Microsoft upgraded a vulnerability first discovered in September to "critical" after IBM Security researchers discovered attackers could exploit the flaw to remotely execute code. The latest code execution bug has a broader scope and could affect a wider range of Windows systems than EternalBlue.
Malware analysis and sandboxing solutions traditionally have been bound to operating systems and file types, but file types in the critical infrastructure world are different. Critical infrastructure cannot rely on standard malware analysis tools given the unique operating systems used in the space.
Epic Games, maker of Fortnite, will pay $520 million to the U.S. government to settle allegations it violated children's privacy and charged credit cards without authorization. Epic said its previous practices adhered to "long-standing industry practices" but that "the old status quo" has changed.
Log management is fundamental to enterprise cybersecurity, but many log management solutions are out-of-date or were never intended to address today’s security challenges in cloud and hybrid environments.
Organizations need to quickly identify and resolve incidents from vast log repositories, discovering threats...
Only 14% feel confident that their organisation will be able to control IT risks created by digitalisation. So how can you seize the digital future and fully embrace the benefits of transformation? By responding to emerging threats in real time, using an integrated approach. Read this ebook to explore the three key...
On average, it takes 212 days before a breach is detected. So you have to wonder: How long have we been compromised? What will it take to recover? And above all, how badly will it damage our reputation?
This white paper details key angles of risk communication for CISOs:
What executives need to understand about...
More than a quarter million Medicare beneficiaries will be issued new Medicare cards and identifiers following a ransomware attack on a government contractor compromising a range of sensitive personal and health information.
Staying one step ahead of both threat actors and competitors is a tall task for Palo Alto Networks given the breadth of its cybersecurity portfolio. Palo Alto Networks has committed to having best of breed features and functionality in each of the technology categories where it chooses to play.
After years of digital transformation, cloud migration and deployment of hybrid workforces, enterprises have more endpoints than ever, which makes it important to take endpoint security to a whole new level. Pat Correia of Cisco Security shares five tips for choosing endpoint security.
The latest edition of the ISMG Security Report discusses how investigators saw the collapse of cryptocurrency exchange FTX as "one of the biggest financial frauds in American history," how CISOs can guard against their own liability, and major security and privacy shifts and the outlook for 2023.
A California dental practice that for years revealed patient data on Yelp must stop doing so and pay federal regulators a $23,000 fine. New Vision Dental, owned by Dr. Brandon Au, must also delete social media posts and send breach notification letters to affected patients.
Microsoft's last monthly dump of patches for 2022 includes a fix for a zero-day exploited by ransomware hackers to bypass the SmartScreen security mechanism for malware execution. The zero-day hinged on hackers creating a malformed Authenticode signature.
To get zero trust strategy right, it is important to know what exactly to protect and decide what your crown jewels are. Three panelists discuss the various ways to do that and also offer their thoughts on whether zero trust is need for everything.
When healthcare organizations come together through mergers or acquisitions, it is critical for the entities to carefully assess the cyber risk each poses, as well as its level of cyber maturity, says Jigar Kadakia, CISO and chief privacy officer at Boston-based Mass General Brigham.
Assets kept behind air-gapped networks should be inaccessible, but researchers from Pentera describe how hackers use the DNS protocol as a command-and-control channel. To be truly safe, companies should isolate the DNS server used for air-gapped networks and filter traffic for anomalies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.