Large enterprises, including government and educational organizations, are being warned to immediately update their WS_FTP Server, built by Progress Software, to fix serious flaws being actively exploited by attackers. Secure file transfer software remains a top target, especially for extortionists.
Detecting, prioritizing and remediating open source software supply chain vulnerabilities can be challenging. CISOs can build robust strategies by having near real-time visibility of all their hybrid assets and performing remediation engineering at scale, said Qualys' Debashish Jyotiprakash.
An August cyberattack on a national hospital chain may make medical care in underserved areas of Connecticut even harder to obtain now that a would-be buyer said it's having second thoughts about going through with the deal. The Rhysida group claimed responsibility for an attack on Prospect Medical.
Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masqueraded as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.
CrowdStrike has joined forces with Amazon Web Services to familiarize itself with more Israeli cyber startups earlier in their development life cycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.
Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero-day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.
The NSA has set up a new organization to oversee artificial intelligence in national security systems. Dubbed the AI Security Center, the unit will consolidate the agency's AI activities and support the government's effort to "maintain its competitive edge in AI," said Army Gen. Paul Nakasone.
In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might affect the cybersecurity industry.
The firm founded by retired four-star Army Gen. Keith Alexander and once valued at $1.2 billion has officially turned off the lights. IronNet on Friday ceased business operations and terminated remaining employees after probing alternatives and finding additional sources of cash unavailable.
Medical device makers in their premarket submissions to the Food and Drug Administration under the agency's new "refuse to accept" policy for cybersecurity should pay close attention to details such as a product's software bill of materials and vulnerability management, said Jessica Wilkerson of FDA.
Google rolled out an urgent Chrome browser security update to address a zero-day actively exploited by a commercial spyware vendor. The high-severity bug is the fifth zero-day patched by Chrome this year. Google did not provide details, only stating that it is aware of an exploit in the wild.
Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow their money trail. Only a small number of them transacted with a crypto mixer.
The maker of the world's most popular VPN service hauled in $100 million on a $3 billion valuation to accelerate growth through mergers and acquisitions. The Warburg Pincus-led investment will allow the Lithuania-based internet privacy and security vendor to expand its product offering.
Specialty infusion company Amerita is facing a proposed federal class action lawsuit in the wake of a March cyberattack on its parent company, PharMerica, which reported a breach affecting nearly 6 million individuals. Amerita recently reported its own breach that affected about 220,000 people.
This week, Johnson Controls suffered a ransomware attack, the Philippine state health insurance program was recovering from ransomware, Air Canada reported a cyberattack, an APT group used the American Red Cross as bait, new malware targeted Bitwarden, and a LATAM cybersecurity conference occurred.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.