CampusCoin Student Feed Aggregator

+ Live Webinar | Seamless Security: The Path to Integrated IAM Systems

+ Report: US Cybersecurity Makes Major Gains Amid New Threats—First-Ever US National Cybersecurity Posture Report Highlights AI, Cloud Migrations The Office of the National Cyber Director released the United Sta...

+ ISMG Editors: Day 1 Highlights at RSA Conference 2024—Panel on Secretary of State Antony Blinken's Keynote, Risk and Emerging Tech From the RSA Conference in San Francisco, four ISMG editors discussed hi...

+ Ransomware Attack Shuts Down Kansas City Systems—Phones, Wi-Fi, Digital Payments Are Among the Affected Systems The city administration of Kansas's largest city shut down IT systems and switched to ...

+ Suspected Chinese Hackers Hacked UK Defense Contractor—Up to 270,000 Defense Staff Across the UK Affected by Hack Sensitive information of thousands of U.K. defense personnel was exposed to hackers after ...

+ Influencing Change as Security Leader: Communication Is Key—Nordstrom CISO Nicole Darden Ford Shares Her Journey From B2B to B2C Industry From working in B2B industries to now shifting to a B2C industry, Nicol...

+ Boosting US Tech Leadership: Antony Blinken's Agenda at RSAC—Secretary of State Antony Blinken Debuts New Policies to Propel US Tech Advancement U.S. Secretary of State Antony Blinken highlights a new internati...

+ LockBitSupp's Identity Revealed: Dmitry Yuryevich Khoroshev—Russian National Faces US Criminal Indictment, Sanctions The Russian national known as LockBitSupp, head of ransomware-as-a-service group LockBit, ca...

+ ISMG Editors: Opening Day Overview of RSA Conference 2024—Ransomware, AI Technology and the Art of the Possible Are Hot Topics This Year ISMG editors are live at RSA Conference 2024 in San Francisco with an ...

+ Microsoft Overhauls Security Practices After Major Breaches—Company Plans to Link Executive Compensation to Achieving Security Milestones The executive vice president for Microsoft Security has announced an ov...

+ The Challenges in Keeping Medical Device Software Updated—Updating software as new vulnerabilities are discovered persistently remains a top medical device cybersecurity challenge, said David Brumley, a cyber...

+ Enterprise Technology Management: No Asset Management Silos—Oomnitza co-founder and CEO Arthur Lozinski discusses enterprise technology management - a solution that brings software, hardware and infrastructure ...

+ Operation Cronos Again Threatens to Reveal LockBitSupp—International Police Operation Revives Seized LockBit Dark Web Leak Site Police behind an international law enforcement operation targeting LockBit r...

+ LevelBlue Leverages AI for Threat Intel Following AT&T Split—AI Investments and Global Expansion Set to Propel Growth After Separating From AT&T As Level Blue separates from AT&T, it is focusing on harn...

+ The Intelligent SOC: Fusion Methodology at the Intersection of Intelligence, Context, and Action in Modern Enterprises

+ How Intel 471's Buy of Cyborg Is Reshaping Threat Hunting—Why Customers Benefit From Bringing Threat Hunting and Threat Intelligence Together Intel 471 bought a threat hunting startup led by a Raytheon and S...

+ New Report Exposes Iranian Hacking Group's Media Masquerade—Mandiant Says APT42 Members Have Been Posing as Journalists to Steal Troves of Data Members of the Iranian state hacking group APT42 have been observ...

+ ISMG Editors: RSA Conference 2024 Preview—Also: Insights From Verizon's Data Breach Investigations Report; Investment Trends In the latest weekly update, ISMG editors discussed what the thous...

+ New Botnet 'Goldoon' Targets D-Link Devices—FortiGuard Labs Identifies Botnet Exploiting Decade-Old D-Link Vulnerability Hackers are taking advantage of D-Link home routers left unpatched for a...

