CampusCoin Student Feed Aggregator

+ Microsoft Releases New-Open Source Tool for OT Security—ICSpector Is Now on GitHub, Scans PLCs, Extracts Info and Detects Malicious Code Microsoft has released a new open-source security tool to close gaps...

+ FTC Finalizes Health Breach Notification Rule Update—Regs Now Cover Wearables and Health Apps, Extend to More Types of Breaches The Federal Trade Commission has finalized changes to its Health Breach No...

+ Rubrik Execs on How Going Public Will Drive More Innovation—Why Cyber's First IPO Since 2021 Will Fuel Growth, Foster Customer Relationships After Rubrik became the first cybersecurity IPO since September 2021...

+ Strengthening Asset Management, Security in Rail Transport—CISO Tom Remberg on Enhancing Rail Passenger Experience While Beefing Up Security As railways embrace digital transformation, the industry faces uniq...

+ State AGs, Industry Groups Urge Action in Change Health Saga—Calls for More Aid to Providers Come as Parent Company UHG Grapples With Breach Twenty-two state attorneys general and some industry groups are urgin...

+ Tech Titans, AI Leaders Join New Federal AI Security Board—Heads of OpenAI, Microsoft, Alphabet Join Inaugural AI Safety and Security Board The heads of technology giants Alphabet and Microsoft and leading ar...

+ Health Analytics Firm Reports Breach Affecting 1.1 Million—Data Stolen via Breach of Reliable Networks - BerryDunn's Managed Service Provider A Maine consulting firm with a medical data analytics business mus...

+ Thoma Bravo to Buy Cybersecurity AI Firm Darktrace for $5.3B—PE Firm Tried to Take Darktrace Private in Summer 2022, But Couldn't Agree on Terms Private equity giant Thoma Bravo agreed to buy Darktrace for $5.3...

+ Webinar | Charting the Course: The Right Path to "Shifting Left" for Container Security Excellence

+ Webinar | From Risk to Resilience: EMEA's Container Security Reinvention

+ Webinar | Navigating “Shift-left” in Container Security

+ Webinar | Navigating “Shift-left” in Container Security

+ Defining a Detection & Response Strategy

+ Microsoft Questioned by German Lawmakers About Russian Hack—Company Officials Reportedly Said Hackers Just Obtained Read-Only Access to Code Russian nation-state hackers who compromised Microsoft's source code...

+ What IBM Purchasing HashiCorp Means for Secrets Management—Hashi Leads in Secrets Management But Lags in Privileged Access. What's Next? Big Blue took a big bite out of the secrets management space with its p...

+ Kaiser Permanente Notifying 13.4 Million of Tracker Breach—Incident Involves Health Plans' Prior Use of Online Tech in Websites, Mobile Apps Kaiser Foundation Health Plan has reported to regulators a health d...

+ Judge Advises Dismissal of CommonSpirit Breach Lawsuit—Proposed Class Action Claim Is Second Recent Case Tossed by Federal Judges A second federal judge has recommended the dismissal of a second proposed ...

+ Cryptohack Roundup: Samourai Mixer Takedown—Also: $45M Hedgey Hack, El Salvador's Compromised Wallet, OneCoin Case This week, Samourai Wallet co-founder was arrested, a $45M hack hit Hedgey Fin...

+ Breach Roundup: Cloud Error Reveals DPRK Sanctions Busting—Also: Hospitals Spend More on Cybersecurity; Critical Flaw in WordPress This week, a cloud server error revealed sanction busting, Moody's said hospi...

+ Researcher Strips ROM for Binary Code—Improved Tooling Makes Such Attacks More Likely Research shows that attackers can physically extract secrets embedded in read-only memory on a shoest...

+ Researcher Strips ROM For Binary Code—Improved Tooling Makes Such Attacks More Likely Research shows that attackers can physically extract secrets embedded into read-only memory on a shoe...

+ ThreatLocker Gets $115M to Fuel Zero Trust Defense, Eyes IPO—After Quintupling Revenue Over the Past 18 Months, ThreatLocker Wants to Go Public ThreatLocker completed a $115 million Series D funding round to fu...

