Transfer files data system relocation with internet cloud technology concept. Person hand using laptop computer waiting for transfer file process with loading bar icon on virtual screen.

(Adobe Stock)

Delta Dental of California discloses nearly 7M patients affected in MOVEit hack

Steve ZurierDecember 15, 2023

The large dental insurance company said protected health information was exposed, including details about dental procedures and claims payments.

2023 Cybersecurity Year in Review: How AI, Cloud, Ransomware and the SEC raised security stakes

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Privacy

Google Chrome will disable third-party cookies for millions of users on Jan. 4

Laura FrenchDecember 15, 2023

Google twice postponed disabling third-party cookies, but plans to phase them out for all Chrome users by the end of 2024.

Endpoint/Device Security

Router botnet tied to Volt Typhoon’s critical infrastructure breaches

Simon HenderyDecember 15, 2023

The Chinese threat group used the newly discovered KV-botnet, made up of compromised SOHO devices, as a stealth data transfer network during attacks on U.S. and Asian targets.

Digital Russian flag and a binary background cybersecurity concept with 0 and 1.

Supply chain

Echoes of SolarWinds: JetBrains TeamCity servers under attack by Russia-backed hackers

Laura FrenchDecember 14, 2023

SVR-affiliated cybergang CozyBear is exploiting a critical TeamCity vulnerability to deploy back doors in unpatched servers.

Ransomware

Microsoft takes down websites used to create 750 million fraudulent accounts

Steve ZurierDecember 14, 2023

Following a court order, Microsoft seized websites created by a Vietnam-based threat group that made millions on mass phishing, identity theft, and fraud.

Governance, Risk and Compliance

Coker confirmed for National Cyber Director as industry preps for SEC reporting rule

Laura FrenchDecember 13, 2023

Experts say leadership needed now more than ever, as Coker aims to strengthen public-private partnerships.

Cyber security in Two factor authentication or 2FA concept. Safety shield icon while access on phone with laptop for validate password. Mobile OTP secure Verification method. Privacy protect data.

Identity

Threat actors launch financially motivated attacks abusing OAuth applications

Steve ZurierDecember 13, 2023

Microsoft researchers say threat actors abused OAuth to deploy VMs for cryptomining, establish persistence following BEC attacks, and launch spamming activity.

K-12 student geolocation data, names exposed via API flaws: 6M impacted

API security

K-12 student geolocation data, names exposed via API flaws: 6M kids impacted

Laura FrenchDecember 13, 2023

GPS locations of K-12 students and parent contact info could be pulled from the Parent Portal API.

Microsoft Dec. Patch Tuesday fixes critical Outlook RCE bug

Cloud Security

Microsoft December Patch Tuesday tackles nasty critical Outlook RCE bug

Simon HenderyDecember 13, 2023

Microsoft caps a busy year of bug patching with a light December release, addressing 33 new flaws.

Delta Dental of California discloses nearly 7M patients affected in MOVEit hack

2023 Cybersecurity Year in Review: How AI, Cloud, Ransomware and the SEC raised security stakes

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

Secure cloud migration: lift, adapt, and shift…right!

Navigating a data leakage: a six-step incident response guide

Developers and security: Why can’t we all just get along?

The hidden challenges of contractor identity management

Don’t let the IT skills gap hold back cloud security

In Brief

Health orgs commit to Biden administration’s AI executive order

Updated FCC data breach rules unveiled

Cyberattacks against banking apps spike

Idaho National Laboratory hack compromises over 45K

DonorView breach exposes nearly 950K records

More Resources

How to combat ransomware in the face of tight security staffing

PCI DSS 4.0: What changes for AppSec?

Key questions to ask when evaluating an identity and access security vendor

Account-opening solutions offer strong returns on investment

7-hour recovery: How an American business beat ransomware

Google Chrome will disable third-party cookies for millions of users on Jan. 4

Router botnet tied to Volt Typhoon’s critical infrastructure breaches

Echoes of SolarWinds: JetBrains TeamCity servers under attack by Russia-backed hackers

Microsoft takes down websites used to create 750 million fraudulent accounts

Coker confirmed for National Cyber Director as industry preps for SEC reporting rule

Threat actors launch financially motivated attacks abusing OAuth applications

K-12 student geolocation data, names exposed via API flaws: 6M kids impacted

Microsoft December Patch Tuesday tackles nasty critical Outlook RCE bug

EVENTS

CISO Stories: Balancing IAM Cost, Security, and Experience

A CISOs Guide to Effective Security Practices in Cloud Computing Environments

Ransomware attack lessons, from MOVEit and Doubledrive to MGM/Caesars

Navigating the zero trust landscape: Lessons from the trenches

New Encrypted Attack Insights: Findings from the Latest Zscaler Report

Cybersecurity News, Awards, Webinars, eSummits, Research

Delta Dental of California discloses nearly 7M patients affected in MOVEit hack

2023 Cybersecurity Year in Review: How AI, Cloud, Ransomware and the SEC raised security stakes

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

Secure cloud migration: lift, adapt, and shift…right!

Navigating a data leakage: a six-step incident response guide

Developers and security: Why can’t we all just get along?

The hidden challenges of contractor identity management

Don’t let the IT skills gap hold back cloud security

In Brief

Health orgs commit to Biden administration’s AI executive order

Updated FCC data breach rules unveiled

Cyberattacks against banking apps spike

Idaho National Laboratory hack compromises over 45K

DonorView breach exposes nearly 950K records

More Resources

How to combat ransomware in the face of tight security staffing

PCI DSS 4.0: What changes for AppSec?

Key questions to ask when evaluating an identity and access security vendor

Account-opening solutions offer strong returns on investment

7-hour recovery: How an American business beat ransomware

Google Chrome will disable third-party cookies for millions of users on Jan. 4

Router botnet tied to Volt Typhoon’s critical infrastructure breaches

Echoes of SolarWinds: JetBrains TeamCity servers under attack by Russia-backed hackers

Microsoft takes down websites used to create 750 million fraudulent accounts

Coker confirmed for National Cyber Director as industry preps for SEC reporting rule

Threat actors launch financially motivated attacks abusing OAuth applications

K-12 student geolocation data, names exposed via API flaws: 6M kids impacted

Microsoft December Patch Tuesday tackles nasty critical Outlook RCE bug

EVENTS

CISO Stories: Balancing IAM Cost, Security, and Experience

A CISOs Guide to Effective Security Practices in Cloud Computing Environments

Ransomware attack lessons, from MOVEit and Doubledrive to MGM/Caesars

Navigating the zero trust landscape: Lessons from the trenches

New Encrypted Attack Insights: Findings from the Latest Zscaler Report