A five-year-old flaw in Fortinet SSL VPNs remains one of the world's most widely exploited vulnerabilities. So warn cybersecurity officials across the U.S. and its Five Eyes partners in a joint security advisory highlighting the 12 most exploited flaws that require immediate patching.
A delay in finalizing enterprise deals and a shorter average contract duration have forced Fortinet to lower its sales forecast going forward. The Silicon Valley-based platform security vendor said average contract length shortened from 29.5 months to 28 months in the fiscal quarter ended June 30.
A Russia-linked hacking group is shifting its online infrastructure likely in response to public disclosures about its activity. Its ability to adapt to public reporting suggests it will persist with "operations for the foreseeable future" and continue to evolve its tactics, Recorded Future warned.
A Russian espionage group attacked multiple organizations to steal credentials using Microsoft Teams chats that appear to originate from technical support. Microsoft on Wednesday attributed the campaign to a threat actor originating in the Russian Foreign Intelligence Service.
Ten Eleven Ventures' Alex Doll sees privacy and device management as the hottest areas for security startups and cloud companies as "coming from behind." Advancements in privacy-enhanced technologies have allowed for searchable encryption, meaning that entire databases can be locked down.
Ilya "Dutch" Lichtenstein, 35, confessed in U.S. federal court to hacking billions of dollars from virtual currency exchange Bitfinex and laundering stolen funds with his 33-year-old wife, Heather Morgan. Lichtenstein pleaded guilty to conspiracy to commit money laundering.
New CEO Scott Harrell wants Infoblox to evolve from classic networking DNS management to bringing networking and security together in ways that optimize protection and efficiency. DNS serves as a building block for security since it is universal across large client devices and small mobile phones.
This week, pharma company Evotec downgraded its earnings after an April hack, Iranians pretended to be Israelis on LinkedIn, researchers jailbroke AI chatbots, a Ninja Forms WordPress plug-in flaw that can aid in data theft was discovered, and a DDoS attack in Kenya disrupted government services.
A contractor that provides claims processing and other services says several of its community health plan customers - including 1.7 million members of the Oregon Health Plan - are victims of the zero-day MOVEit vulnerability, which has affected more than 500 organizations worldwide.
TikTok will know within a month the outcome of an Irish investigation into whether the short-form video app violated the privacy of underage users. The investigation stalled after other European national privacy enforcers raised objections to the Irish Data Protection Commission's draft decision.
ISMG's roundup of digital assets-related cybersecurity incidents includes Kenya, France and Germany's probe into WorldCoin; July security incidents; Curve Finance and LeetSwap theft; the crypto amendment in the NDAA; and India's lack of crypto regulation.
A finalist in RSA Conference's prestigious Innovation Sandbox contest completed its first major funding round to extend its capabilities from code security to pipeline security. Endor Labs got $70 million to move beyond protecting open-source software and get into locking down the CI/CD pipeline.
Real-time protection against API attacks is nonnegotiable for the protection of any web application or digital service that relies on application programming interfaces. Here are some of the most common types of API attacks and strategies for protecting against them in real time.
How much of a risk do hacktivists pose? Hacktivism's heyday was arguably a decade ago. While activists do keep using chaotic online attacks to loudly promote their cause, they're tough to distinguish from fake operations run by governments, including Russia and Iran.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.