Here's one reason why Iranian state hackers may have been able to target Israeli-made pressure-monitoring controllers used by American water systems: Nearly 150 of the controllers are exposed to the internet - and some still use the default password 1111.
Fortinet warned Thursday that hackers have exploited a vulnerability in the operating system powering its virtual private network and urged customers to apply a patch or disable the appliance. State threat actors, including hackers from China, are targeting gateway devices in increasing numbers.
National Cyber Director Harry Coker said the administration is introducing a new set of "liability regimes" to hold software providers accountable for deploying unsafe systems, but experts say processes to prove that manufacturers are invested in security already exist.
U.S. federal authorities are again warning the healthcare sector about threats from the Akira ransomware group. The latest alert comes on the heels of several recent attacks by the gang, including one last month on Bucks County, Pennsylvania, which affected an IT system used by emergency responders.
Venture capital investor Pramod Gosavi discussed the drawbacks of relying on network-centric cybersecurity solutions that are driving up costs. He recommended proactive strategies, such as zero trust, that emphasize minimal access and continuous verification and investments in AI-based technologies.
Software developers are in a race against time to patch a flaw that could result in supply chain attacks, warned the integrated development environment maker JetBrains, which on Monday released an urgent patch for an authentication bypass flaw in its CI/CD TeamCity product.
The U.S. Cybersecurity and Infrastructure Security Agency urged critical infrastructure owners to patch systems after publishing a warning that Chinese hackers are evading detection and maintaining persistent unauthorized access in U.S. information technology environments.
In this videocast interview, Theo Zafirakos, CISO, Terranova Security, provides expert analysis of the "Securing Your Third-Party Supply Chain in 2024 Survey" results, including a deep dive into the core conclusions, including the core detriments of poor visibility of cybersecurity awareness, and how to better...
The Biden administration's strategy for bolstering health sector cybersecurity, which includes newly released voluntary cyber performance goals and plans to update the HIPAA Security Rule, is fueling uncertainty in some organizations, said privacy attorney Iliana Peters of law firm Polsinelli.
Breathless reports claim 3 million IoT toothbrushes have been remotely compromised and used to target unsuspecting businesses via distributed denial-of-service attacks. Just one problem: This story has more holes in it than the teeth of kid with a 10-pack-a-day Gummy Bear habit.
HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.
The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
A federal judge has denied Kochava's latest attempt to ditch a Federal Trade Commission lawsuit alleging the firm is invading consumers' privacy and exposing them to risk by collecting and selling their location data to third parties. The FTC is also pursuing other cases against data brokers.
The United States ramped up pressure on the commercial surveillance industry shortly before the United Kingdom and France convened a two-day meeting dubbed the Pall Mall Process intended to culminate in an international agreement limiting the proliferation of advanced spyware.
The escalating adoption of generative AI has introduced concerns regarding data privacy, fake data and bias amplification. Ashley Casovan, managing director of the IAPP AI Governance Center, discusses the need to develop governance models and standardize AI systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.