The Federal Emergency Management Agency wrongly released to a contractor the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires, potentially exposing the victims to identity fraud and theft, a government watchdog reported Friday.
Cisco this week released security patches to address high severity vulnerabilities in its IP Phone 8800 Series and IP Phone 7800 Series.
A total of five vulnerabilities were addressed, all impacting the web-based management interface of Session Initiation Protocol (SIP) Software of IP Phone 8800 Series.
The UK Police Federation of England & Wales (PFEW) website was subject to a malware attack that it discovered on March 9, 2019. It appears that this was a ransomware attack; but the strain has not been announced.
Hackers believed to be sponsored by the Russian government are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections, FireEye reports.
Norwegian aluminum giant Norsk Hydro has been hit by a serious ransomware attack that caused disruptions at some of its plants and forced the company to turn to manual processes to fulfill customer orders.
Microsoft Brings Defender Advanced Threat Protection to macOS
Karl A. Racine, the attorney general for the District of Columbia, on Thursday announced the introduction of a new bill that aims to expand data breach notification requirements and improve the way personal information is protected by organizations.
The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it’s also a great opportunity for people like me to get insight into trends in the industry.
White hat hackers earned a total of $270,000 on the second day of the Pwn2Own hacking competition for demonstrating exploits against the Mozilla Firefox and Microsoft Edge web browsers.
From Ferdinand Magellan to Lewis and Clark to Neil Armstrong – humans have an innate desire to understand the unknown. In security operations, we see this phenomenon every day in several forms, one of which is threat hunting. Threat hunting is not triggered by an event, but by the unknown. It is the practice of proactively and iteratively searching for abnormal indications within networks and systems.
Global spending on security-related hardware software and services will grow at a compound annual growth rate (CAGR) of 9.2% between 2018 and 2022, to a total of $133.8 billion in 2022. The figures come from the latest Worldwide Semiannual Security Spending Guide compiled by IDC.
Facebook today admitted to have stored the passwords of hundreds of millions of its users in plain text, including the passwords of Facebook Lite, Facebook, and Instagram users.
History Tends to Repeat Itself - Attackers Repurpose Tried and Tested Methods to Launch Attacks
PuTTY, an SSH and Telnet client program, and LibSSH2, a client-side C library for the SSH2 protocol, have both received updates fixing multiple vulnerabilities. Eight vulnerabilities have been fixed in version 0.71 of PuTTY, and nine vulnerabilities fixed in version 1.8.1 of LibSSH2.
While Facebook’s bug bounty program does not typically cover denial-of-service (DoS) vulnerabilities, the social media giant has decided to award a significant bounty for a serious flaw affecting Fizz, its open source TLS library.
The financially-motivated hacking group FIN7 has used new malware samples in a recent attack campaign, Flashpoint security researchers warn.
Finnish authorities will launch an investigation into claims that Nokia phones have been transmitting users' personal data to China, the country's data protection ombudsman announced on Thursday.
Manufacturing arguably offers the largest attack surface of almost any industry with regards to cybersecurity threats, and has long been a prime target for ‘everyday’ attacks like phishing, ransomware, data-theft – you name it, they’ve seen it. But these ‘everyday’ attacks and the associated losses are only the tip of the iceberg when it comes to what could potentially happen in the future.
Poland-based cybersecurity research firm Security Explorations claims to have identified nearly 20 vulnerabilities in Oracle’s Java Card, including flaws that could be exploited to compromise the security of chips using this technology.