More details about victims of the Clop crime group's zero-day attacks on users of the widely used MOVEit file transfer software continue to come to light. Researchers now report that at least 455 organizations were hit directly or indirectly, exposing data for at least 23 million individuals.
A startup led by former AWS and Oracle AI executives completed a Series A funding round to strengthen security around ML systems and AI applications. Seattle-based Protect AI plans to use the $35 million investment to expand its AI Radar tool and research unique threats in the AI and ML landscape.
Post-COVID and digital transformation, consumer expectations are forever changed when it comes to healthcare delivery. The challenge now: how to raise the security bar. Elizabeth A. Sexton of Adobe talks about how to secure the new healthcare consumer experience.
A startup founded by two Israel Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced negotiations to purchase Silicon Valley-based application security posture management vendor Bionic.
Supply chain compromise, open-source technology and rapid advances in AI capabilities pose significant challenges to safeguarding artificial intelligence systems. The "giant leap" achieved by systems such as ChatGPT makes it tough to discern whether someone is interacting with a human or a machine.
With social engineering attacks escalating, security organizations should embrace better cybersecurity awareness training to protect their organizations against insidious schemes, said Barry Coatsworth, director of risk, compliance and security at Guidehouse.
A mobile security vendor patched a critically rated zero-day vulnerability in its endpoint management platform that had been used by unknown hackers to attack the Norwegian government. The flaw is rated 10 on the CVSS scale. Multiple governments use the platform - the Ivanti Endpoint Manager Mobile.
The rapid adoption of cloud is a double-edged sword. While it offers organizations great opportunities for embracing innovation, it also outpaces security measures, leaving gaps for attackers to exploit. James Campbell, CEO of Cado Security, discussed the risks and vulnerabilities.
General cyber hygiene has gotten worse at small and midsized businesses, according to Simon Newman, CEO of the Cyber Resilience Center for London. "Businesses are less able to spot that they've been a victim than they perhaps have in previous years," he said.
Attackers are increasingly using carefully crafted business logic exploits in which attackers effectively social engineer an API to do something it wasn’t intended to do, according to Stephanie Best, director of product marketing for API security at Salt Security.
Thales has agreed to purchase Imperva for $3.6 billion to enter the application and API security market and expand its footprint in data security. The deal will add a robust web application firewall along with capabilities in API protection and data discovery and classification to Thales' portfolio.
A new IBM study of data breaches found that if an organization's internal team first detects a breach and the organization has well-practiced incident response plans, that organization will be able to more quickly detect and respond, which will lead to lower breach cleanup costs.
Security researchers uncovered multiple vulnerabilities in a widely used radio communication system used by law enforcement and in critical infrastructure for data transmission that could allow remote decryption of cryptographically protected communications.
While patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate the serious business risks involving other poorly secured IoT and OT gear used in healthcare settings, said Mohammad Waqas of Armis.
In a bid to revolutionize information security training and make it more engaging and memorable for employees, Ivan Milenkovic, group CISO at WebHelp, advises firms to adopt gamification and interactive content in corporate training to make it more accessible and memorable for employees.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.