News
-
Immediata Agrees $1.125m Data Breach Settlement
Software company agrees to settle class action lawsuit filed by victims of 2019 security breach Read More
-
Major SAP vulnerability requires urgent patch to prevent HTTP request smuggling attacks
Security researchers, enterprise software maker SAP, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings over a critical vulnerability affecting Internet Communication Manager (ICM), a core component of SAP business applications that enables HTTPS communications. Tracked as CVE-2022-22536, the vulnerability allows attackers to use malformed packets to trick SAP servers into exposing…
-
On the Irish Health Services Executive Hack
A detailed report of the 2021 ransomware attack against Ireland’s Health Services Executive lists some really bad security practices: The report notes that: The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction. It had…
-
Half of Global Emails Were Spam in 2021
COVID-19 still looms large in corporate inboxes Read More
-
Look for attack surface management to go mainstream in 2022
Attack surface management (ASM) is a somewhat confusing topic that starts with a fundamental question: What exactly is the attack surface? In reality, it’s everything—internal assets, external corporate assets, third-party assets, people, everything. That said, the emerging attack surface management category focuses on internet-facing assets alone. Hmm, just another day in the perplexing cybersecurity realm.…
-
Former NFL Player Gets Five Years for Healthcare Fraud
Robert McCune is said to have masterminded a scheme involving 51 former players Read More
-
Spanish Cops Bust SIM Swap Fraud Gang
Members intercepted SMS codes to access victim bank accounts Read More
-
The bizarre couple alleged to be behind one of the biggest cryptocurrency hacks of all time
A Manhattan couple in their 30s have been arrested in Manhattan in connection with the 2016 hack of cryptocurrency exchange Bitfinex. Read more in my article on the Hot for Security blog. Read More
-
DDoS Attacks Hit All-time High
More DDoS attacks recorded in Q4 2021 than at any point in history, with US most targeted country Read More
-
Californian College Attacked with Ransomware
East Bay community college data compromised in January cyber-attack Read More