The situation at LastPass keeps getting worse: The company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
For the first time in its 17-year history, application security vendor Checkmarx will have a new leader. The company has tapped Sandeep Johri, the longtime chief executive at software testing vendor Tricentis, to serve as its new CEO less than two years after being acquired by Hellman & Friedman.
CyberMaxx has landed the former CEO of cloud security vendor Threat Stack to bring offensive and defensive cybersecurity services together on one platform. The Nashville-based firm has tasked Brian Ahern with creating managed detection and response bundles with offensive and defensive capabilities.
A Chinese law requiring mandatory disclosure to the government of vulnerability reports appears to be paying dividends for state-connected hacking. "The Chinese government is up-leveling their capabilities," says Adam Meyers, senior vice president of intelligence at CrowdStrike.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
An assessment of online shopping cart software used by e-commerce sites performed by the German cybersecurity agency found a slew of vulnerabilities, including code so old it's no longer supported as well as vulnerable JavaScript libraries. Germany has one of Europe's largest e-commerce markets.
Wiz has become the most valuable venture-backed cybersecurity vendor in the world, raising $300 million on a $10 billion valuation just three years after its founding. The New York-based startup will use the Series D proceeds to guard more complex cloud environments and fulfill robust global demand.
Cisco plans to buy cloud security startup Valtix to simplify network security and protect workloads no matter which cloud they're created or consumed in. The networking giant says Valtix will give clients common policy and enforcements of networking across all major public cloud environments.
In the latest weekly update, John Kindervag, creator of zero trust and senior vice president of cybersecurity strategy at ON2IT, joins ISMG editors to discuss the top zero trust storylines of the year, the impact of ChatGPT on the cybersecurity industry and how to tackle MFA bypass attacks.
Cybercrime experts have long urged victims to never pay a ransom in return for any promise an attacker makes to delete stolen data. That's because, as a recent case highlights, whatever extortionists might promise, stolen personal data is lucrative, and it often gets sold six ways from Sunday.
Five proposed class action lawsuits have been filed so far in the wake of a California medical group's Feb. 1 report of a ransomware attack last December affecting more than 3.3 million individuals. The incident is the largest health data breach reported to federal regulators so far this year.
In a new report, tech giant Microsoft says distributed denial-of-service attacks became shorter in duration but more potent in 2022. The United States, India and East Asia were the top regions affected by DDoS attacks, and IoT devices continued to be the preferred mode of attack.
Will large language models such as ChatGPT take cybercrime to new heights? Researchers say AI for malicious use so far remains a novelty rather than a useful and reliable cybercrime tool. But as AI capabilities and chatbots improve, the cybersecurity writing is on the wall.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.