Cybersecurity - Information Management Today

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Risk IT

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

If you want a digital presence that will be around for the next ten years, scalability, growth, and digitization need to be tempered with a healthy dose of credential-centered cybersecurity. Zero Trust is a comprehensive security framework that fundamentally changes how organizations approach cybersecurity.

B2B

B2B Cybersecurity Risk Access

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

However, before we get too carried away, it is crucial to explore the symbiotic relationship between AR and cybersecurity. This is primarily because AR is still relatively new and a rapidly evolving technology, which ultimately means that it is bound to bring about unprecedented opportunities, challenges, and even risks to cybersecurity.

Cybersecurity

Cybersecurity Phishing Risk Privacy

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Career Advice: Cybersecurity Means Business

Data Breach Today

OCTOBER 30, 2024

Understanding the Impact of Security on the Business Makes You More Effective With cybersecurity now embedded across all industries and functions, the importance of aligning security measures with business objectives has never been greater.

Cybersecurity

Cybersecurity Security IT

IT Leadership Agrees AI is Here, but Now What?

As AI evolves, enhanced cybersecurity and hiring challenges grow. IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. This whitepaper offers real strategies to manage risks and position your organization for success.

IT

DOGE Now Has Access to the Top US Cybersecurity Agency

WIRED Threat Level

FEBRUARY 19, 2025

DOGE technologists Edward Coristinethe 19-year-old known online as Big Ballsand Kyle Schutt are now listed as staff at the Cybersecurity and Infrastructure Security Agency.

Cybersecurity

Cybersecurity Access Security

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and the effectiveness of organizational defenses. These are some of the most important cybersecurity professionals out there, and many of them are being worked to exhaustion. But it doesn’t have to be this way.

Cybersecurity

Cybersecurity Artificial Intelligence Risk Data collection

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about. So, how can you conduct a DLP risk assessment?

Risk

Risk Cybersecurity Cloud Compliance

Generative AI in Cybersecurity: A Mixed Bag

Data Breach Today

OCTOBER 29, 2024

Forrester Analyst Allie Mellen on Misaligned Expectations and Future Trends Generative AI has shown some value in cybersecurity, but it hasn’t met early hopes for handling complex incident responses or providing precise recommendations.

Cybersecurity

Cybersecurity IT

Zero Trust Mandate: The Realities, Requirements and Roadmap

and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines. Join us and learn how to better advise your agency clients on strategy, architect Zero Trust solutions, and win more cybersecurity business!

Cybersecurity

Zero Days Top Cybersecurity Agencies' Most-Exploited List

Data Breach Today

NOVEMBER 22, 2024

Cybersecurity Officials Urge to Prioritize Fixing These 15 Most-Exploited Flaws Which vulnerabilities need fixing first to best block nation-state and other hacking attempts? Enter the latest Five Eyes intelligence partnership list of the 15 flaws most targeted by attackers, of which 11 were zero-days.

Cybersecurity

From IT to Boardroom: NIS2 Reshapes Cybersecurity Roles

Data Breach Today

OCTOBER 7, 2024

Schellman CEO Avani Desai on Preparing Executives for New Security Responsibilities With the NIS2 Directive fast approaching, cybersecurity has evolved from a technical challenge to a critical business priority.

Cybersecurity

Cybersecurity IT Risk Security

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The investigation into the security breach is still ongoing and the company is remediating the incident with the help of external cybersecurity specialists. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Cybersecurity Access

Global Cybersecurity Agencies Release OT Security Guidelines

Data Breach Today

OCTOBER 3, 2024

Don't introduce cybersecurity systems into an OT network unless administrators can guarantee they won't hinder a restart after a complete loss of electricity. Principles to Ensure Critical Infrastructure's Operational Technology Security Don't pull data from an operational technology network: OT networks should push data out.

Cybersecurity

Cybersecurity Security

Bringing the Cybersecurity Imperative Into Focus

This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Tech leaders today are facing shrinking budgets and investment concerns. Download today to learn more!

Cybersecurity

Cybersecurity giant Fortinet discloses a data breach

Security Affairs

SEPTEMBER 12, 2024

Fortinet has been actively contributing to Australia’s cybersecurity landscape, recently submitting recommendations for the 2023–2030 Australian Cyber Security Strategy. It is unclear if the Australian federal government or critical infrastructure was impacted due to the incident.

Data breaches

Data breaches Cybersecurity Cloud Access

Largest US Water Utility Hit by Cybersecurity Incident

Data Breach Today

OCTOBER 8, 2024

Cyber Incident Affecting American Water Utility Company Leads to Portal Shutdown The largest regulated water and wastewater company in the United States told customers it was investigating a cybersecurity incident that led the utility to shut down its customer service portal and immediately notify law enforcement of an apparent breach.

