Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.
In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.
Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.
The SEC recently charged SolarWinds and its CISO for fraud amid cybersecurity lapses. Most organizations are reckless in making statements to the market to preserve their company's stock prices, not realizing that this is tantamount to fraud, said experts.
The Cybersecurity and Infrastructure Security Agency is requiring federal agencies to patch Linux devices on their networks and urging private sector organizations to do the same after security researchers observed threat actors exploiting a new vulnerability on many major Linux distributions.
The Australian government says it will mandate ransomware reporting by businesses, boost law enforcement capacity and fund startups with innovative cybersecurity solutions under a strategy unveiled Monday. "We cannot continue as we have," said Cyber Security and Home Affairs Minister Clare O'Neil.
A new guide from the Cybersecurity and Infrastructure Security Agency aims to help healthcare and public health sector entities get a much tighter grip on managing serious risks posed by the most troublesome types of vulnerabilities threatening the beleaguered industry.
Federal regulators have smacked a New York medical center with an $80,000 penalty as part of a settlement for a HIPAA privacy breach involving the information of three patients that was exposed to a reporter and distributed nationally during press coverage in the early days of the COVID-19 pandemic.
New York State will soon seek public comment on sweeping new cybersecurity regulations for hospitals. The proposed rules would come with $500 million in requested funding to help the providers step up their security investments to comply with the new requirements.
Britain's privacy watchdog on Friday said it will continue fighting to impose a fine on Clearview AI for allegedly violating the privacy rights of Britons after a tribunal sided with the facial recognition company by vacating a 7.5 million-pound penalty.
AT&T will split its managed cybersecurity services practice from its core connectivity business by standing up a joint venture with Chicago-area investor WillJam Ventures. AT&T will move its security software, managed security operations and cyber consulting into an entity owned by WillJam and AT&T.
The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his company.
In the latest weekly update, editors at Information Security Media Group discuss why a growing number of U.S. and Canadian hospitals have been forced to turn away patients because of cyberattacks, innovations that have surfaced during the Israel-Hamas war and the future of industrial automation.
In the latest "Proof of Concept," Zscaler's Sam Curry and Venable's Heather West join ISMG editors to discuss the implications of President Biden's executive order on AI, how AI enhances security review processes, the potential for AI to spot software flaws, and challenges of AI talent acquisition.
Russian state hackers targeted European embassies and international organizations in espionage attacks exploiting a recently patched vulnerability in a popular Windows utility for archiving files, say Ukrainian government cybersecurity researchers.