IBM: Cost of a Data Breach Hits Another High
The average cost to an organization hit with a data breach reached a record high this year, though those companies are split on who they believe should foot the bill, according to a report released today by IBM ... Read More
Google Launches Red Team to Secure AI Systems Against Attacks
Google is rolling out a red team charged with testing the security of AI systems by running simulated but realistic attacks to uncover vulnerabilities or other weaknesses that could be exploited by cybercriminals ... Read More
GitHub Developers Targeted by North Korea’s Lazarus Group
The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub ... Read More
Software Supply Chain Attackers Targeting Banks, Checkmarx Says
Two banks earlier this year were the targets of open source supply chain attacks, the first of their kind in the industry ... Read More
House Panel OK’s Bill to Ban Law Enforcement from Buying Data from Brokers
Legislation that would ban law enforcement and federal agencies from buying consumer data from data brokers without a warrant is on its way to the full House ... Read More
New P2P Worm Puts Windows and Linux Redis Servers in its Sights
A new peer-to-peer (P2P) worm, P2PInfect, is spreading across instances of the Redis open source database software in the cloud ... Read More
Attacker ID’ed After Infecting Own Computer With Malware
A threat actor that goes by the name of “La_Citrix” inadvertently infected his own computer. Cyberthreat research firm sent his information on to law enforcement ... Read More
An ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare Says
Distributed DDoS attacks are becoming increasingly sophisticated and complex, making an already-expanding threat landscape even more challenging ... Read More
CISA to Gov’t Agencies: Mitigate a Flaw in Windows and Office
The U.S. government is giving federal agencies three weeks to mitigate a zero-day Microsoft Windows and Office security flaw exploited by the Russian-linked RomCom threat group ... Read More
Biden Admin Eyes IoT Cybersecurity With Device Labeling Program
The Biden administration unveiled a cybersecurity certification and labeling program that will make it easier for enterprises and consumers to see which smart devices are more secure and less vulnerable to attacks ... Read More
