Homepage

The influential Ransomware Task Force saw its inaugural report, released 13 months ago, become the backbone of global debates on ransomware. But its new report, titled "One Year On" acknowledges one of the harsh truths of gauging progress: Data on ransomware remains unreliable, which some in the infosec community say diminishes the urgency required to rally appropriate response.

Instances of Log4j have drastically reduced among entities with advanced security tools like automation. But in healthcare the vulnerability has only highlighted continued resource gaps.

The Department of Justice is significantly revising how it interprets the nation’s premier hacking law, saying it will no longer bring cases against “good faith” security researchers or individuals who violate trivial or non-material parts of a company’s policies or terms of service.

Approov plans to expand its staff fivefold in the next few years as it focuses on using the cloud to protect API secrets for customers.

The popular, headless CMS Strapi patched two vulnerabilities that allowed users with lower levels of privilege to see data only higher privileged users were cleared to see — including information allowing account takeover.

Adoption of the security standards years after voluntary federal guidelines are low, and the majority of healthcare organizations are still struggling to keep pace, a cybersecurity expert testified at a May 18 Senate hearing.

The cybersecurity agency said there is evidence that malicious hackers were able to reverse engineer an update fixing two of the vulnerabilities within 48 hours to create an exploit for unpatched systems.

A judge has dismissed a breach lawsuit against Northeast Radiology and its vendor Alliance Healthcare Services, as the patients did not provide evidence of concrete harm, as required by a June 2021 Supreme Court ruling.