European lawmakers advanced legislation for a continentwide framework for digital identity after agreeing to provisions assuring online anonymity and local storage of digital documents. The European Commission first proposed in 2021 a framework for a digital identity accepted in all member states.
Two Australian regulatory agencies are investigating the telecommunications company behind the country's second-largest data breach, affecting approximately 10 million people. Optus could face millions of dollars in fines from probes into the firm's privacy and data retention practices.
Patient portals, electronic prescriptions and some other IT systems are still affected at an undisclosed number of CommonSpirit Health hospitals and clinics in several states more than one week after a cyber incident hit the multistate hospital chain.
The Google-Mandiant marriage will combine Google's security monitoring tools with Mandiant's threat intel and attack surface management solutions, plus new SOAR and file and URL analyzer capabilities, to create an "end-to-end threat intelligence and cybersecurity operations suite."
Telecom giant Singtel is managing multiple data breaches just weeks after Australian subsidiary Optus reported a breach affecting 9.8 million individuals. One of the new breaches is also in Australia. The other stems from a 2021 zero-day vulnerability in file transfer application Accellion FTA.
Self-proclaimed Russian hacktivist group KillNet took responsibility for distributed denial-of-service attacks launched against the public websites of several U.S. airports. It emerged in the wake of Russia's invasion of Ukraine and in May tried to stop online voting for the Eurovision Song Contest.
ISACA's State of Digital Trust 2022 survey shows significant gaps between what enterprises are doing and what they should do to earn customer trust in digital ecosystems. While 98% of those surveyed say digital trust is important, only 12% have dedicated staff roles to digital trust.
In this episode of "Cybersecurity Unplugged," as the use of Kubernetes and cloud containers over traditional forms of storage continues to increase, Nikki Robinson of IBM discusses the benefits of breaking down "complicated environments into something that's tangible and easy to manage."
Australian fruit and vegetable supplier Costa Group says it was subjected to a malicious and sophisticated phishing attack in August that resulted in unauthorized access to its servers. The company, listed on the Australian Securities Exchange, says that the attack occurred on Aug. 21.
In the latest weekly update, ISMG editors examine the story of a Maryland couple facing charges for giving military medical records to Russia, the sentencing of a former Seattle tech worker for her massive Capital One hack, and why David Hatfield resigned as co-CEO of cloud security vendor Lacework.
The latest edition of the ISMG Security Report discusses how adversaries have a new favorite tactic to circumvent MFA, why vendor Akamai is an appealing target for private equity, and what the industry can do differently to attract more females to leadership roles.
Security operations stalwart Arctic Wolf has taken on more than $400 million in debt to pursue acquisitions in the cloud, SIEM, endpoint and XDR markets. The money will fuel an upcoming launch in the Asia-Pacific region and expansion in markets such as South Africa, Benelux and the Nordics.
A Baltimore, Maryland-based healthcare organization has agreed to spend nearly $8 million improving and maintaining its data security as "injunctive relief" to settle a class action lawsuit involving two data breaches that affected a total of about 540,000 individuals.
Lloyd's of London is probing a possible cybersecurity incident that led it to yank some systems offline. Details are scarce at the moment, including whether the incident is malicious or involves ransomware and who may have instigated the incident.
The January memorandum from President Biden’s Office of Management and Budget calls for adopting multifactor authentication that includes the verification of device-based security controls, continuous monitoring, and authentication and mandates a switch to phishing-resistant MFA by January 2023.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.