+ The Intelligent SOC: Fusion Methodology at the Intersection of Intelligence, Context, and Action in Modern Enterprises

+ Code to Cloud Roadshow - Atlanta In-Person Event hosted by Palo Alto Networks

+ Code to Cloud Roadshow - Tysons Corner In-Person Event hosted by Palo Alto Networks

+ Web Trackers Persist in Healthcare Despite Privacy Risks—While fewer healthcare websites appear to be using online trackers now than a year ago, nearly 1 in 3 firms are still using Meta Pixel and similar tec...

+ Regulating AI: 'It's Going to Be a Madhouse'—Information Security Media group CTO and CISO Dan Grosu discusses the challenges of realistically implementing the directives in President Joe Biden's...

+ Russian GRU Hackers Compromised German, Czech Targets—APT28 Used Microsoft Outlook Zero-Day, Governments Said The German and Czech governments on Friday disclosed that Russian military intelligence hacke...

+ Critical Flaw in R Language Poses Supply Chain Risk—Deserialization Vulnerability Allows for Remote Code Execution A high-risk flaw in R statistics programming language could lead to a supply chain hac...

+ Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits—At Least 33 Ernest Health Facilities in 12 States Are Reporting Breaches A Texas-based operator of rehabilitation hospitals is facing multiple federa...

+ Permira Takes Majority Stake in BioCatch at $1.3B Valuation—Biometrics Stalwart Eyes M&A, Geographic Expansion With Private Equity Firm Backing Permira has acquired a majority stake in BioCatch at a $1.3 b...

+ Breach Roundup: REvil Hacker Gets Nearly 14-Year Sentence—Also: Another Ivanti Zero-Day? And FBI Calls for Strengthening DMARC Policies This week, REvil hacker sentenced; ZDI saw possible Ivanti-zero-day; FB...

+ Cryptohack Roundup: Geosyn Fraud Lawsuit—Also: North Korea Money Laundering and South Korean Crypto Police This week, SEC filed suit against Geosyn, prosecutors fought dismissed Tornado Cash...

+ Managed Service Provider Denies Being Source of Breach—Health Analytics Firm Said Hackers Stole Data on 1 Million by Hacking MSP's Network Who's responsible for a breach that exposed personal information ...

+ Dropbox Sees Breach of Legally Binding E-Signature Service—All Dropbox Sign Users' Emails Stolen, Plus Some MFA and OAuth Tokens, API Keys Dropbox said hackers breached its infrastructure and stole swaths of ...

+ US and Allies Issue Cyber Alert on Threats to OT Systems—Cyber Authorities Warn Pro-Russian Hacktivists Targeting Small-Scale OT Systems U.S. and international cyber authorities issued a warning Wednesday t...

+ Corelight Gets $150M to Expand Detection, Improve Workflows—Series E Funding Round to Cover Future Operations, Enhance Product Innovation Corelight has secured $150 million on a $900 million valuation to suppo...

+ GitLab Hackers Use 'Forgot Your Password' to Hijack Accounts—US CISA Orders Federal Agencies to Apply January Patch The U.S. federal government's cybersecurity agency warned that hackers are exploiting a vulner...

+ Verizon DBIR: Cyber Defenders Are Facing Exploit Fatigue—Experts Warn That Human Failures Have Led to Surge in Successful Zero-Day Exploits Verizon executives warned that cyber defenders are struggling with...

+ Lawmakers Grill UnitedHealth CEO on Change Healthcare Attack—UnitedHealth Group CEO Andrew Witty Explains the Steps the Company Is Taking Lawmakers on Wednesday grilled UnitedHealth Group CEO Andrew Witty over ...

+ Correlating Cyber Investments With Business Outcomes—SecurityGate CEO Ted Gutierrez said the SEC's new cybersecurity mandates give "more teeth to the idea that cybersecurity is a business problem." He di...

+ Qantas Airways Says App Showed Customers Each Other's Data—Customers Report Seeing Each Other's Bookings, Inadvertent Flight Cancellations Australian's Qantas Airways has confirmed suffering a data breach aft...

