The DC Health Benefit Exchange Authority - the online health insurance marketplace servicing Washington, D.C., residents and congressional staff - is facing two proposed class action lawsuits in the aftermath of a hack that affected more than 56,400 individuals, including members of Congress.
Orca Security has promoted Chief Product Officer Gil Geron to CEO to help the agentless cloud security vendor maintain its market leadership and rapid growth. The leadership swap at Portland, Oregon-based Orca will result in Avi Shua moving to the newly created position of chief innovation officer.
Hackers have been actively exploiting vulnerabilities in ColdFusion to remotely compromise servers, Adobe warns. Since at least early January, attackers have been dropping web shells via ColdFusion, but it's unclear if only now-known vulnerabilities are being exploited, security researchers say.
The U.S. Federal Trade Commission is asking for public comment on cloud computing provider business and security practices. The top three providers - AWS, Microsoft Azure and Google Cloud - account for approximately two-thirds of worldwide cloud spending, which reached nearly $250 billion in 2022.
Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. Chinese security researchers say they found code designed to monitor users inside Pinduoduo versions.
A Bulgarian woman extradited to the United States for her role in a $4 billion crypto pyramid scheme adds to a growing list of law enforcement actions against perpetrators of the OneCoin Ponzi scheme. OneCoin generated $4 billion in fraudulent revenue and earned profits of close to $3 billion.
Forrester recently published a report that shows over two-thirds of European security decision-makers have begun to develop a zero trust strategy, and public sector organizations are leading the way. Forrester's Tope Olufon shares the cultural and regulatory roadblocks to zero trust.
Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found exposed on the internet in an unsecured database. Some of those records date back to 2018.
Days after federal agents arrested the alleged administrator of criminal underground forum BreachForums, the new admin who took over announced that he is shutting down the site. User "Baphomet" said he spotted a suspicious server logon early Sunday afternoon.
Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
Bitcoin ATM manufacturer General Bytes suspended its cloud services supporting more than 15,000 machines after a hacker exploited a vulnerability in its software to steal user passwords and private keys and made off with cryptocurrency worth millions of dollars.
Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.
An Alabama cardiovascular clinic is facing a proposed class action lawsuit filed by one of the nearly 442,000 individuals affected by a data exfiltration breach reported last month. The lawsuit seeks a detailed list of security improvements by the clinic and 10 years of court compliance monitoring.
Video piracy is a major concern for security teams in the media industry. Commander Praveen Kumar, global CISO of media conglomerate Zee Entertainment and winner of ISMG's Dynamic CISO Excellence Award for ROI Champion, shares his secret for reducing piracy by 85%.
ISMG presented the 2023 Dynamic CISO Award to Vaibhav Tole, director of global cybersecurity at Cyient, who developed skills internally and created a team to handle incident response in-house. ISMG caught up with Tole at the conference to understand how he is doing more with less these days.