Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours.
For the first time in 17 years, day-to-day control at converged endpoint management provider Tanium rests outside the Hindawi family. The Seattle-area firm named former Tibco, BMC Software and Salesforce executive Dan Streetman as CEO to evolve Tanium's client-facing operations and partner strategy.
North Korean hackers stole $1.7 billion in cryptocurrency during 2022, most of it from decentralized finance platforms, Chainalysis finds. North Korean hackers are "systematic and sophisticated" in hacking and laundering stolen funds, and the nation supports cryptocurrency-enabled crime.
The FTC has for the first time enforced its almost 14-year-old health data breach notification rule. It hit a telehealth and prescription drug discount provider with a $1.5 million civil penalty for failing to inform consumers that it shares their data with advertisers and other third parties.
Incumbent XDR platforms target large enterprises with access to a full security operations center, threat hunters and incident response teams, says Bitdefender CEO Florin Talpes. But firms looking to successfully serve the SMB market need to modify their XDR tools to address the skills shortage.
Illumio has extended its segmentation capabilities from servers and workloads to endpoints to minimize damage in the event of a ransomware attack, CEO Andrew Rubin says. The Silicon Valley-based company can now stop the spread of breaches and ransomware inside servers, cloud workloads and endpoints.
Cybersecurity vendors have gone all-in on reducing the cloud attack surface, but efforts to shrink the SaaS and identity attack surface remain in their infancy. Vectra has leveraged its artificial intelligence expertise to help triage and automate the alert response process, CEO Hitesh Sheth says.
Chinese technology firms could be completely banned from buying U.S.-built technology under export control restrictions being mulled by the White House, which has already restricted access to the advanced semiconductors Beijing needs to realize its large-scale artificial intelligence ambitions.
Praveen Kumar, group CISO of Zee Entertainment Enterprises, says the market has failed to provide enough solutions to isolate the network when an attack happens. While a zero trust approach helps, there are not enough tools available in the market, he adds.
Radiant Logic has agreed to buy Brainwave to move from an attestation-based identity governance model to one that more rigorously ensures the appropriateness of credentials. Brainwave uses data and AI to tell customers where in the organization user identities are most likely to be out of sync.
Premiums for cyber insurance have climbed sharply along with global rates of ransomware. But signs of increased competition and capital inflows suggest the cyber insurance market may be softening, Marsh executive Sarah Stephens told a U.K. parliamentary committee.
U.S. federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.
A combination of three security flaws contained in an open-source electronic health record used mainly by smaller medical practices in the U.S. could allow attackers to steal patient data and potentially compromise an organization's entire IT infrastructure, says a new research report.
Trellix will debut a console that offers endpoint, security operations and data protection capabilities and a plug-in for network detection and response. The company has moved FireEye's best-in-class detection engines to the cloud for NDR and examined how to address areas such as packet capture.
Cybercriminals exploited the verification process for Microsoft-certified authentication apps to obtain access to the inboxes of financial and marketing companies. Among the permissions threat actors sought were access to emails and calendars, says cybersecurity firm Proofpoint.