Federal authorities are alerting healthcare entities of vulnerabilities - including older flaws - that put Apache Tomcat at risk for attacks if left unmitigated. The open-source web server is heavily used in healthcare for hosting electronic health record and other systems and applications.
Cybercriminals are using a critical remote code execution vulnerability in an open-source geospatial data platform to spread malware globally across several industries. GeoServer Project maintainers released a patch on July 1. The vulnerability has a CVSS score of 9.8 out of 10.
ISMG's Cybersecurity Pulse Report Black Hat 2024 Edition delivers a deep dive into the most critical security challenges discussed at this year's conference. This report, created through advanced AI-driven analysis, compiles expert insights on topics ranging from AI tech to critical infrastructure.
In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments.
Malicious actors have been using an open-source, data-stealing remote access Trojan called Babylon to spy on and steal data from three Malaysian government entities since July 2023, according to security firm Cyble in a report Wednesday. Cyble could not link the attackers to any state or group.
Planned Parenthood of Montana, which provides patients with reproductive healthcare services including birth control and abortion, is responding to a hack and a threat by cybercriminal group RansomHub to leak 93 gigabytes of data allegedly stolen from the organization.
The United States announced a superseding indictment Thursday that adds five Russian military intelligence officers as defendants while warning that Kremlin cyberthreat actors continue to target U.S. and global critical infrastructure.
This week, YubiKey 5 has a flaw, an Ohio city sued a researcher, the Irish regulator ended its GrokAI case, open-source AI tools exposed data, Starlink blocked X in Brazil, FCC banned Kaspersky, Intel addressed a researcher's claim, and Transport of London is still affected by a cyber incident.
This week, pig-butchering scams and bitcoin ATM scams increased, an update in the FTX case, stolen WazirX funds were laundered, settlements in the SEC-Galois and CFTC-Uniswap cases, Scotland seized crypto in a robbery, North Korea targeted Web3 staff, and the Mt. Gox CEO launched a new crypto firm.
The United States National Security Agency is banking on recently developed partnerships with leading technology firms around the world and foreign partners to combat the growing cybersecurity risks from Chinese-based threat actors, a top official from the agency said Wednesday.
Telegram deleted 25 videos the South Korean Communications Standards Commission said depicted sex crimes, and regulators reported that site administrators pledged a "relationship of trust." The agency said it intends to establish a hotline to ensure urgent action on deepfakes.
While the criminals may have an advantage in the AI race, banks and other financial services firms are responding with heightened awareness and vigilance, and a growing number of organizations are exploring AI tools to improve fraud detection and response to AI-driven scams.
The United States on Wednesday accused Russia of carrying out a sustained campaign to influence the 2024 presidential election and announced a series of sanctions and law enforcement actions that target state-sponsored hackers and media executives behind Kremlin influence operations.
The transit authority serving metro London experienced a cyberattack that has led to subway riders experiencing problems with contactless payments for at least a second day. Transport for London said late Monday that is it "currently dealing with an ongoing cyber security incident."
A vendor that provides information systems and transcription services to radiology practices is alerting 411,037 people of a hack discovered last December involving the theft of sensitive data. The firm already faces at least four proposed federal class action lawsuits related to the hack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.