The departments of Commerce, State and Justice are among the 20 agencies identified in a Government Accountability Office report as having failed to meet key cyberthreat incident response deadlines outlined in the 2021 cybersecurity executive order.
The Idaho National Laboratory said hackers stole personal data of more than 45,000 individuals connected with the facility following a self-proclaimed hacktivist group's claims of a breach. The data theft stems from a Nov. 20 incident affecting the organization's off-site Oracle HCM HR system.
Public companies must soon meet the SEC's material incident reporting requirements. Already, one ransomware threat actor has tried to report a victim for not reporting an attack. Veteran security leader Edna Conway opens up on how to approach materiality and the weaponization of reporting.
The Biden administration is heavily counting on "responsibly" leveraging AI as part of a five-year strategy that aims to harness data to enhance the health and wellness of Americans. That includes ambitions to drastically improve cancer care and reduce cancer deaths, among other top goals.
Criminal use of social engineering at scale continues to surge, as AI-driven automation and easy access to stolen personal information enables attackers to create ever-more sophisticated and tough-to-detect assaults, says Sharon Conheady of First Defense Information Security.
As Russia's all-out invasion of Ukraine continues, Moscow's strategy for targeting Ukrainian allies centers on "painting the picture of incompetent governments that can't protect from the Russian might" via misinformation and disinformation campaigns, said Ian Thornton-Trump, CISO of Cyjax.
Vulnerability researcher Jesse Chick busted the tacit assumption that data centers are inherently more secure than other computing environments. Devices that are co-located in large data centers and those hosted on-premises share a lot of the same issues and vulnerabilities, he said.
Our email authentication experts will be on hand to provide their insight and a demonstration of how exactly Proofpoint Email Fraud Defense can help identify and close requirement gaps.
Kai Roer, CEO and founder of Praxis Security Labs, delved into the transformative potential of generative AI in reshaping the mindset and behaviors of security teams and organizations. Amid the buzz around large language models, he highlighted the need for a proactive and adaptive approach.
As a legacy protocol, DICOM lacks proper security measures, and as the healthcare industry modernizes and moves to the cloud, there is a significant risk of patient data exposure, said Sina Yazdanmehr, a senior IT security consultant at Aplite.
A U.S. federal court at the behest of Microsoft seized multiple domains used by a Vietnamese cybercrime group that created 750 million fraudulent Microsoft accounts while raking in millions of dollars in illicit revenue. Storm-1152 also sold services to bypass CAPTCHA.
A sweeping executive order tasks AI developers with sharing the results of red-team safety tests with the federal government. But experts tell ISMG the guidance lacks clear directions and critical enforcement measures for federal agencies to review those tests and prevent major safety risks.
Hackers are using publicly disclosed proof-of-concept code to exploit a recently patched critical vulnerability found in the Apache Struts 2 Framework to achieve remote code execution. The Apache Foundation, which manages the Struts library, on Dec. 7 urged developers to apply a patch.
New York State regulators have smacked one of the largest dental administrators in the state with a $400,000 fine for a 2021 incident in which an attacker gained access to an employee email account containing 12 years' worth of messages, including many holding sensitive member information.
This week: 2023 hacking statistics, order for ex-Binance chief to stay in U.S., a $25M crypto AI scam indictment, a $2.7M OKX hack, a Bitcoin security flaw in the NVD, a Uranium hacker's laundering scheme, NDAA rejection of crypto provisions, and Poloniex on regulator radar.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.