Federal regulators are once again reminding healthcare entities and their vendors of the importance of using strong multifactor authentication to help fend off hacks and other compromises, but they also warn about avoiding common mistakes with MFA.
"Exposure management has become top of mind for most CISOs" due to three factors: the uncertain geopolitical landscape, the proliferation of the cloud and an increased focus on regulations and compliance, according to Sarah Ashburn, Chief Revenue Officer at Censys.
Attackers targeting the supply chain are "quite predictable in their movements; they want to persist their access, so they're looking for credentials," said Mackenzie Jackson, developer advocate at GitGuardian, who recommends deploying honeytokens to track the predictability of criminals' actions.
With the growth of generative AI services, organizations want better control of the data going in and coming out of AI. Talon CEO Ofer Ben-Noon discussed how his firm has built a DLP compliance model around generative AI services that blocks healthcare information or SWIFT data shared with ChatGPT.
Big banks want social media firms to take accountability for scams that occur on their payment platforms, but that doesn’t mean reimbursing victims. Banks need to take the lead in making victims whole quickly. And big tech and telcos need to kick the scammers out of their platforms.
The U.S. Department of Health and Human Services has notified Congress that the information of at least 100,000 individuals has been compromised in hacking incidents at HHS contractors involving exploitation of a flaw in managed file transfer software MOVEit from Progress Software.
The European Commission is set to finalize its digital wallet initiative after the proposal achieved political consensus on the core elements concerning its implementation. The latest digital monetary initiative comes as Europe rolls out plans for a digital euro.
This week, the U.S. sanctioned Russians running influence campaigns, the owner of the Monopoly darknet drug market was charged, CISA ordered federal agencies to patch flaws before July 13, Suncor Energy suffered a cyberattack and Petro-Canada gas stations were affected.
Cyberattackers have hit Ukraine's critical infrastructure over 3,000 times since the beginning of the Russian invasion in 2022, according to Ukraine's national incident response team, which warned that such attacks may continue for years even after the fighting on the ground is over.
A finalist at this year's RSA Innovation Sandbox contest landed Series A funding to detect threats and secure access for nonhuman identities. The $25 million will enable Astrix Security to expand from managing access for nonhuman identities to understanding threats to services and applications.
The tally of organizations affected by the Clop ransomware group's supply chain attack against users of Progress Software's popular MOVEit file transfer software continues to grow. UCLA and New York City schools - including students and staff - are the most recently named victims.
Socure has purchased a document verification startup founded by former members of Airbnb's Trust and Safety Team for $70 million to better detect fake identities. The deal will help Socure optimize the digital capturing and back-end processing of driver's licenses and passports at faster speeds.
Application security testing, or AST, and API security testing are important components of a comprehensive cybersecurity strategy. We'll discuss the application and API security best practices for each type of testing, the use cases, and how they protect your business from cyberattacks.
A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly 137,000 patients, about five times the number of people originally estimated as having been affected by the incident.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.