Security teams have long focused on ransomware, hackers, and nation-state threat actors. External threats are considered more urgent and dangerous, with greater potential consequences for organizations. Security teams can easily identify the enemy and…

According to a recent alert from the Department of Health and Human Services' Cybersecurity Coordination Center, healthcare provider organizations are being targeted by a phishing campaign that uses a secure message theme to harvest credentials. The…

According to a new report from Mezmo, only 22 percent of organizations have developed a formal DevSecOps strategy that integrates security into software development lifecycle processes. A large percentage of those with a strategy report a positive impact…

Okta discovered in its latest report on the state of zero trust security that zero trust adoption is gaining significant traction in the healthcare sector this year. According to Okta's 2021 report, only 37 percent of surveyed healthcare organizations…

Security researchers at Quarkslab discovered a critical vulnerability in Google's Titan M chip earlier this year.  Introduced in 2018, Titan M is a system-on-a-chip (SoC) designed to deliver increased security protections to Pixel devices, including…

US healthcare provider Novant Health has recently notified patients that their protected health information may have been leaked through a tracking tool linked to Facebook.  The company did not specify how many patients were affected by the pixel…

Security researchers at Akamai have discovered a vulnerability in the remote procedure calls (RPC) for the Windows Server service, which could allow an attacker to gain control over the domain controller (DC) in a specific network configuration and…

A cyberattack disrupted a UK water supplier's corporate IT systems, but the company claims that its water supply was unaffected. Meanwhile, the alleged attacker, the Clop ransomware group, claimed the attack was on another, larger water utility, which…

A recent attack on Mailchimp cryptocurrency-related users has affected users of the cloud infrastructure provider DigitalOcean. On August 8, DigitalOcean discovered that its Mailchimp account had been compromised as part of what it believes is a larger…

Argentina's Córdoba Judiciary has shut down its online portal and IT infrastructure following a ransomware attack allegedly carried out by the new PLAY ransomware operation. The downtime necessitates the filing of formal documents on paper.…

Microsoft recently claimed to have disrupted a prolific Russian state-backed threat group known for conducting long-running cyber-espionage campaigns against mainly NATO countries.  On August 15, Microsoft said it had disabled accounts used by the "…

Security researchers at Agari have found that detections of multi-stage phishing attacks known as “hybrid vishing” grew by over 600% from Q1 to Q2 2022, as fraudsters sought new ways to circumvent traditional security controls.  The researchers…