The JFrog research team discovered a new RCE vulnerability, which will be tracked by NIST as CVE-2021-42392, in the H2 database console. Although the researchers say the root cause of this critical flaw is similar to the flaw in Apache's Log4j, they believe the differences may lessen its impact.
French data protection agency CNIL has imposed fines of $170 million on Google and $66 million on Facebook for not complying with cookie regulations. The watchdog has ruled that the firms should make opting out of cookies as simple as opting in, or pay a $113,000 fine for each day of delay.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.
Bernalillo County, the largest county in New Mexico, shut down its IT systems after reportedly suffering a ransomware attack on Wednesday. County officials say they are working with third-party vendors to remediate the incident. County staff are working remotely as systems are restored.
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. CISOs John Bassett and Martin Dinel discuss how their teams have tackled Log4j - and significant lessons learned.
Where are security practitioners in their zero trust journeys, and what approach to zero trust have they taken? Three experts - Netskope's David Fairman, Exceture's Mario Demarillas, and Petronas' Soumo Mukherjee - share their thoughts in a panel discussion.
Ten U.S. senators this week wrote to the secretaries of both the Department of Homeland Security and the Department of Transportation inquiring about specific measures they plan to pursue to prevent and respond to cyberattacks on the nation's critical infrastructure.
The websites of Expresso and SIC, Portugal's largest news publications, remain offline for a third day. A ransomware attack on the parent company Impresa Group was carried out by the Lapsus$ ransomware group - a relatively new bad actor that has made three high-impact attacks in less than a month.
A Zloader malware campaign has been exploiting Microsoft’s digital signature verification to steal cookies, passwords and sensitive information, according to Check Point Research. The threat actor, likely MalSmoke, used legitimate remote management software to gain initial access.
To protect against imminent cyber threats, organizations need to secure their most valuable assets and the access points that lead to them. That’s the key concept behind critical access management: protecting the access and assets that are most crucial and high risk to an organization. Critical access management...
Over half of organizations have experienced a data breach caused by third parties that led to the misuse of sensitive or confidential information. An even larger number attribute the cause of the data breach to granting too much access to third parties. The 2021 Ponemon report sponsored by SecureLink takes a deep dive...
Data breaches that stem from third parties, vendors, or contractors are on the rise. In fact, the increase in third-party data breaches is due to the industrialization of the cybercriminal ecosystem and innovations such as ransomware, which makes cybercrime much more profitable and easier to carry out. Our eBook...
The Town of Gilbert’s Office of Information Technology manages 1,500 employees and provides technical services for the community’s 260,000 residents.
In addition to maintaining hardware, such as municipal computers, telephones, and networking systems, they are responsible for providing connectivity for a wide...