+ Login.gov to Test Facial Recognition Under New Leadership—Hanna Kim to Take Over Login.gov at a Pivotal Moment for Federal Sign-On Service Login.gov, the federal government's single sign-on service, told sta...

+ Cisco Fixes Firewall 0-Days After Likely Nation-State Hack—Networking Giant Dubs Campaign Against Government Customers 'Arcane Door' Probable nation-state hackers targeted Cisco firewall appliances in a campa...

+ AI Is Sexist, Racist and Homophobic—Regulation and Inclusive Training Data Can Help Reduce Bias, Experts Say Just because a machine says it, doesn't mean it's unbiased. In fact, you don...

+ AI Voice Cloning Pushes 91% of Banks to Rethink Verification—BioCatch Survey Report Focuses on New AI-Based Risks and Fraud-Fighting Solutions Banks are concerned about advancements in voice-cloning technology ...

+ Tines Raises $50M to Boost Enterprise-Focused AI Technology—Company to Focus on AI Solutions, Large Enterprise Growth After Series B Extension After closing a $50 million Series B extension led by Felicis and ...

+ Major Areas of Cybersecurity Focus for Medical Device Makers—Medical device makers submitting products for premarket approval by the Food and Drug Administration often struggle the most with cybersecurity in thr...

+ Harnessing AI: A Step-by-Step Guide for Job Seekers—How ChatGPT Can Help You Write Your Job Application Documents Artificial intelligence offers innovative tools to refine your job application material...

+ Live Webinar | Protecting Your AI: Strategies for Securing AI Systems

+ KnowBe4 Buys Egress to Aid Awareness Training, Email Defense—KnowBe4's First Deal Since 2021 Brings AI-Based Email Protection, Training Together KnowBe4 purchased an email security provider founded by a Check P...

+ Live Webinar | Mastering Cybersecurity Leadership: Effective Strategies for Boardroom Communication

+ Change Health Attack: Details Emerge; Breach Will Top Record—Experts Advise Health Sector to Take Steps as UnitedHealth Group Cleans Up Mess UnitedHealth Group's admission that information for "a substantial po...

+ Ukrainian Energy Sector Under Cyber Siege by Russian Hackers—Key Ukrainian Cyber Authority Warns of Spike in Cyberattacks on Energy Facilities Ukraine's Computer Emergency Response Team is warning of a rise in ...

+ Russian Hackers Exploiting Windows Print Spooler Vuln—Microsoft Warns APT28's GooseEgg Tool Enables Credential Theft Russian military intelligence hackers are using an 18 month-old vulnerability in the W...

+ US Pressures Iran Over Phishing Campaign Against Feds—Departments of Justice, Treasury and State Take Action Against Iranian Cyber Actors The U.S. federal government instigated a full court press against...

+ Webinar | Navigating “Shift-left” in Container Security

+ Building Security for MSPs: Cisco's Blueprint for Success—Anjana Kumbampati of Cisco discusses the unique challenges MSPs face, such as managing multiple ecosystems and vendors, which complicates their operat...

+ State Hackers' New Frontier: Network Edge Devices—Firewalls, VPNs and Email Filter Resist Endpoint Scanning State-sponsored hackers have responded to improved network scanning by shifting their focus...

+ UnitedHealth Group Previews Massive Change Healthcare Breach—Breach 'Could Cover a Substantial Proportion of People in America,' Company Warns Hackers who hit Change Healthcare stole sensitive personal and medi...

+ Report: Russian Hackers Targeting Ukrainian Soldiers on Apps—Russian Hackers Using Open-Source Malware on Popular Messaging Apps, Report Says Ukraine's Computer Emergency Response Team is warning in an April re...

+ HHS Beefs Up Privacy Protection for Reproductive Health Info—Finalizes HIPAA Privacy Rule Changes Involving PHI Related to Reproductive Care Healthcare providers are prohibited from disclosing protected health ...