+ Verizon Breach Report: Vulnerability Hacks Tripled in 2023—Data Breach Report Lead Author Alex Pinto Discusses Top Findings, Best Practices Verizon's 17th annual 2024 Data Breach Investigations Report highlig...

+ Island Gets $175M Series D Funding, Doubles Valuation to $3B—Investments in Island Led by Coatue and Sequoia Support Global Expansion, R&D, M&A Island's Series D funding doubles its valuation to $3 bill...

+ DHS: AI-Enhanced Nuclear and Chemical Threats Are Risk to US—New Report Says Global Threat Actors May Use AI to Enhance Physical Attacks on US The U.S. Department of Homeland Security is warning that known limi...

+ Patched Deserialization Flaw in Siemens Product Allows RCE—The Siemens Simatic Energy Manager Used an Unsafe BinaryFormatter Method Researchers detailed a deserialization vulnerability in Siemens software use...

+ UnitedHealth CEO: Paying Ransom Was 'Hardest Decision' Ever—CEO Tells Congress Attackers Gained Access Via a Citrix Portal; What Happened Next Deciding to pay cybercriminals a ransom in the attack on Change He...

+ How Personal Branding Can Elevate Your Tech Career—Your Personal Brand Is as Crucial as Any Skill in Your Tech Toolkit Personal branding is the practice of marketing oneself and one's career as a bran...

+ New Payment Rails to Rely on RFP for More Security—Modern Treasury's Ani Narayan on Why RFP on New Rails Won't Replace ACH Just Yet As ACH continues to dominate U.S. transactions, newer payment rails,...

+ Finnish Hacker Kivimaki Found Guilty in Vastaamo Hack—'Ransom_man' Extortionist Faces 6-Year, 3-Month Prison Term A Finnish court found Aleksanteri Tomminpoika Kivimäki guilty of hacking and leaking onli...

+ FCC Fines US Cell Carriers $200M for Selling Location Data—Commission Approves Long-Anticipated Fines for Verizon, T-Mobile, AT&T and Sprint The Federal Communications Commission announced Monday that it ...

+ Forescout CEO on Navigating OT, IoT Threats in Cybersecurity—Barry Mainz Discusses Asset Visibility, Security and Risk Management Outside IT Forescout CEO Barry Mainz highlights the growing risks associated wit...

+ Pyongyang Hackers Deploy Backdoors Via Fake Job Interviews—North Korean Prediliction for Elaborate Social Engineering Attacks Strikes Again Likely North Korean threat actors are using fake job interviews to t...

+ Live Webinar | Building Security from Within: Empowering Software Teams for Cyber Resilience

+ Why Many Healthcare Sector Entities End Up Paying Ransoms—While most healthcare sector organizations hit with ransomware attacks never imagine giving in to extortion demands, the pressures they face in dealin...

+ Secure by Design: UK Enforces IoT Device Cybersecurity Rules—Law Bans Universal Default Passwords; Requires Bug-Reporting Channels, Update Plan Say goodbye to buying internet of things devices in Britain with a...

+ Webinar | Navigating Container Chaos from Host to Application: Lessons Learned from a Year of Security Challenges

+ French Government Bids on Atos' Cyber and Computing Assets—Atos Received a Letter of Intent From French Finance Minister Bruno Le Maire The French government could acquire a loss-making cybersecurity unit and...

+ How the Enterprise Browser Has Reshaped the Modern Workplace—Island CEO Mike Fey on How Enterprise Browsers Streamline Operations, Fuel Security Island co-founder and CEO Mike Fey discusses how enterprise brows...

+ Career Spotlight: Growing Need for Technology Legal Analysts—High Demand for Experts Who Know Law Plus AI, Blockchain and Internet of Things Advancements in AI, blockchain and the internet of things have caused...

+ Are Enterprises Overconfident About Cybersecurity Readiness?—Cisco Cybersecurity Readiness Index Shows Only 3% of Companies Are Cyber Resilient Cisco's 2024 Cybersecurity Readiness Index showed a concerning gap...

