The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.
A proposed federal class action lawsuit alleges that patient debt collection software firm Intellihartx was negligent in its handling of third-party risk, contributing to a breach affecting nearly 490,000 individuals and involving a recent hack on its file transfer software vendor Fortra.
Exabeam will have its third CEO since June 2021 after promoting Chief Product Officer Adam Geller to take over as its top leader. The security operations vendor elevated Geller to replace Michael DeCesare, 57, who joined Exabeam as president and CEO two years ago after leading Forescout for years.
British law firms are at increased risk of being hacked due to a growing number of cybercrime-as-a-service groups, the country's top cybersecurity agency warned in a new advisory. Lawyer are under attack from cybercriminals, nation-state groups and ransomware gangs.
Researchers at AhnLab Security Emergency Response Center observed APT37 target South Korean individuals with spear-phishing emails to inject wiretapping malware. The state-backed cybercrime group primarily employs spear-phishing to compromise the devices of victims.
Apple has fixed multiple zero-days that were actively being exploited since 2019 and infect several iOS devices with a spyware implant dubbed TriangleDB via zero-click iMessage exploits. The tech giant said the vulnerabilities actively exploited iOS versions released before iOS 15.7.
Fallout for Progress Software continues as hundreds of private and public sector organizations that use its MOVEit file transfer software face data breaches due to a zero-day attack. Some victims have filed a proposed class action suit in federal court, alleging poor security controls at Progress.
The security benefits of public cloud outweigh the drawbacks since cyber controls can be applied much earlier in the application development life cycle. Palo Alto Networks founder and Chief Technology Officer Nir Zuk said development procedures in traditional data centers are "a complete mess."
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. This week: Sam Bankman-Fried is set to face two criminal trials instead of one, Binance is sinking deeper into regulatory quicksand, and the Mango Markets hacker is expected to be tried on Dec. 4.
The first step in managing risk is recognizing it as a boardroom matter, and it demands that directors be prepared to understand and discuss the cyber issue and strategically guide C-level executives on this complex topic. It requires cyber competence in the boardroom, said CISO Marco Túlio Moraes.
Senate Majority Leader Chuck Schumer unveiled a framework for artificial intelligence development focused on security, accountability, explainability and minimizing foreign interference. He urged lawmakers to enact guardrails to prevent AI misuse by autocratic governments and rogue domestic actors.
Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan. Threat actors targeted officials from France, the United Kingdom, India, Singapore and Australia.
State regulators have fined health plan Kaiser Permanente $450,000 for a mailing mishap that sent private health plan records to the outdated addresses of 167,095 patients. The erroneous mailing was triggered by a technical update of the health plan's electronic health records system.
The U.S. Department of Justice unveiled a new team - the National Security Cyber Section - to disrupt nation-state threat actors and prosecute them at the "earliest stages." NatSec Cyber will work closely with the DOJ's Computer Crime and Intellectual Property Section.
Ukrainian cyber police have disrupted a fake investment scam that involved stealing cryptocurrency from the online wallets of several victims in Canada. The scammers operated out of two call centers in the Khmelnytskyi region of Ukraine, mainly targeting Ukrainian citizens living in Canada.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.