French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
Microsoft has patched a 12-year-old vulnerability in Microsoft Defender that, if exploited, could enable nonadministrative users to escalate privilege in the application. The patch was made after security firm SentinelOne recently notified Microsoft about the flaw.
Her title says "information security," but Radian CISO Donna Ross considers herself more of a security risk officer. It's an important distinction that drives her approach to technology, leadership and communicating with senior leadership.
The Reserve Bank of New Zealand issued an update on the data breach it sustained in December 2020, saying it has identified the records that were compromised and offering a timeline of the incident.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
EDR, NDR, XDR – we keep rebranding defense, but it all still comes down to detection and response, says Erin Sweeney of ReliaQuest. She discusses the latest evolution and how enterprises are deploying it.
More than 1,000 developers likely worked on rewriting code for the massive SolarWinds supply chain attack that affected many companies and U.S. government agencies, Microsoft President Brad Smith said in a Sunday interview, pointing out the attack is most likely continuing.
Individuals suspected of providing hacking, logistical and financial support to the Egregor ransomware-as-a-service operation have been arrested by police in Ukraine as part of a joint operation with French cybercrime police coordinated by Europol, according to a French media report.
Julie Conroy of Aite Group and Shai Cohen and Lee Cookman of TransUnion analyze a new report that explains why synthetic identity fraud poses a long-term threat.
Security firms Herjavec Group, SentinelOne and Tenable were all involved in merger and acquisition activity this past week, continuing a consolidation wave within the cybersecurity industry.
Russian-Dutch multinational e-commerce company Yandex sustained a data breach in which 4,887 customer accounts were compromised after an employee with systems admin privileges gave unauthorized access to attackers.
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
Organizations must adopt a new approach to security automation that's tailor-made to address today's threats, says Joseph Blankenship, vice president and research director at Forrester.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.