A threat actor is targeting Taiwanese companies using phishing emails and long-standing vulnerabilities to deliver SmokeLoader malware. The threat actor uses plugins for the infamous malware to directly attack systems rather than using SmokeLoader, as its name suggests, as a loader for other malware.
The privacy vendor market in India is evolving rapidly, as many vendors move from offering point solutions to embracing more integrated, platform solutions that can handle a broader range of privacy requirements, said Anirban Sengupta, partner, risk consulting practice with PwC.
Researchers identified 20 critical vulnerabilities in a type of Advantech industrial-grade wireless access points that is widely deployed across critical infrastructure environments. Attackers could exploit the flaws to remotely executive code and create denials of service.
Third-party access management poses significant cybersecurity risks in healthcare, but continuous identity management and monitoring can help mitigate those risks, said Jim Routh, chief trust officer at Saviynt.
Thousands of unique IP addresses are potentially exposing medical devices, electronic medical records systems and other sensitive healthcare information to the internet, said security researcher Himaja Motheram of security firm Censys, which made the discovery.
South Korean technology companies have suffered at least 10 cases of sensitive technology leaks by malicious insiders since January and authorities recorded a 20% rise in such incidents over the previous year. The compromised technologies include OLED display technology and DRAM chip designs.
Federal regulators have fined a Catholic healthcare system $35,581 for HIPAA violations requiring a corrective action plan after the Pennsylvania provider impermissibly disclosed a female patient's reproductive health and other sensitive information to a prospective employer.
An apparent Russian script kiddie is converting widespread security gaps into powerful botnets capable of launching global-scale distributed denial-of-service attacks. A threat actor with the online moniker "Matrix" is exploiting IoT vulnerabilities such as default credentials and outdated software.
Cybersecurity once conjured images of IT departments, server rooms and corporate firewalls. Today, it extends far beyond these traditional domains, becoming essential in fields like manufacturing, agriculture, healthcare, transportation, robotics and space exploration.
The U.S. Department of Health and Human Services' Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their cybersecurity risk.
Major grocery store chains, Starbucks and other large organizations are experiencing disruptions following a ransomware attack against supply chain management service provider Blue Yonder. The provider said it is continuing to probe the attack and has no timeline for service restoration.
An Illinois gastroenterology practice and a California pulmonary practice are among the latest medical specialty groups targeted by cybercriminals who claim to have their patients' sensitive health information. Attacks on such specialty healthcare practices appear to be rising, some experts said.
Private equity firm Haveli has purchased a majority stake in AppViewX to scale globally, targeting automation in certificate lifecycle management and public key infrastructure. CEO Gregory Webb says the acquisition will fund international expansion and next-gen technology investments.
N-able has acquired Adlumin to unify IT operations and security operations on a single platform. CEOs John Pagliuca and Robert Johnston said the deal aims to simplify complex IT environments, improve profitability for MSPs, and deliver innovative solutions to mid-enterprise and SMB markets globally.
Wiz acquired application security posture management startup Dazz for $450 million to provide enterprises with a unified code-to-cloud solution. CEO Merav Bahat highlights how this partnership will streamline vulnerability management and strengthen remediation capabilities for global organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.