+ Live Webinar | From Risk-Based Vulnerability Management to Exposure Management: The Future of Cybersecurity

+ Microsoft Releases New-Open Source Tool for OT Security—ICSpector Is Now on GitHub, Scans PLCs, Extracts Info and Detects Malicious Code Microsoft has released a new open-source security tool to close gaps...

+ FTC Finalizes Health Breach Notification Rule Update—Regs Now Cover Wearables and Health Apps, Extend to More Types of Breaches The Federal Trade Commission has finalized changes to its Health Breach No...

+ Rubrik Execs on How Going Public Will Drive More Innovation—Why Cyber's First IPO Since 2021 Will Fuel Growth, Foster Customer Relationships After Rubrik became the first cybersecurity IPO since September 2021...

+ Strengthening Asset Management, Security in Rail Transport—CISO Tom Remberg on Enhancing Rail Passenger Experience While Beefing Up Security As railways embrace digital transformation, the industry faces uniq...

+ State AGs, Industry Groups Urge Action in Change Health Saga—Calls for More Aid to Providers Come as Parent Company UHG Grapples With Breach Twenty-two state attorneys general and some industry groups are urgin...

+ Tech Titans, AI Leaders Join New Federal AI Security Board—Heads of OpenAI, Microsoft, Alphabet Join Inaugural AI Safety and Security Board The heads of technology giants Alphabet and Microsoft and leading ar...

+ Health Analytics Firm Reports Breach Affecting 1.1 Million—Data Stolen via Breach of Reliable Networks - BerryDunn's Managed Service Provider A Maine consulting firm with a medical data analytics business mus...

+ Thoma Bravo to Buy Cybersecurity AI Firm Darktrace for $5.3B—PE Firm Tried to Take Darktrace Private in Summer 2022, But Couldn't Agree on Terms Private equity giant Thoma Bravo agreed to buy Darktrace for $5.3...

+ Webinar | Charting the Course: The Right Path to "Shifting Left" for Container Security Excellence

+ Webinar | From Risk to Resilience: EMEA's Container Security Reinvention

+ Webinar | Navigating “Shift-left” in Container Security

+ Webinar | Navigating “Shift-left” in Container Security

+ Defining a Detection & Response Strategy

+ Microsoft Questioned by German Lawmakers About Russian Hack—Company Officials Reportedly Said Hackers Just Obtained Read-Only Access to Code Russian nation-state hackers who compromised Microsoft's source code...

+ What IBM Purchasing HashiCorp Means for Secrets Management—Hashi Leads in Secrets Management But Lags in Privileged Access. What's Next? Big Blue took a big bite out of the secrets management space with its p...

+ Kaiser Permanente Notifying 13.4 Million of Tracker Breach—Incident Involves Health Plans' Prior Use of Online Tech in Websites, Mobile Apps Kaiser Foundation Health Plan has reported to regulators a health d...

+ Judge Advises Dismissal of CommonSpirit Breach Lawsuit—Proposed Class Action Claim Is Second Recent Case Tossed by Federal Judges A second federal judge has recommended the dismissal of a second proposed ...

+ Cryptohack Roundup: Samourai Mixer Takedown—Also: $45M Hedgey Hack, El Salvador's Compromised Wallet, OneCoin Case This week, Samourai Wallet co-founder was arrested, a $45M hack hit Hedgey Fin...

+ Breach Roundup: Cloud Error Reveals DPRK Sanctions Busting—Also: Hospitals Spend More on Cybersecurity; Critical Flaw in WordPress This week, a cloud server error revealed sanction busting, Moody's said hospi...

+ Researcher Strips ROM for Binary Code—Improved Tooling Makes Such Attacks More Likely Research shows that attackers can physically extract secrets embedded in read-only memory on a shoest...

+ Researcher Strips ROM For Binary Code—Improved Tooling Makes Such Attacks More Likely Research shows that attackers can physically extract secrets embedded into read-only memory on a shoe...

+ ThreatLocker Gets $115M to Fuel Zero Trust Defense, Eyes IPO—After Quintupling Revenue Over the Past 18 Months, ThreatLocker Wants to Go Public ThreatLocker completed a $115 million Series D funding round to fu...

