Cyber criminals are targeting vulnerable software and gaps in managed service providers’ (MSP) security systems to distribute Sodin ransomware.
Quest Diagnostics has confirmed an unauthorized user gained access to a third party billing service system to potentially access personal data on nearly 12 million patients.
More organizations are relying on third-party companies to help them move to the cloud, such as Microsoft’s popular Office 365 (O365) email services. A new report highlights some of the risks when moving to the cloud and potential configuration vulnerabilities.
Security researchers from Trend Micro have uncovered a Magecart skimming attack that targeted 201 online campus stores in the United States and Canada.
Cybercrime investigative journalist Brian Krebs reports the Indian IT outsourcing and consulting company Wipro has been hacked. Multiple sources had informed Krebs that attackers breached Wipro’s internal IT systems and then used those systems to then launch attacks against Wipro’s customers.
A government report revealed that the Federal Emergency Management Agency (FEMA) did not safeguard disaster survivor’s personal data on up to 2.3 million people. FEMA shared the sensitive personally identifiable information (SPII) with a third party.
Drupal has released a critical security update to address a vulnerability in Drupal 7.x, 8.5.x and 8.6.x. The vulnerability is rated critical and impacts third party libraries.
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-37 Rev. 2: “Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy.”
Clarkson PLC (“Clarksons”), a British shipping company, recently revealed a single and isolated user account compromise was the cause of a data breach and theft of confidential information last year.
An attacker has used an open-source mobile device management (MDM) system to target iPhones in India.