Federal regulators accused SolarWinds and CISO Tim Brown of fraud and internal control failures for misleading investors about the company's cybersecurity practices and risks. The SEC said SolarWinds and Brown disclosed only generic and hypothetical risks even though they knew about specific issues.
U.S. President Joe Biden called on Congress to pass comprehensive legislation on artificial intelligence after invoking Cold War-era executive powers over private industry in a sweeping executive order that aims to set new standards and regulations for AI systems.
Snyk purchased a Portuguese startup founded by SonarSource and European Parliament veterans to help developers contribute to code bases more quickly. The Boston-based developer security vendor said its buy of Porto-based Reviewpad will help developers secure pull requests.
Costco warehouse customers often get free samples of cheese and beef jerky. But members who fill their prescriptions online at Costco pharmacies allegedly get their sensitive information unlawfully scraped and transmitted to third parties, claim two proposed federal class action lawsuits.
Ransomware-wielding groups are among the attackers exploiting vulnerabilities in NetScaler devices to bypass authentication and gain initial access to victims' networks. Experts say users must not just patch but also wipe device memory to prevent attackers from bypassing access controls.
Proofpoint has agreed to purchase a cloud email security provider founded by HSBC, RBS, Santander and UBS alumni to apply artificial intelligence to evolving threats. The proposed acquisition of Boston-based Tessian will help Proofpoint address common forms of data loss including data exfiltration.
U.S. President Joe Biden is invoking a Cold War-era law in an executive order directing developers of advanced AI models to notify the government and share safety tests. The order is "the strongest set of actions any government in the world has ever taken on AI safety," a White House official said.
North Korean hackers are spreading malware through known vulnerabilities in legitimate software. In a new campaign spotted by Kaspersky researchers, the Lazarus group is targeting a version of an unnamed software product for which vulnerabilities have been reported and patches are available.
The U.S. Cybersecurity and Infrastructure Security Agency launched a security tool intended to help organizations with limited resources better protect their Windows-based devices and sensitive data. Logging Made Easy is meant to serve as a turnkey log management tool.
The U.K. communication regulator laid down plans to implement a controversial regulation intended to prevent online child sexual abuse material after it officially became law. The Online Safety Bill received royal assent on Thursday after it was cleared by the parliament in September.
The United Nations unveiled Thursday an AI advisory body that looks to analyze risks and make recommendations on international governance for the technology. The body comprises 38 experts across geographies and industries, including from government, the private sector and civil society.
In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.
Hospitals, clinics and doctor practices have long fallen victim to cyberattacks and breaches kicked off with phishing emails. But with the advent of AI-augmented phishing, the lures are more convincing and could lead to even more scams targeting healthcare organizations, federal authorities warned.
Two cybersecurity vendors are laying off a sizable chunk of their staff, with Exabeam axing 20% of its workforce and F-Secure cutting up to 70 employees. Exabeam eliminated roughly 134 positions this week, while F-Secure wants to shrink its workforce by nearly 14%.
Social media single sign-on standard OAuth has an implementation weakness that hackers could exploit to obtain unauthorized access, say researchers. "We expect that 1,000s of other websites are vulnerable to the attack," wrote Salt Security, "putting billions of additional internet users at risk."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.