Costco warehouse customers often get free samples of cheese and beef jerky. But members who fill their prescriptions online at Costco pharmacies allegedly get their sensitive information unlawfully scraped and transmitted to third parties, claim two proposed federal class action lawsuits.
Ransomware-wielding groups are among the attackers exploiting vulnerabilities in NetScaler devices to bypass authentication and gain initial access to victims' networks. Experts say users must not just patch but also wipe device memory to prevent attackers from bypassing access controls.
In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.
Unveiling a vision of factory workers using AI chatbots to control the assembly line, fix production issues and develop code, Rockwell Automation plans to buy an industrial cybersecurity vendor and team up with Microsoft's generative AI practice to speed automation design and development.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential-stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
In the latest "Proof of Concept," DXC Technology IT CISO and CyberEdBoard member Mike Baker and Chris Hughes, co-founder and CISO of Aquia, join ISMG editors to discuss benefits, challenges and misconceptions of adopting open-source software in modern code bases - plus best practices for securing them.
The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: long-timer LockBit followed by newcomer LostTrust, with other new groups also having a notable impact.
The Australian government is close to introducing standards to shore up the security of the down under country's fast-growing solar market amid reports that Chinese state-sponsored hackers might target internet-connected solar inverters and cause blackouts.
An unsecured database of an India-based medical laboratory recently exposed more than 12 million test results, other patient records and development files for the company's mobile health app, according to the security researcher who found the vulnerability. Redcliffe Labs has fixed the problem.
A threat hunting and exposure management startup led by ex-OneLogin CEO Brad Brooks received $75 million to invest in cloud and analytics and growing globally. Censys said the combined equity and debt funding will allow the company to offer a more complete look at the history of vulnerable data.
A cyberattack on a shared IT services organization is forcing five member hospitals in Ontario to cancel or reschedule patient appointments and steer nonemergency patients to other facilities. Attacks against third-party vendors are rising, and many regional hospitals are unprepared.
A machine identity management provider led by an ex-Tricentis executive notched a $1.3 billion valuation after getting a minority investment from Sixth Street Group. Keyfactor said the funds will support high market demand for technology that secures devices and simplifies public key infrastructure.
Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
The unique characteristics of the telecommunications industry pose significant challenges to the implementation of robust vulnerability management programs. Security director Ian Keller lists the top four challenges and discusses strategies to overcome them.
In recent years, the adoption of public cloud infrastructures has surged, providing organizations with unparalleled flexibility and scalability. But this shift has also introduced a new set of challenges when it comes to protecting web applications and APIs that are hosted on these platforms.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.