Warning: Hackers are actively attempting to exploit two zero-day flaws in the IOS XR Cisco operating system that runs its carrier-grade routers. Cisco has described ways to partially mitigate the vulnerabilities while it preps patches.
Security professionals are expressing surprise that email service provider Sendgrid did not have multifactor authentication in place to protect its customer accounts, which may have enabled the compromise of a large number of accounts, followed by the sale data on the darknet.
He'd worked at NASA, Visa and Time Warner and stepped in at Home Depot after it was hacked in 2014. But nothing quite prepared Jamil Farshchi for the spotlight he'd face when he took over as CISO at Equifax after its massive 2017 data breach. He discusses how the Equifax security organization has rebounded.
The latest edition of the ISMG Security Report analyzes the unusual case against former Uber CSO, Joe Sullivan, who was charged in connection with allegedly covering up a data breach. Also featured: CISA director on election security; insights on preventing healthcare fraud.
Federal prosecutors have charged Uber's former CSO, Joe Sullivan, with covering up a hack attack and data breach. It's apparently the first case that involves attempting to hold a security officer personally responsible for a breach - beyond simply being fired. Is this the start of a trend?
Freepik Co. says an SQL injection attack led to the leak of 8.3 million email addresses and 3.7 million hashed passwords for users of its Freepik graphic resources app and Flaticon icon database platform.
The U.S. Department of Justice has charged former Uber CSO Joseph Sullivan with obstruction of justice for allegedly covering up the 2016 hack of the ride-sharing service, which compromised sensitive data for 57 million Uber passengers and drivers.
A data breach affecting the South African branch of credit reporting company Experian exposed information on 24 million consumers and almost 800,000 businesses, according to the South African Banking Risk Information Center. But Experian says no consumer credit or financial information was exposed.
Marriott faces another lawsuit, filed in Britain, over the breach of its Starwood guest reservation system. The breach ran from 2014 to 2018 - Marriott acquired Starwood in 2016 - and exposed personal information for an estimated 7 million customers in the U.K.
Building Cyber Operational Agility into Federal IT
As the Continuous Diagnostics and Mitigation (CDM) program matures, it requires a new way of thinking. While agencies will continue to buy tools to fill gaps in their defenses, they need to start thinking about how those tools fit into their larger cybersecurity...
The Senate Intelligence Committee Tuesday released its fifth and final report on Russia's attempts to influence the 2016 election, providing more details on how Russian hackers resided on Democratic National Commitee servers for months and citing shortcomings in the FBI's investigation.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.