The U.S. Government Accountability Office found that CISA lacks the skilled staff to effectively share information with critical infrastructure operators about threats. Also, the GAO found that the Pipeline and Hazardous Materials Safety Administration lacked an information-sharing process.
What did Microsoft mean when it said that nation-state hackers are "attempting to use secrets of different types" they found in its emails with customers, what's the risk posed by those attackers also accessing Microsoft's source code and what can - and should - customers do about it all?
Phishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.
The Biden administration doesn't propose huge leaps in cybersecurity funding in an annual spending blueprint unveiled Monday afternoon. U.S. federal civilian cybersecurity spending would amount to $13 billion, while the military would spend $14.5 billion.
First-party fraud is largely invisible. It requires financial institutions to overhaul their traditional fraud detection approaches. Unlike more commonly recognized forms of fraud, first-party fraud involves account holders acting deceitfully, which makes detection and prevention more complex.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
The New York-based cloud security phenom is speaking with several investors include Thrive, Lightspeed Venture Partners, G Squared, Sequoia and Cyberstarts in hope of raising roughly $800 million at a valuation of more than $10 billion. The cash infusion would help Wiz finance future acquisitions.
The Conservative government of British Prime Minister Rishi Sunak says it won't champion a reinsurance plan for cyber insurance similar to flood insurance, telling a parliamentary committee it doesn't want to "damage competition." Global ransomware payments surged to record levels during 2023.
The U.S. Cybersecurity and Infrastructure Security Agency apparently had a good reason to urge federal agencies to reset vulnerable Ivanti VPN devices: Hackers breached two gateways used by CISA, forcing the agency to yank them offline. The agency "immediately took offline" the affected VPNs.
UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.
In the latest weekly update, ISMG editors discussed the cyberattack that's sending shock waves through the U.S. healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.
A Russian state hack against Microsoft was more serious than initially supposed, Microsoft acknowledged in a Friday disclosure to federal regulators. Microsoft said a Moscow threat actor obtained access to "source code repositories and internal systems."
As ransomware groups are causing massive damage and disruption and showing no signs of stopping, cybersecurity policy expert Ciaran Martin said it's time for governments to start asking tough questions and "figure out how to make a ransomware payments ban work."
Hackers are mass-exploiting a recently disclosed critical authentication bypass vulnerability in on-premises versions of TeamCity. JetBrains fixed the bugs in a Monday update, but researchers warn users running unpatched instances to assume compromise.
A Chicago children's hospital has finally restored access to its electronic health records systems following a cyberattack detected in late January. But the pediatrics hospital is still working to bring its MyChart patient portal and various other systems back online.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.