The Clop ransomware-as-a-service gang said it is behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot of your data as part of exceptional exploit," the gang says in a misspelled post on its dark web leak site.
Google patched a zero-day vulnerability in Chrome, warning consumers that the vulnerability is under active exploitation. The Silicon Valley giant revealed little Monday in a Chrome advisory about the vulnerability, other than saying it is a type confusion flaw in its V8 JavaScript rendering engine.
The Federal Trade Commission has filed an amended complaint against Kochava, as allowed by a federal judge who last month dismissed the agency's first shot at a lawsuit seeking to permanently stop the data analytics firm from selling geolocation data collected from mobile devices.
Cisco took its first major step toward realizing its secure cloud vision in April with the debut of a new extended detection and response platform. The next set of enhancements around generative AI, secure access and defending applications across multiple clouds debuted Tuesday at Cisco Live 2023.
In this episode of "Cybersecurity Insights," Antoinette Hodes of Check Point Research discusses the need to consolidate an organization's cybersecurity posture, gain visibility into OT and IT assets, and use cybersecurity education to increase worker safety.
Microsoft will pay $20 million to settle a U.S. federal investigation into whether the computing giant violated children's privacy protections during the Xbox Live registration process. The Federal Trade Commission accused the company of a slew of infractions.
Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review. Manasa Health Center will pay $30,000 and implement a corrective action plan, HHS said.
The Iowa Department of Health and Human Services has reported to federal regulators its third major health data breach involving a vendor since April. This time, Iowa HHS/Medicaid says the data of nearly 234,000 individuals was compromised in a mega hack recently reported by MCNA Insurance Co.
Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.
Flipkart embraced a comprehensive security maturity program that incorporated defense-in-depth, automation, zero trust and secure SDLC/security-by-design principles across its four subsidiaries. Flipkart's Raakesh Thayyil discussed the importance of a cohesive strategy.
OJK, the financial regulator in Indonesia, in December 2022 introduced regulations to ensure better cyber resilience for the financial industry. Wahyu Agung Prasetyo, IT and cyber risk management head at Bank Mega, shared how his bank is preparing to meet the regulations and the challenges ahead.
Despite the beating new publicly traded security companies have taken during the economic downturn, Rubrik is looking to test its luck in the public market. Reuters reported Monday the firm is working with Goldman Sachs, Barclays and Citigroup in preparation for an IPO that could take place in 2024.
In the era of digital transformation, banks’ security leaders are grappling with the challenges of maintaining a secure digital ecosystem while keeping costs down. With the explosion of touchpoints and data brought on by the digitization of money and services, the banking industry is now a prime target for...
Technology and software-as-a-service, or SaaS, companies ship code at scale. Beyond Identity offers ways for them to solve the problems of phishable authentication factors, bring-your-own devices or BYOD, device security posture, zero trust risk policy enforcement, and user identity.
Unlike other types of security threats, insider threats are complicated because only a few are caused intentionally, and they typically involve valid credential use. Beyond full- and part-time employees, insiders include contractors, vendors, customers, interns, and others who can be working on site or remote....
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.