+ Study: GPT-4 Agent Can Exploit Unpatched Vulnerabilities—Researchers Keep Prompts Under Wraps Academics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advi...

+ Feds Issue Guide for Change Health Breach Reporting Duties—HHS OCR Says the Company Has Not Yet Filed HIPAA Breach Reports to the Agency The Department of Health and Human Services has not yet received HIPAA ...

+ Olympians Tout AI in Sports—International Olympics Committee Publishes AI Strategy Olympic Games organizers on Friday in London touted artificial intelligence for its potential ...

+ Benefits of a Unified CNAPP and XDR Platform—In this episode of the "Cybersecurity Insights" podcast, Uptycs CEO Ganesh Pai discusses unifying XDR and CNAPP to improve visibility and explains the...

+ Multifactor Authentication Bypass Attacks: Top Defenses—Joe Toomey of Cyber Insurer Coalition Details Rise in Attacks Targeting Weak MFA Adversaries seeking easy access to enterprise networks continue to p...

+ 7 Tips for Complying With Healthcare Fraud Regulations—Attorney Rachel Rose on Navigating the Intensifying Scrutiny of Federal Regulators The federal government is cracking down on healthcare fraud in all...

+ Why Health Firms Struggle With Cybersecurity Frameworks—Healthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or f...

+ Webinar | Navigating “Shift-left” in Container Security

+ FDIC Issues Guidance to Areas in Illinois Impacted by Severe Storms—The FDIC has announced a series of steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas of Illinois ...

+ FDIC: Institutions Encouraged to Work with Borrowers Impacted by Shutdown—Five federal regulatory agencies encourage financial institutions to work with customers affected by the federal government shutdown.

+ FFIEC: Statement on End of Microsoft Support for Windows XP—The FFIEC on Oct. 7 issued a joint statement concerning Microsoft's discontinuation of support for its Windows XP operating system as of April 8, 2014...

+ FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers—The FDIC is clarifying its policy and supervisory approach related to facilitating payment processing services directly, or indirectly through a third...

+ Evolving Threats Facing Robotic and Other Medical Gear—Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must...

+ Identity Security and How to Reduce Risk During M&A—Cybersecurity occupies a growing priority status in merger and acquisition discussions. But what about the specific role of identity security? SailPoi...

+ Medical Device Cyberthreat Modeling: Top Considerations—Besides not doing cyberthreat modeling at all, some the biggest mistakes medical device manufacturers can make are starting the modeling process too l...

+ UK ICO Weighs Role of 'Accuracy' in Generative AI—But Accurate Data Doesn't Always Result In Accurate Outcomes The U.K. data protection agency says generative artificial intelligence developers shoul...

+ Hacker Threatens to Expose Sensitive World-Check Database—'GhostR' Claims to Have 5.3 Million Records from Major Screening Database A seemingly financially-driven hacker known as GhostR claimed to have stole...

+ CEO Andre Durand on Why Ping, ForgeRock Are Better Together—How Ping-ForgeRock Merger Provides Enhanced Deployment Flexibility, More Services Ping Identity CEO Andre Durand elaborated on the merger with ForgeR...

+ Mitre Says Hackers Breached Unclassified R&D Network—Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in Cyberattack A nation-state threat actor gained access into an unclassified research and dev...

+ Live Webinar | Modernizing Identity Management: From Legacy Systems to Cutting-Edge Security

+ ISMG Editors: Global Fallout From Leaked LockBit Ransomware—Also: Congress Weighs in on Change Healthcare Saga; Hot Topics at ISMG’s AI Summit In the latest weekly update, ISMG editors discussed the rise of cr...

+ Rising Ransomware Issue: English-Speaking Western Affiliates—Domestic Teen Groups Demand 'Nip the Bud' and 'Alternative Pathways,' Experts Say Western law enforcement agencies are battling a rise in domestic ra...

+ Novel Android Malware Targets South Korean Banking Users—New Malware SoumniBot Exploiting Legitimate Android Process A new banking Trojan is targeting Korean users using obfuscation techniques that target t...

