A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say.
Amazon reports that it's been fined 746 million euros ($885 million) under the European Union's General Data Protection Regulation for violating privacy rights in its advertising program. The company says it plans to appeal.
The ransomware landscape changes constantly as groups disappear, change approaches or rebrand. The DoppelPaymer operation, for example, appears to have reinvented itself as Grief, while the administrator of Babuk has launched a ransomware-friendly cybercrime forum called RAMP.
In the latest weekly update, three editors at Information Security Media Group discuss important cybersecurity issues, including the latest ransomware trends, plus an update on NIST's "zero trust" initiative.
The bug hunting team at pentesting firm Haxolot.com uncovered a remote code execution vulnerability in Moodle, an open-source online learning platform widely used by universities worldwide. The flaw has since been patched.
The latest edition of the ISMG Security Report features an analysis of the disappearance of ransomware-as-a-service groups, such as REvil and Darkside, and how that impacts the wider cybercrime ecosystem. Also featured: ransomware recovery tips; regulating cyber surveillance tools.
Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks. Given that attackers first need remote access to victims' systems, robust patch management and remote desktop protocol security remain obvious must-have defenses.
Cyber insurance provider Coalition Inc. says its clients' average claims for losses when they were hit by a ransomware attack totaled $184,000 in the first half of this year, down 45% compared to the second half of 2020. Negotiating lower ransoms and more efficient recovery were key factors.
The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware is alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.
Researchers discovered an unauthenticated operating system command injection vulnerability in the Sunhillo SureLine surveillance application that allows an attacker to execute arbitrary commands with root privileges. The flaw has since been patched.
Researchers are warning of three zero-day vulnerabilities in Kaseya's Unitrends cloud-based enterprise backup and disaster recovery technology. The news comes after a July 2 ransomware attack exploiting flaws in Kaseya's VSA software had a major impact.
Europol says the "No More Ransom" project, a portal launched five years ago, so far has helped more than 6 million ransomware victims worldwide recover their files for free so they could avoid paying almost 1 billion euros ($1.2 billion) in ransoms.
The past few months have seen IT transformation on an unprecedented scale as organisations across the globe change how they do business. With the adoption of cloud-delivered services, SD-WAN has proved that it can deliver improved application performance, reduced costs, and simplified branch operations. But, despite...
Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.