+ Login.gov to Test Facial Recognition Under New Leadership—Hanna Kim to Take Over Login.gov at a Pivotal Moment for Federal Sign-On Service Login.gov, the federal government's single sign-on service, told sta...

+ Cisco Fixes Firewall 0-Days After Likely Nation-State Hack—Networking Giant Dubs Campaign Against Government Customers 'Arcane Door' Probable nation-state hackers targeted Cisco firewall appliances in a campa...

+ AI Is Sexist, Racist and Homophobic—Regulation and Inclusive Training Data Can Help Reduce Bias, Experts Say Just because a machine says it, doesn't mean it's unbiased. In fact, you don...

+ AI Voice Cloning Pushes 91% of Banks to Rethink Verification—BioCatch Survey Report Focuses on New AI-Based Risks and Fraud-Fighting Solutions Banks are concerned about advancements in voice-cloning technology ...

+ Tines Raises $50M to Boost Enterprise-Focused AI Technology—Company to Focus on AI Solutions, Large Enterprise Growth After Series B Extension After closing a $50 million Series B extension led by Felicis and ...

+ Major Areas of Cybersecurity Focus for Medical Device Makers—Medical device makers submitting products for premarket approval by the Food and Drug Administration often struggle the most with cybersecurity in thr...

+ Harnessing AI: A Step-by-Step Guide for Job Seekers—How ChatGPT Can Help You Write Your Job Application Documents Artificial intelligence offers innovative tools to refine your job application material...

+ Live Webinar | Protecting Your AI: Strategies for Securing AI Systems

+ KnowBe4 Buys Egress to Aid Awareness Training, Email Defense—KnowBe4's First Deal Since 2021 Brings AI-Based Email Protection, Training Together KnowBe4 purchased an email security provider founded by a Check P...

+ Live Webinar | Mastering Cybersecurity Leadership: Effective Strategies for Boardroom Communication

+ Change Health Attack: Details Emerge; Breach Will Top Record—Experts Advise Health Sector to Take Steps as UnitedHealth Group Cleans Up Mess UnitedHealth Group's admission that information for "a substantial po...

+ Ukrainian Energy Sector Under Cyber Siege by Russian Hackers—Key Ukrainian Cyber Authority Warns of Spike in Cyberattacks on Energy Facilities Ukraine's Computer Emergency Response Team is warning of a rise in ...

+ Russian Hackers Exploiting Windows Print Spooler Vuln—Microsoft Warns APT28's GooseEgg Tool Enables Credential Theft Russian military intelligence hackers are using an 18 month-old vulnerability in the W...

+ US Pressures Iran Over Phishing Campaign Against Feds—Departments of Justice, Treasury and State Take Action Against Iranian Cyber Actors The U.S. federal government instigated a full court press against...

+ Webinar | Navigating “Shift-left” in Container Security

+ Building Security for MSPs: Cisco's Blueprint for Success—Anjana Kumbampati of Cisco discusses the unique challenges MSPs face, such as managing multiple ecosystems and vendors, which complicates their operat...

+ State Hackers' New Frontier: Network Edge Devices—Firewalls, VPNs and Email Filter Resist Endpoint Scanning State-sponsored hackers have responded to improved network scanning by shifting their focus...

+ UnitedHealth Group Previews Massive Change Healthcare Breach—Breach 'Could Cover a Substantial Proportion of People in America,' Company Warns Hackers who hit Change Healthcare stole sensitive personal and medi...

+ Report: Russian Hackers Targeting Ukrainian Soldiers on Apps—Russian Hackers Using Open-Source Malware on Popular Messaging Apps, Report Says Ukraine's Computer Emergency Response Team is warning in an April re...

+ HHS Beefs Up Privacy Protection for Reproductive Health Info—Finalizes HIPAA Privacy Rule Changes Involving PHI Related to Reproductive Care Healthcare providers are prohibited from disclosing protected health ...

+ Study: GPT-4 Agent Can Exploit Unpatched Vulnerabilities—Researchers Keep Prompts Under Wraps Academics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advi...