+ Breach Roundup: LabHost Phishing-as-a-Service Site Goes Down—Also: Omni Hack Exposed Customer Data; More Ivanti Vulnerabilities Come to Light This week, police disrupted the LabHost phishing-as-a-service site, ...

+ Hacking the Floodgates: US Dams Face Growing Cyber Threats—Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Cybersecurity experts and top lawmakers are warning that a succes...

+ Novel Android Malware Targets Korean Banking Users—New Malware SoumniBot Exploiting Legitimate Android Process A new banking Trojan is targeting Korean users using obfuscation techniques that target t...

+ Breach Roundup: LabHost Goes Down—Also: Omni Hack Exposed Customer Data and More Ivanti Vulnerabilities This week, police took down the LabHost phishing-as-a-service site, customer da...

+ From $8.3B to $200M: Why Lacework Is Examining a Sale to Wiz—Lacework Got the Largest Funding Round in Cyber History. Now, It's Eyeing the Exits Wiz is in advanced negotiations to buy Lacework for between $150 ...

+ Hacking the Floodgates: U.S. Dams Face Growing Cyber Threats—Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Cybersecurity experts and top lawmakers are warning that a succes...

+ Dark Web Sales Driving Major Rise in Credential Attacks—Cybercriminals Netting Over 50 Credentials Per Infected Device, Kaspersky Says The value of corporate credentials in the cybercrime market contribute...

+ Jury Dishes Out Guilty Verdict in Mango Markets Fraud Case—Hacker Masterminded, Executed $110 Million Crypto Fraud Scheme A New York federal jury has found a hacker guilty of charges that he masterminded and ...

+ Live Webinar | CybeRx - How to Automatically Protect Rockwell OT Customers from Today’s Cyber-Attacks

+ Why Health Firms Struggle with Cybersecurity Frameworks—Healthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or f...

+ Cryptohack Roundup: First Conviction in Smart Contract Hack—Also: Nebraska Man Steals $3.5 Million of Cloud Services to Mine $1M of Crypto Every week, ISMG rounds up cybersecurity incidents in digital assets. ...

+ Company Says Change Healthcare Hackers Stole Sensitive Data—UnitedHealth Group Makes Low Key Admission in Online FAQ UnitedHealthGroup said for the first time that hackers behind a February ransomware attack a...

+ Code to Cloud Roadshow - Minneapolis In-Person Event hosted by Palo Alto Networks

+ Live Webinar | Human Detection & Response: Exploring Three Security Awareness Realities

+ Ransomware Victims Who Pay a Ransom Drops to Record Low—Experts See Groups Shoot Themselves in the Foot by Yet Again Swindling Affiliates Here's ransomware news to celebrate: The number of victims who opt ...

+ Lowest-Rung Attackers Challenging Ransomware-as-a-Service—Christopher Budd on the Rise of Junk Gun Ransomware Variants Since June 2023, 19 junk gun ransomware variants have been discovered on the dark web. T...

+ EU Data Regulator Threatens Meta's 'Pay or Okay' Model—The European Data Protection Board Says the Company Inhibits Real Choice for Users Social media giant Meta's attempt to navigate European data protec...

+ Possible Chinese Hackers Use OpenMetadata to Cryptomine—Hackers Target OpenMetadata Platforms Running on Cloud Kubernetes Environments Hackers who appear to be Chinese are exploiting vulnerabilities in the...

+ Armis Buys Cyber Remediation Startup Silk Security for $150M—Combination of Armis and Silk Will Create Leader in Asset Management, Remediation San Francisco-based asset intelligence vendor Armis plans to embed ...

+ Hack on Clinic Serving Homeless Is Latest Hit to Underserved—Centers for Underserved Patients, Resource-Poor Communities Fight for Cyber Funds Michigan's largest federally qualified health center, which treats ...

+ Key Lawmaker Heralds 'Landmark' Draft Federal Privacy Bill—Top Democrat Calls Draft Bill a 'Unique' Chance to Pass Federal Privacy Legislation Rep. Cathy McMorris Rodgers, R-Wa., chair of the House Energy and...

