After issuing cybersecurity requirements for pipeline companies via two directives earlier this year, the Transportation Safety Administration (TSA) will also issue cybersecurity requirements for rail systems and airport operators. First, TSA will issue…

The security vendor Intezer has discovered that many organizations using the open-source Apache Airflow platform may be exposing credentials and other sensitive data to the Internet due to the way in which they use the technology. Many organizations use…

Researchers at ESET have discovered a new Unified Extensible Firmware Interface (UEFI) bootkit that can infect machines running Windows 7 through Windows 10, and maintain persistence on the EFI System Partition through the installation of a malicious…

Researchers at Nozomi Networks labs have discovered three security vulnerabilities in Axis video products that could open up the door to a bevy of different cyberattacks on businesses.  Three vulnerabilities in the IP video-surveillance systems…

Researchers at the security firm Sophos released a new report detailing a ransomware attack against a victim's installation of VMware ESXi, an enterprise-class hypervisor that can partition servers into multiple virtual machines. The attack is notable…

Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server after a vulnerability was disclosed to them by researchers.  The vulnerability is under active exploitation in the wild and could allow attackers to…

According to a study conducted by researchers at the Massachusetts Institute of Technology (MIT) and the Polytechnic University of Madrid published in IEEE Transactions on Robotics, using blockchain technology as a communication tool for a team of…

Data breaches at two American mental healthcare providers may have exposed thousands of individuals’ personal health information (PHI).  Horizon House, Inc., which is in Philadelphia, Pennsylvania, warned that 27,823 people might have been impacted…

Survey results released by Nozomi Networks and the SANS Institute indicate that companies are increasingly investing in the cybersecurity of Industrial Control Systems (ICS) to catch up with the growing sophistication of the cyber threat landscape. The…

A major telecoms service provider has revealed it was the victim of a five-year breach impacting hundreds of customers.  Syniverse routes text messages for hundreds of global telco customers.  The firm claims to process over 740 billion…

In Alabama, a woman filed a lawsuit against Springhill Medical Center, claiming that the hospital did not disclose that its computer systems had been impacted by a cyberattack, thus resulting in improper care and death of her baby. The hospital was in…

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) released the Insider Threat Risk Mitigation Self-Assessment Tool, which aims to help public and private sector organizations assess their vulnerability to…