+ Feds Issue Guide for Change Health Breach Reporting Duties—HHS OCR Says the Company Has Not Yet Filed HIPAA Breach Reports to the Agency The Department of Health and Human Services has not yet received HIPAA ...

+ Olympians Tout AI in Sports—International Olympics Committee Publishes AI Strategy Olympic Games organizers on Friday in London touted artificial intelligence for its potential ...

+ Benefits of a Unified CNAPP and XDR Platform—In this episode of the "Cybersecurity Insights" podcast, Uptycs CEO Ganesh Pai discusses unifying XDR and CNAPP to improve visibility and explains the...

+ Multifactor Authentication Bypass Attacks: Top Defenses—Joe Toomey of Cyber Insurer Coalition Details Rise in Attacks Targeting Weak MFA Adversaries seeking easy access to enterprise networks continue to p...

+ 7 Tips for Complying With Healthcare Fraud Regulations—Attorney Rachel Rose on Navigating the Intensifying Scrutiny of Federal Regulators The federal government is cracking down on healthcare fraud in all...

+ Why Health Firms Struggle With Cybersecurity Frameworks—Healthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or f...

+ Webinar | Navigating “Shift-left” in Container Security

+ FDIC Issues Guidance to Areas in Illinois Impacted by Severe Storms—The FDIC has announced a series of steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas of Illinois ...

+ FDIC: Institutions Encouraged to Work with Borrowers Impacted by Shutdown—Five federal regulatory agencies encourage financial institutions to work with customers affected by the federal government shutdown.

+ FFIEC: Statement on End of Microsoft Support for Windows XP—The FFIEC on Oct. 7 issued a joint statement concerning Microsoft's discontinuation of support for its Windows XP operating system as of April 8, 2014...

+ FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers—The FDIC is clarifying its policy and supervisory approach related to facilitating payment processing services directly, or indirectly through a third...

+ Evolving Threats Facing Robotic and Other Medical Gear—Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must...

+ Identity Security and How to Reduce Risk During M&A—Cybersecurity occupies a growing priority status in merger and acquisition discussions. But what about the specific role of identity security? SailPoi...

+ Medical Device Cyberthreat Modeling: Top Considerations—Besides not doing cyberthreat modeling at all, some the biggest mistakes medical device manufacturers can make are starting the modeling process too l...

+ UK ICO Weighs Role of 'Accuracy' in Generative AI—But Accurate Data Doesn't Always Result In Accurate Outcomes The U.K. data protection agency says generative artificial intelligence developers shoul...

+ Hacker Threatens to Expose Sensitive World-Check Database—'GhostR' Claims to Have 5.3 Million Records from Major Screening Database A seemingly financially-driven hacker known as GhostR claimed to have stole...

+ CEO Andre Durand on Why Ping, ForgeRock Are Better Together—How Ping-ForgeRock Merger Provides Enhanced Deployment Flexibility, More Services Ping Identity CEO Andre Durand elaborated on the merger with ForgeR...

+ Mitre Says Hackers Breached Unclassified R&D Network—Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in Cyberattack A nation-state threat actor gained access into an unclassified research and dev...

+ Live Webinar | Modernizing Identity Management: From Legacy Systems to Cutting-Edge Security

+ ISMG Editors: Global Fallout From Leaked LockBit Ransomware—Also: Congress Weighs in on Change Healthcare Saga; Hot Topics at ISMG’s AI Summit In the latest weekly update, ISMG editors discussed the rise of cr...

+ Rising Ransomware Issue: English-Speaking Western Affiliates—Domestic Teen Groups Demand 'Nip the Bud' and 'Alternative Pathways,' Experts Say Western law enforcement agencies are battling a rise in domestic ra...

+ Novel Android Malware Targets South Korean Banking Users—New Malware SoumniBot Exploiting Legitimate Android Process A new banking Trojan is targeting Korean users using obfuscation techniques that target t...

