Threat actors are exploiting Kubernetes Role-Based Access Control in the wild to create backdoors and to run cryptocurrency miners. Researchers observed a recent campaign that targeted at least 60 Kubernetes clusters by deploying DaemonSets to hijack and steal resources from the victims' clusters.
Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company. The Swedish firm said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets and land clients in new verticals.
Palo Alto Networks and IBM have joined forces to create a strong partnership designed to deliver best-in-class security solutions and services. In an exclusive interview, Bob West of Palo Alto Networks joins IBM's Abhi Chakravorty to discuss the power of the partnership for customers.
A top HIPAA-enforcement priority for regulators is cracking down on entities that disclose patient information to third parties without permission through the use of website tracking codes, says Melanie Fontes Rainer, director of the Department of Health and Human Services' Office for Civil Rights.
In the days between April 14 and April 20, the spotlight was on the U.S. Consumer Financial Protection Bureau, a ransomware attack on American payments firm NCR, German automotive and arms producer Rheinmetall, state agencies in the Philippines, Indian rental platform RentoMojo, and Point32Health.
Application security and delivery vendor F5 will shrink its workforce by 9% due to customers delaying purchasing decisions amid macroeconomic uncertainty. The Seattle-based firm will lay off 623 of its 7,100 employees as part of a cost-cutting effort that includes reducing F5's facilities footprint.
Supply chain risk has become more critical in the post-pandemic world, and that means you need to ask "much more focused, targeted questions" about your partners, according to Sawan Joshi, director of information security at Cervest, a climate intelligence startup.
Expel is out with its annual threat report, and the results point to a spike in identity threats. Jon Hencinski discusses the report, including how attackers are defeating MFA, how adversaries are taking advantage of VPNs, and what to look for in pre-ransomware activity.
House Oversight Committee members on Thursday called for the firing of whoever caused the DC Health Benefit Exchange breach and exposed the personal information of Congress members on a dark web forum. The breached was blamed on "human error" and a server configured with no authentication controls.
Vendors should be more transparent and faster in communicating when they experience a breach or other security incident that affect clients' data, says Anahi Santiago, CISO at ChristianaCare. "Sometimes we find out about these incidents through our third-party monitoring systems," she said.
Major internet chat platforms are urging the United Kingdom government to reconsider a bill intended to decrease exposure to online harms but which opponents say would open the door to massive government surveillance. Proponents say online platforms should have a duty of care to protect users.
Important lessons about security and risk management aren't being learned, remembered and applied by defenders amid organizations' rapid migration to the cloud, according to the finding that just 5% of security rules, on average, trigger 80% of all alerts, threat intelligence group Unit 42 warns.
Healthcare sector entities have a special mix of identity and access management challenges, but other factors, including the shortage of skilled cybersecurity expertise, create even more obstacles, says Dave Summitt, vice president, cybersecurity, at Florida Cancer Specialists & Research Institute.
Apple users: Don't fear newly discovered samples of LockBit ransomware designed to target newer macOS devices. Researchers say the still-in-development code, tied to no known in-the-wild attacks, contains numerous errors, leaving it unable to execute.
A surging Palo Alto Networks has joined stalwarts Netskope and Zscaler atop Gartner's security service edge ranking, while Skyhigh Security fell from leader to visionary. Netskope joined Palo Alto as a big winner, catapulting from third to first in both execution ability and completeness of vision.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.