The Australian Cyber Security Center issued an alert Friday warning that a critical security vulnerability in the Apache Struts 2 framework, assigned CVE-2024-53677, arose out of a misconfiguration that rendered several Struts versions vulnerable to remote code execution and possible compromise.
As software complexities grow, supply chain security is now essential to application security, according to Sandeep Johri, Checkmarx CEO. Johri discusses the challenges of malicious code, adversarial AI and the market's call for consolidated security platforms.
The Food and Drug Administration is urging blood suppliers - a recent target of attacks - to bolster their cybersecurity practices to prevent and mitigate cyber incidents that could affect the supply and safety of critical blood and blood components used for transfusions and other patient care.
Major grocery store chains, Starbucks and other large organizations are experiencing disruptions following a ransomware attack against supply chain management service provider Blue Yonder. The provider said it is continuing to probe the attack and has no timeline for service restoration.
David Anderson's career began in banking and followed a path to the rapidly changing world of cyber insurance. Anderson, vice president of cyber liability at Woodruff Sawyer, shares how he built a practice rooted in transparency, trust and client education.
The Consumer Financial Protection Bureau's open banking ruling shifts liability burdens onto banks, amplifying their responsibilities for securing data shared with third-party fintechs. John Horn at Datos Insights explains the potential for third-party breaches.
A new playbook from the Health Sector Coordinating Council aims to help manufacturers of medical products such as pharmaceuticals, devices and durable equipment plot out and improve their response to ransomware attacks and other cyber incidents.
The Justice Department unsealed an indictment against alleged hackers Connor Moucka and John Binns, accusing them of stealing data from the cloud platform Snowflake, extorting millions in bitcoin and stealing sensitive personal information from over 165 organizations and millions of individuals.
Financial services leaders and cybersecurity experts said at Information Security Media Group’s 2024 Financial Services Summit that third-party vendor security risks required the need for proactive, multi-layered security frameworks to combat the growing threat landscape.
Finnish telecommunications equipment manufacturer Nokia is investigating the alleged posting of source code data on a criminal hacking forum. A hacker going by the handle of "IntelBroker" on Thursday posted what he said is a trove of "Nokia-related source code."
Artificial Intelligence (AI) has come roaring to the forefront of today’s technology landscape. It has revolutionized industries and will modernize careers, bringing numerous benefits and advancements to our daily lives. However, it is crucial to recognize that AI also introduces unseen impacts that must be...
As AI adoption accelerates across enterprises, security leaders face unprecedented challenges in data protection. To assess AI-related risks effectively, it's essential to understand the business goals and the context of AI applications, said Ashish Thapar, cybersecurity head for APAC at NTT DATA.
CrowdStrike has countersued customer Delta Air Lines, accusing the airline of employing a lawsuit and seeking damages in "a desperate attempt to shift blame" for Delta's own IT inadequacies having exacerbated its outage, unlike "other major airlines" that quickly resumed operations.
LinkedIn is facing several proposed class action lawsuits filed in recent weeks in California alleging that the company is "intercepting" users' sensitive information related to appointments booked on medical websites through the use of web tracking tools for marketing and advertising purposes.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.