+ Breach Roundup: LabHost Phishing-as-a-Service Site Goes Down—Also: Omni Hack Exposed Customer Data; More Ivanti Vulnerabilities Come to Light This week, police disrupted the LabHost phishing-as-a-service site, ...

+ Hacking the Floodgates: US Dams Face Growing Cyber Threats—Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Cybersecurity experts and top lawmakers are warning that a succes...

+ Novel Android Malware Targets Korean Banking Users—New Malware SoumniBot Exploiting Legitimate Android Process A new banking Trojan is targeting Korean users using obfuscation techniques that target t...

+ Breach Roundup: LabHost Goes Down—Also: Omni Hack Exposed Customer Data and More Ivanti Vulnerabilities This week, police took down the LabHost phishing-as-a-service site, customer da...

+ From $8.3B to $200M: Why Lacework Is Examining a Sale to Wiz—Lacework Got the Largest Funding Round in Cyber History. Now, It's Eyeing the Exits Wiz is in advanced negotiations to buy Lacework for between $150 ...

+ Hacking the Floodgates: U.S. Dams Face Growing Cyber Threats—Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Cybersecurity experts and top lawmakers are warning that a succes...

+ Dark Web Sales Driving Major Rise in Credential Attacks—Cybercriminals Netting Over 50 Credentials Per Infected Device, Kaspersky Says The value of corporate credentials in the cybercrime market contribute...

+ Jury Dishes Out Guilty Verdict in Mango Markets Fraud Case—Hacker Masterminded, Executed $110 Million Crypto Fraud Scheme A New York federal jury has found a hacker guilty of charges that he masterminded and ...

+ Live Webinar | CybeRx - How to Automatically Protect Rockwell OT Customers from Today’s Cyber-Attacks

+ Why Health Firms Struggle with Cybersecurity Frameworks—Healthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or f...

+ Cryptohack Roundup: First Conviction in Smart Contract Hack—Also: Nebraska Man Steals $3.5 Million of Cloud Services to Mine $1M of Crypto Every week, ISMG rounds up cybersecurity incidents in digital assets. ...

+ Company Says Change Healthcare Hackers Stole Sensitive Data—UnitedHealth Group Makes Low Key Admission in Online FAQ UnitedHealthGroup said for the first time that hackers behind a February ransomware attack a...

+ Code to Cloud Roadshow - Minneapolis In-Person Event hosted by Palo Alto Networks

+ Live Webinar | Human Detection & Response: Exploring Three Security Awareness Realities

+ Ransomware Victims Who Pay a Ransom Drops to Record Low—Experts See Groups Shoot Themselves in the Foot by Yet Again Swindling Affiliates Here's ransomware news to celebrate: The number of victims who opt ...

+ Lowest-Rung Attackers Challenging Ransomware-as-a-Service—Christopher Budd on the Rise of Junk Gun Ransomware Variants Since June 2023, 19 junk gun ransomware variants have been discovered on the dark web. T...

+ EU Data Regulator Threatens Meta's 'Pay or Okay' Model—The European Data Protection Board Says the Company Inhibits Real Choice for Users Social media giant Meta's attempt to navigate European data protec...

+ Possible Chinese Hackers Use OpenMetadata to Cryptomine—Hackers Target OpenMetadata Platforms Running on Cloud Kubernetes Environments Hackers who appear to be Chinese are exploiting vulnerabilities in the...

+ Armis Buys Cyber Remediation Startup Silk Security for $150M—Combination of Armis and Silk Will Create Leader in Asset Management, Remediation San Francisco-based asset intelligence vendor Armis plans to embed ...

+ Hack on Clinic Serving Homeless Is Latest Hit to Underserved—Centers for Underserved Patients, Resource-Poor Communities Fight for Cyber Funds Michigan's largest federally qualified health center, which treats ...

+ Key Lawmaker Heralds 'Landmark' Draft Federal Privacy Bill—Top Democrat Calls Draft Bill a 'Unique' Chance to Pass Federal Privacy Legislation Rep. Cathy McMorris Rodgers, R-Wa., chair of the House Energy and...

