compromised protected health data
Hackers gained access to the nonprofit’s systems early last month after a worker accidentally downloaded a malicious file, Ascension said.
-
Los Angeles schools investigating claims of data for sale on dark web
The alleged incident is raising questions as to whether there’s been a more recent data breach in the district since September 2022.
-
Snowflake-linked attacks are testing the cloud’s shared responsibility status quo
Assigning responsibility for missing security controls is tricky. The burden is collective but cloud providers need to raise minimum standards, experts say.
-
Microsoft will take full ownership for security failures in House testimony
Brad Smith, the company’s vice chair and president, will acknowledge extensive security lapses while outlining steps the company, industry and nation need to move forward.
-
Rust Foundation leads the charge to improve critical systems security
The foundation is standing up a consortium to boost the responsible use of the programming language at a time of heightened security risks.
-
Pure Storage comes forward as an early victim of Snowflake-linked attacks
The data storage vendor said information exposed by the attack can’t be used to gain access to customer systems.
-
SolarWinds file-transfer vulnerability ripe for exploitation, researchers warn
Rapid7 researchers said Serv-U CVE can easily be exploited, a similar scenario that has led to other smash-and-grab attacks.
-
Critical PHP CVE is under attack — research shows it’s easy to exploit
Researchers warn they are seeing thousands of attacks against various targets, including financial services and healthcare, in the U.S. and other countries.
-
Clorox to restart ERP upgrade as it looks past August cyberattack
With the company out of recovery mode, teams are looking to advance on digital transformation projects.
-
Apple makes a password manager play in a heavily targeted market
The new, standalone app Passwords places credential management front and center for Apple’s massive user base.
-
100 Snowflake customers attacked, data stolen for extortion
A financially-motivated attacker used stolen credentials to systematically compromise customer accounts, steal a significant volume of data and extort victims, Mandiant said.
-
Few CFOs control cybersecurity budgets
Tech executives, not CFOs, most often call the shots on cybersecurity spending at middle market companies, according to a recent RSM US survey.
-
Frontier Communications says cyberattack snagged data from 751,000 people
The breach notifications come almost two months after the company initially disclosed the April attack.
-
Telecom, media and tech companies are cyber defense standouts: Moody’s
Cybersecurity spending in the sector doubled during the past five years, accounting for 10% of companies’ technology budgets in 2023, the credit ratings and research firm said.
-
Pressure mounts on Snowflake and its customers as attacks spread
More businesses are likely impacted by an attacker’s access to multiple Snowflake customer databases.
-
FCC approves $200M K-12 cybersecurity pilot
The three-year program will help schools begin to cover the costs of securing their networks from cyberattacks.
Updated June 7, 2024 -
Tenable to acquire Eureka Security for greater visibility into cloud data environment
The deal marks the latest acquisition in a market undergoing pricing adjustments and increased pressure to offer unified platforms.
-
Cyberattacks pose mounting risks to creditworthiness: Moody’s
“As more data becomes available — thanks to recently adopted disclosure requirements — attacks continue to proliferate,” a Moody’s executive said.
-
White House wants to harmonize the breadth of cybersecurity regulations
National Cyber Director Harry Coker Jr. detailed White House strategy to streamline the administrative burden and cost of cyber compliance.
-
CrowdStrike soars above industry spending concerns, digs at rivals
The cybersecurity firm defied growing industry pressures on cybersecurity revenue while continuing to jab rivals Microsoft and Palo Alto Networks.
-
Security concerns mount as businesses deploy AI coding tools
Organizations are deploying the technology without enough protocols to ensure safe, secure use.
To find more content, use the "Topics" in the menu above.