+ Exploited TP-Link Vulnerability Spawns Botnet Threats—Attackers Exploit Old Flaw, Hijack TP-Link Archer Routers Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers un...

+ Free Ransomware: LockBit Knockoffs and Imposters Proliferate—Experts See Surge in Attacks, Including in Russia, Using Leaked LockBit Code What do a German healthcare network, a Russian security company and an A...

+ How to Start a Career in Cybersecurity—A Guide to Seizing Opportunities and Pursuing Growth Our dependence on technology has introduced new and sophisticated cyberthreats that elevate the ...

+ Likely Sandworm Hackers Using Novel Backdoor Kapeka—Kapeka Shows Similarities With Russian GRU Hacking Group's GreyEnergy Malware Likely Russian military intelligence hackers known as Sandworm have dep...

+ The Global Menace of the Russian Sandworm Hacking Team—Russian Cyber Sabotage Unit Sandworm Adopting Advanced Techniques, Mandiant Warns Russia's preeminent cyber sabotage unit presents "one of the widest...

+ Likely Sandworm Hackers Using Novel Backdoor 'Kapeka'—Kapeka Shows Similarities to Russian GRU Hacking Group's GreyEnergy Malware Likely Russian military intelligence hackers known as Sandworm since at l...

+ Windows 11 Adoption Is Slow Despite Windows 10 Security Risk—Only 8.35% of Windows Users Had Migrated to Windows 11 by May 2023 Microsoft announced in December that support for Windows 10 will end when the OS r...

+ Congress Asks What Went Wrong in Change Healthcare Attack—Parent Company UHG Is a No-Show at Hearing & Faces Data Leak, Attack Costs of $1.6B The aftershocks of the Change Healthcare cyberattack are stil...

+ New Tool Aims to Simplify and Streamline SBOM Adoption—OpenSSF Partners With DHS and CISA to Launch Global Software Supply Chain Project OpenSSF launched a new tool Tuesday in partnership with the Departm...

+ Steganography Campaign Targets Global Enterprises—Financially Motivated Threat Group Embeds Malicious Code in Images Financially motivated hackers are using the oldie-but-goodie technique of hiding m...

+ College Students Help Boost Cybersecurity With Free Clinics—New Program Pairs Universities and Students With Small, Resource-Poor Organizations A new initiative in the U.S. is pairing college students with uni...

+ After XZ Utils, More Open-Source Maintainers Under Attack—Fresh Social Engineering Attacks Resemble Tactics Used Against XZ Utils Maintainer Major open-source software projects are warning that more pieces o...

+ The Intelligent SOC: Fusion Methodology at the Intersection of Intelligence, Context, and Action in Modern Enterprises

+ Likely State Hackers Exploiting Palo Alto Firewall Zero-Day—Company Released a Hotfix to the Command Injection Vulnerability Firewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a c...

+ FTC Bans Online Mental Health Firm From Sharing Certain Data—Proposed Action Also Orders Cerebral Inc. to Pay $7M Penalty The FTC has proposed restricting a mental telehealth service firm from sharing consumer ...

+ Sisense Breach Highlights Rise in Major Supply Chain Attacks—Experts Warn of Growing Threat From Supply Chain Attacks After High-Profile Breach Cybersecurity experts are sounding the alarm over a rise in supply...

+ Law Firm to Pay $8M to Settle Health Data Hack Lawsuit—Orrick Herrington Cyberattack Compromised Clients' Data, Affected Nearly 638,000 A global law firm that provides data breach legal services has agree...

+ Sam Bankman-Fried, Fraud and the Future of Crypto—Policy Expert Ari Redbord Details SBF Case Standouts, Illicit Crypto Ecosystem As the Sam Bankman-Fried courtroom saga continues, crypto policy exper...

+ New Foundation Sees Mental Health Tied to Cyber Resilience—Mental Health Charter Targets Burnout, Stress Among Cybersecurity Professionals In response to rising stress levels in cybersecurity, industry leader...

As of 4/26/24 9:58pm. Last new 4/26/24 6:49pm.  Score: 290