Mercedes-Benz USA says one of its vendors exposed 1.6 million records that pertained to its customers and interested buyers. The incident, which involved an unnamed vendor and a cloud storage platform, is similar to one recently disclosed by Volkswagen.
Security researchers at Eclypsium have reported that they had identified four vulnerabilities that could affect 30 million users of computer technology company Dell's laptops, desktops and tablets. The vulnerabilities have a cumulative CVSS score of 8.3 (high).
NIST has published its definition of "critical software" for the U.S. federal government as the standards agency begins fulfilling requirements laid out in President Biden's executive order on cybersecurity. The software part of the executive order looks to reduce the threat of supply chain attacks.
As more apps, data, and users are moving to the cloud, implementing a zero trust strategy is essential for any organization to accelerate digital transformation. Each organization may tailor their approach to zero trust based on their specific needs, but there are some core tenets that make zero trust effective and...
The Russian-linked cyberespionage group behind the supply chain attack against SolarWinds targeted Microsoft's customer support system as part of a new campaign, the company disclosed in a report. The group, called Nobelium, has been linked to recent attacks against a marketing firm used by USAID.
This edition of the ISMG Security Report features an analysis of CISA's finding that agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by properly configuring firewalls. Also featured: Congressman discusses deterring nation-state attacks; insider threat mitigation tips.
The recovery costs for the May ransomware attack on Health Service Executive, Ireland's publicly funded healthcare system, is likely to total $600 million, says Paul Reid, HSE's director general.
Cybersecurity pioneer John McAfee, 75, was found dead in a Spanish prison cell Wednesday, hours after a Spanish court had authorized his extradition to the U.S. to face tax evasion charges, according to news reports.
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
Secure Access Service Edge – SASE – was identified by Gartner nearly two years ago, and it's become 2021's dominant cybersecurity buzzword. Luke Hebditch of Cisco demystifies the architecture, describes what is it and is not, and discusses the business benefits possible from the SASE approach.
Federal agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by using recommended firewall configurations, but this step isn't always feasible, the Cybersecurity and Infrastructure Security Agency says.
Cybercriminals and nation-states are attempting to recruit insiders at companies around the world to help steal credentials and intellectual property, says Joseph Blankenship, vice president and research director at Forrester, who offers risk mitigation insights.
It's been two years since Gartner first gave a name to Secure Access Service Edge. But it's quickly emerging as a popular architecture for digitally transformed enterprises. Elton Fontaine of Palo Alto Networks discusses SASE use cases for state and municipal government, as well as higher education.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including NATO's new cyber defense policy, the outlook for congressional regulatory action to address the ransomware threat, and cybersecurity comments by U.S. Rep. Jim Langevin.
When seeking cyber insurance or other types of insurance policies that provide organizations with coverage for certain data security incidents, it's critical to carefully consider the "war exclusions" contained in those policies, says insurance attorney Peter Halprin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.