Insurance giant Fidelity Investments has suffered a third-party breach linked to the US-based subsidiary of Indian tech juggernaut Infosys, impacting nearly 30,000 customers.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
BlackCat affiliates have been complaining on dark web forums that they had breached victims successfully, but that the ransomware gang had not paid out their percentage. It appears they have been stung by an exit scam.
Payment card services provider American Express has notified authorities and customers of a third-party breach affecting a merchant processor that leaked payment card information.
Microsoft is now saying that the Russian hackers accessed "some" source code. And while customer-facing systems were not breached, the hackers accessed some confidential emails to customers.
A joint cybersecurity advisory by federal agencies warns healthcare organizations of targeted ALPHV/BlackCat ransomware attacks in retaliation against the FBI’s botched seizure.
The self-replicating malware's name refers back to the infamous "Morris worm" that tore through the early version of the internet in the late 80s. Morris II focuses on tricking GenAI into turning input into malicious output and spreading it.
Updated federal guidelines emphasize transparency and swift action to safeguard organizations, stakeholders, customers, and their communities. As cybersecurity teams adjust to the government's latest directives, security leaders must prepare and ensure compliance with these new regulations.
Threat actors hijack thousands of reputable domains and subdomains to deliver over 5 million malicious emails daily in a mass ad fraud campaign dubbed SubdoMailing.
The Biden administration is examining the possible national security risks of having thousands of Chinese smart cars on US roadways. One possibility is that all of these cars could be remotely disabled at once, but there are also data privacy concerns.
Addressing automation through a powerful patch management system and streamlining device control can allow IT teams to consistently and more cost-effectively monitor gaps in security as well as proactively enhance enterprise security measures.