+ Exploited TP-Link Vulnerability Spawns Botnet Threats—Attackers Exploit Old Flaw, Hijack TP-Link Archer Routers Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers un...

+ Free Ransomware: LockBit Knockoffs and Imposters Proliferate—Experts See Surge in Attacks, Including in Russia, Using Leaked LockBit Code What do a German healthcare network, a Russian security company and an A...

+ How to Start a Career in Cybersecurity—A Guide to Seizing Opportunities and Pursuing Growth Our dependence on technology has introduced new and sophisticated cyberthreats that elevate the ...

+ Likely Sandworm Hackers Using Novel Backdoor Kapeka—Kapeka Shows Similarities With Russian GRU Hacking Group's GreyEnergy Malware Likely Russian military intelligence hackers known as Sandworm have dep...

+ The Global Menace of the Russian Sandworm Hacking Team—Russian Cyber Sabotage Unit Sandworm Adopting Advanced Techniques, Mandiant Warns Russia's preeminent cyber sabotage unit presents "one of the widest...

+ Likely Sandworm Hackers Using Novel Backdoor 'Kapeka'—Kapeka Shows Similarities to Russian GRU Hacking Group's GreyEnergy Malware Likely Russian military intelligence hackers known as Sandworm since at l...

+ Windows 11 Adoption Is Slow Despite Windows 10 Security Risk—Only 8.35% of Windows Users Had Migrated to Windows 11 by May 2023 Microsoft announced in December that support for Windows 10 will end when the OS r...

+ Congress Asks What Went Wrong in Change Healthcare Attack—Parent Company UHG Is a No-Show at Hearing & Faces Data Leak, Attack Costs of $1.6B The aftershocks of the Change Healthcare cyberattack are stil...

+ New Tool Aims to Simplify and Streamline SBOM Adoption—OpenSSF Partners With DHS and CISA to Launch Global Software Supply Chain Project OpenSSF launched a new tool Tuesday in partnership with the Departm...

+ Steganography Campaign Targets Global Enterprises—Financially Motivated Threat Group Embeds Malicious Code in Images Financially motivated hackers are using the oldie-but-goodie technique of hiding m...

+ College Students Help Boost Cybersecurity With Free Clinics—New Program Pairs Universities and Students With Small, Resource-Poor Organizations A new initiative in the U.S. is pairing college students with uni...

+ After XZ Utils, More Open-Source Maintainers Under Attack—Fresh Social Engineering Attacks Resemble Tactics Used Against XZ Utils Maintainer Major open-source software projects are warning that more pieces o...

+ The Intelligent SOC: Fusion Methodology at the Intersection of Intelligence, Context, and Action in Modern Enterprises

+ Likely State Hackers Exploiting Palo Alto Firewall Zero-Day—Company Released a Hotfix to the Command Injection Vulnerability Firewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a c...

+ FTC Bans Online Mental Health Firm From Sharing Certain Data—Proposed Action Also Orders Cerebral Inc. to Pay $7M Penalty The FTC has proposed restricting a mental telehealth service firm from sharing consumer ...

+ Sisense Breach Highlights Rise in Major Supply Chain Attacks—Experts Warn of Growing Threat From Supply Chain Attacks After High-Profile Breach Cybersecurity experts are sounding the alarm over a rise in supply...

+ Law Firm to Pay $8M to Settle Health Data Hack Lawsuit—Orrick Herrington Cyberattack Compromised Clients' Data, Affected Nearly 638,000 A global law firm that provides data breach legal services has agree...

+ Sam Bankman-Fried, Fraud and the Future of Crypto—Policy Expert Ari Redbord Details SBF Case Standouts, Illicit Crypto Ecosystem As the Sam Bankman-Fried courtroom saga continues, crypto policy exper...

+ New Foundation Sees Mental Health Tied to Cyber Resilience—Mental Health Charter Targets Burnout, Stress Among Cybersecurity Professionals In response to rising stress levels in cybersecurity, industry leader...

As of 5/8/24 8:03pm. Last new 5/8/24 1:26pm.  Score: 361