November 27, 2023 at 02:50PM Healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, following a breach in October. The company has restored its U.S. e-commerce platform and expects the platforms in Canada and Europe to be back online soon. The BlackCat gang claims to have stolen 35 … Read more
November 24, 2023 at 02:30AM Cybersecurity researchers have discovered publicly exposed Kubernetes configuration secrets that could potentially lead to supply chain attacks. The secrets, containing credentials for accessing container image registries, were uploaded to public repositories. Among those affected are top blockchain companies and fortune-500 companies. The researchers found that a significant portion of the … Read more
November 22, 2023 at 07:12AM Risk assessment can be subjective and biased due to human emotions, which can lead to an inaccurate representation of reality and a weaker security posture. To remove subjectivity, security professionals should follow seven steps: identify critical resources and data, understand potential financial impact, enumerate relevant threats, map risks to resources, … Read more
November 22, 2023 at 05:26AM The UK’s Information Commissioner’s Office (ICO) is cracking down on website design to ensure that opting out of cookies is as easy as opting in. The ICO has given 30 days’ notice to companies running popular websites in the UK, warning them to comply with data protection regulations or face … Read more
November 21, 2023 at 08:39AM The Canadian government has reported a data breach involving two moving and relocation services firms contracted by the government. The breach exposed personal information of present and former public service employees, as well as members of the Canadian Armed Forces and Royal Canadian Mounted Police. The government is offering credit … Read more
November 20, 2023 at 05:19PM Lasso Security, a cybersecurity company specializing in Large Language Models (LLMs), has raised $6 million in a seed funding round led by EntrĂ©e Capital and Samsung Next. Lasso aims to address the cybersecurity challenges posed by LLMs and provide comprehensive protection for businesses leveraging Generative AI. The funds will be … Read more
November 20, 2023 at 06:03AM Thousands of K-12 public schools in the United States are vulnerable to ransomware attacks due to lax cybersecurity measures. In response, the Biden administration has been offering free cybersecurity services to school districts and urging more to take advantage of these programs. Ransomware attackers, often based in Russia, target schools … Read more
November 18, 2023 at 10:32PM The Federal Communications Commission (FCC) has introduced new rules to protect consumers from SIM swapping attacks and port-out fraud. These scams involve criminals taking control of a victim’s phone number to gain unauthorized access to personal accounts and sensitive information. The FCC’s updated regulations require wireless service providers to implement … Read more
November 17, 2023 at 11:47AM Yamaha Motor’s motorcycle manufacturing subsidiary in the Philippines was hit by a ransomware attack, resulting in the theft and leak of some employees’ personal information. The breach was detected on October 25, and the company has been investigating with the help of external security experts. The attack was attributed to … Read more
November 17, 2023 at 01:01AM Samsung Electronics UK has reportedly suffered a data breach affecting customers who made purchases between July 2019 and June 2020. The breach, which was discovered on November 13, exposed information including names, phone numbers, addresses, and email addresses. This incident marks the third data breach for Samsung in the past … Read more