Malaysian Communications and Digital Minister Fahmi Fadzil has ordered an inquiry into an alleged massive data breach that reportedly involves data of Maybank, Astro and the Election Commission. The alleged breach reportedly affects 13 million citizens.
Researchers uncovered thousands of Citrix servers that are vulnerable to two critical flaws, one of which is being actively exploited by nation-state hackers. Netgear also warned its customers about a denial-of-service vulnerability affecting some of its devices.
False positives continue to be a challenge for SOC analysts. Nat Smith, senior director analyst at Gartner, the global research and advisory company, is calling for enterprises to embrace a "paradigm shift" in the security operations center.
Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data. As if.
According to Accenture Security's Cyber Threat Intelligence team, information stealer malware - malicious software designed to steal information, including passwords - became one of the most discussed malware types on the cybercriminal underground in 2022.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
State-backed Russian hacking groups are continuing to focus less on Ukrainian military targets and much more on civilian infrastructure, Ukrainian cybersecurity officials report. Since the start of the year, Ukraine's Computer Emergency Response Team has tracked more than 2,100 major hack attacks.
In the latest update, four ISMG editors discuss important issues of 2022, including: CISO Marene Allison's unique career path; Ukrainian government cybersecurity official Victor Zhora on lessons learned from countering cyberattacks; and insights from CEO Nikesh Arora of Palo Alto Networks.
Phishing and other socially-engineered schemes are going to get bolder, the attack surface is only going to get bigger, and enterprises everywhere are going to have to focus more on building cyber resilience. These are among the New Year's predictions from Zoom's new CISO, Michael Adams.
A cybercrime forum this week listed for sale what a seller purports to be 30 million passenger records for users of India's railways. The Indian Ministry of Railways denies that the Indian Railway Catering and Tourism Corp, is the source of any data breach, but says it's investigating.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.
Twitter has suffered its first major outage since Elon Musk bought the company in late October and began serving as its CEO. The outage lasted several hours The uptime problems come amid ongoing concerns about site security following last month's mass layoffs and cybersecurity staff exodus.
In this episode of "Cybersecurity Unplugged, Stan Golubchik, founder and CEO of ContraForce, discusses the company's mission, beginnings and plans for expansion. Golubchik says ContraForce answers the "need for a stronger generalist workforce for cybersecurity."
The prospect of class action lawsuits being filed in the aftermath of a major data breach often has more impact on breached healthcare organizations than the potential for fines and enforcement actions by government regulators, says attorney Jeff Westerman of Westerman Law Corp.