Cybersecurity

Cybersecurity IT

American Water Shuts Down Services After Cybersecurity Breach

eSecurity Planet

OCTOBER 15, 2024

The American Water cyber breach has sparked conversations about the importance of cybersecurity in safeguarding essential services and the growing frequency of cyber threats targeting public utilities. Train Employees in Cybersecurity Best Practices Phishing awareness: Many cyberattacks begin with phishing emails.

Cybersecurity

Cybersecurity Phishing Encryption Access

GUEST ESSAY: The case for making real-time business continuity a frontline cybersecurity priority

The Last Watchdog

MARCH 26, 2025

The cybersecurity landscape is built to protect systems but not the people on the front lines. The post GUEST ESSAY: The case for making real-time business continuity a frontline cybersecurity priority first appeared on The Last Watchdog. Yet, this is precisely the reality we face.

Cybersecurity

Cybersecurity Access Paper Cloud

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Today’s technology leaders play a more strategic role in establishing cybersecurity strategy for their organizations. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?”

Cybersecurity

The rising cybersecurity crisis in healthcare: Are you prepared?

OpenText Information Management

MARCH 24, 2025

Why healthcare organizations care about cybersecurity? Key cybersecurity challenges facing healthcare organizations: Ransomware attacks & data breaches Cybercriminals are deploying sophisticated attacks that encrypt data, disrupt services, and demand exorbitant ransoms. Cyberattacks are no longer just an IT issue.

Cybersecurity

Cybersecurity Data breaches Ransomware Compliance

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Security Affairs

NOVEMBER 16, 2024

The cybersecurity company had no further details on the vulnerability and was not aware of the active exploitation of the flaw. The cybersecurity firm stated that it does not have sufficient information about any indicators of compromise. Base Score: 9.3) 173.239.218[.]251 251 216.73.162[.]* In this scenario, the CVSS score drops to 7.5

Cybersecurity

Cybersecurity Access Communications Security

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Security Affairs

NOVEMBER 23, 2024

. “ On November 17, 2024, International Game Technology PLC (the “Company”) became aware that an unauthorized third party gained access to certain of its systems, and the Company has experienced disruptions in portions of its internal information technology systems and applications resulting from this cybersecurity incident.”

IT

IT Cybersecurity Communications Ransomware

How AI will transform cybersecurity in 2025 - and supercharge cybercrime

Collaboration 2.0

JANUARY 10, 2025

From AI-driven defense to evolving ransomware tactics, here's what cybersecurity industry leaders and experts are preparing for this year.

Cybersecurity

Cybersecurity Ransomware

The Ultimate Guide to Hardening Windows Servers

With cyber threats increasing, and businesses becoming more vulnerable, the need to invest in the right cybersecurity solutions has never been more important. As an IT Professional, you know that finding ways to harden your servers against cyberattacks is a vital task.

Cybersecurity

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

NOVEMBER 8, 2024

The cybersecurity company has no further details on the vulnerability and said has yet to detect active exploitation. The cybersecurity firm states that it does not have sufficient information about any indicators of compromise. The company currently believes Prisma Access and cloud NGFW are unaffected by this potential vulnerability.

Authentication

Authentication Cybersecurity Access Communications

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) reads the advisory.

IT

IT Ransomware Authentication Cybersecurity

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

. “According to the SEC’s orders, Unisys, Avaya, and Check Point learned in 2020, and Mimecast learned in 2021, that the threat actor likely behind the SolarWinds Orion hack had accessed their systems without authorization, but each negligently minimized its cybersecurity incident in its public disclosures.”

Cybersecurity

Cybersecurity Risk Access Government

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

The company immediately activated its cybersecurity response plan and launched an investigation into the incident with the help of external experts. Upon detection, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and to contain the threat.”

Ransomware

Ransomware Manufacturing Cybersecurity Access

Thinking About Investing in an XDR? Learn How to Cut Through the Hype

Cybersecurity Detection and Response tools are showing promise in helping reduce an attacker’s dwell time in your network. With reduced dwell time before detection, defenders have time to respond in containing the threat before significant damage can be done to your systems and confidential data.

Cybersecurity

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Risk Access

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Encryption Cloud

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

A leak suggests that Chinese cybersecurity firm TopSec offers censorship-as-a-service services, it provided bespoke monitoring services to a state-owned enterprise facing a corruption scandal. SentinelLABS researchers analyzed a data leak that suggests that the Chinese cybersecurity firm TopSec offers censorship-as-a-service services.

Cybersecurity

Cybersecurity Government Cloud Security

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets. INE Security emphasizes the importance of regular training forall employees.

