The Latest
-
Enterprise executives cite AI-assisted attacks as top emerging risk, Gartner finds
The analyst firm’s survey underscores growing concern about potential, yet unrealized, scenarios involving AI’s potential role in attacks.
-
SEC cyber rules could survive regardless of election outcome, experts say
As the U.S. presidential election looms, cybersecurity remains a bipartisan focus, experts said during a joint CFO Dive and CIO Dive live event.
-
Executives worry over aging IT systems
Despite ongoing modernization efforts, tech debt is still hindering mission-critical infrastructure, according to Kyndryl.
-
CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files
Midnight Blizzard has targeted more than 100 organizations across government, IT and academia, in some cases impersonating Microsoft employees.
-
As presidential election looms, disparate approaches to cyber policy come into focus
Government officials and security leaders are hoping the nation’s need for cyber resilience will stand on bipartisan cooperation and transcend partisan politics regardless of the election results.
-
Fortinet finds more malicious IPs linked to widely exploited zero-day
The cybersecurity vendor said the additional indicators of compromise don’t reflect any major changes. Researchers warn thousands of devices remain exposed.
-
MoneyGram replaces CEO, naming former Walmart executive to the role
The money transfer company named the new CEO just weeks after a cyberattack led to a systemwide shutdown of its services for several days.
-
UnitedHealth Group names new CISO 8 months after massive ransomware attack
Longtime security leader Tim McKnight joins the beleaguered healthcare giant, succeeding Steven Martin, who was appointed chief restoration officer.
-
CISA rolls out international strategic plan to bolster cyber cooperation
The agency is looking to strengthen intel sharing with key cyber partners, raise security standards and ensure a more resilient global supply chain.
-
Cyber task force has a long to-do list for next president
The change in leadership presents an opportunity to assess what’s working, where adjustments could be made and areas that are in most need of prioritization, the McCrary Institute said.
-
Poor vulnerability management could indicate larger cyber governance issues, S&P says
Companies that fail to properly mitigate security vulnerabilities are leaving themselves open to malicious activity, the research firm said.
-
Delta, CrowdStrike file dueling lawsuits as squabble continues
The airline seeks to recover damages of more than $500 million in the aftermath of a disruptive IT outage in July. The software provider is looking to hold its liability to the terms of its service agreement.
-
Feds probe China-linked attacks on US telecom networks
The government’s public acknowledgment of the China-linked attacks follows a series of warnings about a broad and successful campaign to hack U.S. critical infrastructure.
-
Cisco warns actively exploited CVE can lead to DoS attacks against VPN services
The company warned the threat activity is linked to previously disclosed brute-force attacks beginning in March.
-
SonicWall firewalls the common access point in spreading ransomware campaign
Arctic Wolf Labs researchers said SonicWall firewalls were the initial access point for at least 30 ransomware attacks since August.
-
Microsoft CEO asked board to cut pay in connection with security overhaul
Yet, Satya Nadella's fiscal 2024 compensation far exceeded 2023 thanks to Microsoft's strong market performance.
-
Change Healthcare data breach officially affects 100M people
The breach is the largest ever reported to a portal managed by federal regulators.
-
Fortinet zero-day attack spree hits at least 50 customers
Active exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and configuration data have been stolen.
-
Despite improved workplace culture, tech workers still eye the door
Many tech professionals plan to quit in the next year despite being the most likely group to recommend their employers, according to EY.
-
SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure
The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.
-
4 ways AI could impact employees, workflows: Gartner
Technology leaders can expect AI to continue to raise questions around workforce shifts, privacy procedures and security techniques.
-
Opinion
How to implement attack surface management
ASM is a core component of exposure management that organizations can leverage to enhance vulnerability management.
-
FCC expands cooperation with states on data security, privacy enforcement
More states are working with the agency to investigate possible violations of consumer privacy and data security laws.
-
Critical Veeam CVE actively exploited in ransomware attacks
Multiple ransomware groups targeted the vulnerability, which has a CVSS score of 9.8, more than a month after it was disclosed and patched by the data backup and recovery vendor.
-
New legislation aims to tame ‘Wild West’ in healthcare cybersecurity
The proposed bill, introduced last month by Sens. Ron Wyden and Mark Warner, is a good step forward, but hospitals may need more funds to boost their cybersecurity practices, experts say.