The Australian Cyber Security Center issued an alert Friday warning that a critical security vulnerability in the Apache Struts 2 framework, assigned CVE-2024-53677, arose out of a misconfiguration that rendered several Struts versions vulnerable to remote code execution and possible compromise.
Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1.
Remote work has created blind spots in sensitive data management across devices and locations. Data-centric encryption with granular controls helps regulated firms maintain visibility and control without hampering productivity, said Ronald Arden, executive vice president, CTO and COO at Fasoo.
U.S. federal prosecutors indicted 14 North Koreans for a long-running IT scam generating $88 million by exploiting remote work with U.S. firms, a scheme prosecutors say is tied to DPRK-controlled companies that fund weapons programs through stolen identities, data theft and extortion.
New York State has levied a $550,000 fine against a healthcare group that tried - but failed - to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data in an incident affecting 242,000 people.
Cybersecurity experts are urging a revamp of the Office of the National Cyber Director. The Center for Cybersecurity Policy and Law says the office needs a clearer mission, more resources and the authority to lead cybersecurity policies for other government agencies to bolster U.S. cyber defenses.
As software complexities grow, supply chain security is now essential to application security, according to Sandeep Johri, Checkmarx CEO. Johri discusses the challenges of malicious code, adversarial AI and the market's call for consolidated security platforms.
File transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files.
A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in fines and civil settlements.
Welcome to ISMG's GovWare 2024 Compendium. GovWare, Singapore's premier cybersecurity trade event held as part of Singapore International Cyber Week, brought together a community of cybersecurity professionals, including policymakers, tech innovators and information security leaders.
Historically, IT and security teams have operated in silos, creating gaps in knowledge and response. Gen AI bridges this gap through natural language interfaces, enabling better communication and understanding between departments, said Druva CTO Stephen Manley.
Citrix enhances its security for hybrid work by acquiring deviceTRUST and Strong Network. Purchasing these European startups boosts protection for VDI, DaaS and cloud development, empowering organizations to enforce zero trust principles and reduce risks across their hybrid environments.
Manual security workflows and fragmented tool visibility create operational inefficiencies and governance gaps, said Oriel Vaturi, co-founder and CEO of Ovalix. Real-time process monitoring and automation can help organizations optimize security operations and reduce risk.
Rhode Island will become the first state in the nation to launch a statewide cybersecurity tool for K-12 schools, offering enhanced protection against ransomware threats with a new, no-cost, federally funded service that will shield 136,000 students across 64 school districts.
The Food and Drug Administration is urging blood suppliers - a recent target of attacks - to bolster their cybersecurity practices to prevent and mitigate cyber incidents that could affect the supply and safety of critical blood and blood components used for transfusions and other patient care.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.