Security

Security Data breaches Passwords Cybersecurity

Lessons Learned in PostgreSQL®

Readers gain actionable insights to fortify their PostgreSQL® databases against evolving ransomware challenges, enhancing overall cybersecurity. The guide explores troubleshooting techniques for data recovery, emphasizing essential questions to comprehend the full impact of an attack.

Ransomware

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog.

IT

IT Authentication Cybersecurity Risk

What Enterprises Need to Know About Agentic AI Risks

Data Breach Today

JANUARY 13, 2025

Mitigating Cybersecurity, Privacy Risks for New Class of Autonomous Agents Many organizations are looking to artificial intelligence agents to autonomously perform tasks that surpass traditional automation.

Risk

Risk Artificial Intelligence Privacy Cybersecurity

Polish Space Agency POLSA disconnected its network following a cyberattack

Security Affairs

MARCH 5, 2025

“A cybersecurity incident has occurred at POLSA. “The state agencies responsible for cybersecurity have detected unauthorized access to the teleinformatics infrastructure of the Polish Space Agency.” The relevant services and institutions have been informed. An analysis of the situation is ongoing.

IT

IT Ransomware Cybersecurity Security

SOC Scalability: How AI Supports Growth Without Overloading Analysts

Security Affairs

JANUARY 9, 2025

To make matters worse, many organizations will be reluctant or unable to hire the staff necessary to scale operations – CISOs are facing flat or falling cybersecurity budgets, and the cybersecurity skills gap remains persistently high. He graduated with a degree in Journalism in 2021 and has a background in cybersecurity PR.

Artificial Intelligence

Artificial Intelligence Cybersecurity Compliance IT

Beware of Pixels & Trackers on U.S. Healthcare Websites

This report offers insights for cybersecurity, compliance, and privacy executives at healthcare organizations, as well as for policymakers and auditors.

Cybersecurity

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

The Federal Bureau of Investigation (FBI), the National Security Agency (NSA), Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) released a joint Cybersecurity Advisory (CSA) to warn of the tactics, techniques, and procedures (TTPs) employed by the Russian Federation’s Foreign Intelligence Service (..)

Data collection

Data collection Authentication Access Cybersecurity

U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JANUARY 24, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SMA1000 vulnerability to its Known Exploited Vulnerabilities catalog.

IT

IT Authentication Cybersecurity Access

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” On February 21, a cyber attack disrupted IT operation of the healthcare organization, more than 100 Change Healthcare applications were impacted.

Data breaches

Data breaches Ransomware Insurance Cybersecurity

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Alkove Jim Alkove , CEO, Oleria Identity is cybersecurity’s biggest challenge. Sundaresan Bindu Sundaresan , Cybersecurity Director, LevelBlue In 2025, cybercriminals will exploit supply chain vulnerabilities, ransomware, IoT botnets, and AI-driven phishing. Attackers arent hacking in theyre logging in.

Security

Security Phishing IoT Risk

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device.

Passwords

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Webinars

Trending Sources

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

Webinars

Career Advice: Cybersecurity Means Business

IT Leadership Agrees AI is Here, but Now What?

DOGE Now Has Access to the Top US Cybersecurity Agency

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

From Risk Assessment to Action: Improving Your DLP Response

Generative AI in Cybersecurity: A Mixed Bag

Zero Trust Mandate: The Realities, Requirements and Roadmap

Zero Days Top Cybersecurity Agencies' Most-Exploited List

From IT to Boardroom: NIS2 Reshapes Cybersecurity Roles

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Global Cybersecurity Agencies Release OT Security Guidelines

Bringing the Cybersecurity Imperative Into Focus

Cybersecurity giant Fortinet discloses a data breach

Largest US Water Utility Hit by Cybersecurity Incident

American Water Shuts Down Services After Cybersecurity Breach

GUEST ESSAY: The case for making real-time business continuity a frontline cybersecurity priority

Software Composition Analysis: The New Armor for Your Cybersecurity

The rising cybersecurity crisis in healthcare: Are you prepared?

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

A cyberattack on gambling giant IGT disrupted portions of its IT systems

How AI will transform cybersecurity in 2025 - and supercharge cybercrime

The Ultimate Guide to Hardening Windows Servers

Palo Alto Networks warns of potential RCE in PAN-OS management interface

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Thinking About Investing in an XDR? Learn How to Cut Through the Hype

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Lessons Learned in PostgreSQL®

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

What Enterprises Need to Know About Agentic AI Risks

Polish Space Agency POLSA disconnected its network following a cyberattack

SOC Scalability: How AI Supports Growth Without Overloading Analysts

Beware of Pixels & Trackers on U.S. Healthcare Websites

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog

Change Healthcare data breach impacted over 100 million people

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Stay Connected