A now-patched macOS vulnerability allows attackers with root access to bypass a kernel-level security feature that prevents malicious software from modifying protected files. An attacker could use the exploit to load malware itself shielded by Apple's System Integrity Protection.
Synopsys stands head and shoulders above the competition in Gartner's application security testing rankings, with Snyk rising and HCL Software falling from the leaders category. Longtime app security players Veracode, Checkmarx and OpenText joined Synopsys and Snyk atop the Gartner Magic Quadrant.
Many hospitals are still more reactive than proactive in terms of embracing recommended best practices that can advance their cybersecurity maturity level, said Steve Low, president of KLAS Research, and Ed Gaudet, CEO of consulting firm Censinet, who discuss findings of a recent benchmarking study.
How many hackers can claim to have caused a national cheese shortage, not least in the Gouda-loving Netherlands? Enter Mikhail Matveev, a Russian national who's been indicted for wielding not one but three strains of ransomware, in what experts say is a needed focus on ransomware affiliates.
Losses to fraud reported by Britain's financial services sector exceeded $1.5 billion in 2022, declining by 8% from 2021, says trade association UK Finance. About 40% of losses tied to authorized push payment fraud, in which victims get tricked into transferring funds to attackers.
Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.
Check fraud is back although, technically, it never went away. Today, cybercrime groups are openly hawking fraudulent check schemes on the Telegram messaging app. Check fraud is easier and more accessible, and it’s back in the headlines. Experts say banks need to adopt new solutions to curb losses.
Federal regulators are aiming to protect patient information shared on websites. It's increasingly important for healthcare sector entities to take a careful and proactive approach in how they are using website tracking and analytics technologies, said Lokker CEO and privacy expert Ian Cohen.
An insurance provider that services many state Medicaid agencies and the Children's Health Insurance Program told regulators that hackers compromised the personal and protected health information of nearly 9 million patients in an incident discovered in March.
Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack.
Expel, CrowdStrike and Red Canary held steady atop Forrester's MDR rankings, while Secureworks and Binary Defense tumbled from the leaders category. Providers have turned their attention from maximizing their efficacy at detecting ransomware to finding faster and better ways to respond to attacks.
Digital rights organizations detected Pegasus spyware on the devices of members of Armenian civil society during the outbreak of armed conflict over a disputed region in the South Caucasus region. Access Now called the infections the first known instance of Pegasus spyware use during war.
An upstate New York medical specialty practice has reported to regulators that the information of nearly 224,500 employees and patients was compromised in a hacking incident discovered in March. Ransomware group RansomHouse claims to have downloaded 2 terabytes of the entity's data.
ChatGPT will continue to operate inside the European Union despite warnings from OpenAI CEO Sam Altman that he's prepared to pull out from the bloc if he doesn't like regulations being prepared in Brussels. European lawmakers earlier this month proposed new obligations for AI models such as GPT.