In the annals of attempting to downplay the impact of a data breach, here's a new one: British outsourcing giant Capita says the hackers who hit it - steling data pertaining to customers, suppliers and employees - accessed "less than 0.1% of its server estate."
Federal authorities are warning healthcare sector entities of a rise in cyberattacks against Veeam's Backup & Replication software. Some incidents appear tied to exploitation of a high-severity vulnerability in the vendor's software in that was disclosed in March.
The purchase of promising early-stage startup Laminar by a large tech vendor would match many M&A deals seen in 2023. The downturn has made it tough for small startups to raise additional funding at an increased valuation, while the push for profitability has left big firms open to only tuck-in M&A.
Attacks like Kaseya and SolarWinds have highlighted the supply chain risks and demonstrated how securing the supply chain can no longer just be considered a compliance function. It has evolved into a risk management function, said Fred Kneip, chief executive officer at CyberGRX.
Two separate proposed class action data privacy lawsuits involving the use of Meta Pixel tracking tools in healthcare entity websites are continuing to proceed with new legal developments this week in a Northern California federal court.
Microsoft issued an optional patch Tuesday as part of its monthly dump of fixes that addresses for the second time a Secure Boot zero-day vulnerability exploited by BlackLotus UEFI malware. The patch is optional since the attacker must have admin privileges or physical access to the device.
The International Rescue Committee has identified new processes and ways to safeguard information in the midst of rapid digital transformation, according to CISO JT Jacoby. The IRC went from having multi-factor authentication deployed on just 1,500 devices in November to more than 10,000 today.
A European Commission effort to require instant messenger apps such as WhatsApp and iMessage to scan for child sexual abuse material would likely violate Europeans' human rights and weaken encryption protections for consumers, a leaked document from the commission's internal legal service says.
Security researchers say a slight modification to a Microsoft Exchange zero day attack used by Russian state hackers can bypass a patch the computing giant introduced in March. Microsoft patched the modified attack during this month's dump of fixes, rating the bug as "important" but not "critical."
A possibly Russian state hacking group has been deploying a novel backdoor dubbed DownEx against international governmental targets located in Kazakhstan and Afghanistan, reports Bitdefender. At least one victim appears to be an embassy located in Kazakhstan.
OTC Markets Group in recent years has gone from having almost sector-specific cybersecurity regulations to highly robust ones, said CISO Vlad Brodsky. Since 2016, the New York-based financial market has been subject to stringent policies and procedures to ensure OTC's cybersecurity and resiliency.
Members of the U.K. Parliament considering modifications to national privacy law heard assurances Wednesday that the European Union will go along with them. "U.K. GDPR retains all the rights of the European citizens," said John Edwards, U.K. Information Commissioner said Wednesday.
Nickolas Sharp, a one-time employee of Ubiquity who pleaded guilty to insider hacking received Wednesday a six year prison sentence. He admitted guilt on Feb. 2 to three criminal counts including transmitting a program to a protected computer that intentionally caused damage.
A European Parliament committee investigating commercial spyware tools such as Pegasus recommended new regulatory safeguards but dropped a preliminary call for a moratorium. Members condemned "major violations of EU law in Poland and Hungary" for those governments' use of commercial spyware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.