Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed against Prudential seeks 10 years of prepaid identity theft monitoring services instead of the usual two.
The tally of entities notifying federal regulators about mega health data breaches involving Clop cybercrime group hacks on Progress Software's MOVEit file transfer application keeps growing, and millions of additional individuals have been affected.
Ransomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption - but they could be bumping up against the limits of how fast they can go, say security researchers at Sophos. Better endpoint detection may be spurring ransomware hackers into acting faster.
Tesla says it is suing two former employees for perpetrating a May data breach that exposed personal information for 75,735 current and former employees. The information was contained in a massive set of data leaked to a publication on whistleblowing grounds.
This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems offline after an attack, and researchers found flaws in AudioCodes phones and Zoom's ZTP.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Alex Waintraub, DFIR expert evangelist at CYGNVS, discusses how generative AI will play a role in the future of incident response - and in all aspects of cybersecurity - and emphasizes its dangers as well as its benefits.
A global law firm that handles data breach litigation is faced with defending itself against a proposed class action lawsuit filed in the aftermath of its own data breach. The lawsuit stems from a March hacking incident at San Francisco-based Orrick, Herrington & Sutcliffe.
In an after-action report on how the Lapsus$ crime group hacked "dozens of well-defended companies with low-complexity attacks," the U.S. Cyber Safety Review Board urges organizations to implement more robust two-factor authentication systems, plus regulations to combat SIM swapping.
At least 637 organizations have now confirmed that they were affected by the zero-day attack on MOVEit file-sharing servers that began in late May, collectively affecting 41 million individuals, report cybersecurity researchers who've been tracking the impact of Clop's data-theft campaign.
This week, Wall Street fined firms for using WhatsApp, NK hackers breached a Russian missile maker, Ivanti backtracked, ransomware attacks cost manufacturers $46B, a cyberattack shut down Gemini North Observatory, ad fraud targeted Android users and healthcare workers' personal info was breached.
One day after personal information for all 10,000 police officers and staff in Northern Ireland was accidentally exposed online, putting their safety at risk, the nation's police service said it's probing a laptop theft last month that may have exposed 200 employees' details.
The U.K. Electoral Commission suffered a "complex cyber-attack" in 2021, resulting in hackers accessing sensitive voter information. Commission CEO Shaun McNally said the attack resulted in hackers accessing copies of electoral register files that the agency uses for research purposes.
A ransomware attack has forced a California-based hospital chain to divert ambulances from its emergency rooms and cancel appointments for services. The group of 17 hospitals, 166 outpatient clinics and various doctor practices is still recovering after an IT systems shutdown.
This week, pharma company Evotec downgraded its earnings after an April hack, Iranians pretended to be Israelis on LinkedIn, researchers jailbroke AI chatbots, a Ninja Forms WordPress plug-in flaw that can aid in data theft was discovered, and a DDoS attack in Kenya disrupted government services.
Real-time protection against API attacks is nonnegotiable for the protection of any web application or digital service that relies on application programming interfaces. Here are some of the most common types of API attacks and strategies for protecting against them in real time.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.