A surging Sonatype and Snyk joined stalwart Synopsys atop Forrester's software composition analysis rankings, while Mend.io tumbled from the leaders category. SCA historically didn't get as much attention as application security testing but that’s changing, said Forrester's Janet Worthington.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.
With only 10 EU member states having blocked or restricted high-risk suppliers Huawei and ZTE from their 5G networks, EU Internal Market Commissioner Thierry Breton is urging holdouts to speed up, warning that the entire bloc faces increased cybersecurity and supply chain risks until they do so.
Cybercriminals are increasingly preying on small hospitals, often in rural communities, knowing that security defenses at these facilities are often much weaker than those at larger institutions, said Kate Pierce, a former longtime CIO and CISO at a 25-bed community hospital in Vermont.
The potential for cybercriminals to reverse-engineer generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.
In the latest weekly update, ISMG editors discuss how cyber risk is becoming more closely tied to the economic health of nations, why a rural U.S. healthcare provider is closing due in part to ransomware attack woes, and why some cybersecurity companies have laid off staff this month.
A commercial real estate company that operates more than a dozen addiction recovery centers and other medical facilities in several states is notifying 319,500 employees and patients of a recent ransomware incident that compromised their personal and health information.
Federal regulators have hit Washington state-based Yakima Valley Memorial Hospital with a $240,000 HIPAA fine and correction action plan following a 2018 breach involving 23 hospital security guards who snooped into the electronic medical records of 419 patients.
European lawmakers on Thursday denounced the commercial spyware industry and chastised half a dozen member nations for deploying spyware against citizens or selling it abroad. "Spyware is part of the toolkit of authoritarians who undermine democracies," said Dutch MP Sophie in 't Veld.
Chinese hackers in a state-run operation compromised hundreds of organizations through a zero-day vulnerability in a popular email security appliance, warns cyber threat intelligence firm Mandiant. Hackers used a zero-day vulnerability in Barracuda Networks Email Security Gateway appliances.
"Insurance is a tool," said Libby Benet, the global chief underwriting officer for AXA XL. "When you buy an insurance policy, you are buying a network of professional crisis managers." In this episode of "Cybersecurity Insights," Benet discussed present and future cybersecurity insurance issues.
Microsoft's June dump of patches for the first time in months doesn't include a fix for an actively exploited zero-day in a slew of fixes for 69 vulnerabilities spread across the computing giant's portfolio of products. Among them are SharePoint, Exchange and servers that enable multicasting.
A French conglomerate will buy Australia's largest publicly traded cybersecurity company to expand its cyber service delivery capability in the high-growth Oceania market. The Tesserent deal will help Thales to accelerate its development road map and boost its footprint in Australia and New Zealand.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.