Security News > 2023

Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital...

Database management company MongoDB has suffered a breach: attackers have gained access to some of its corporate systems and customer data and metadata. On Sunday, MongoDB noted that, at this time, they "Have found no evidence of unauthorized access to MongoDB Atlas clusters", not that the Atlas cluster authentication system - which is separate from MongoDB corporate systems - has been compromised.

A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be...

Network behavior analysis helps secure and optimize the performance of the network upon which applications run and does so through a specialized form of network monitoring. "NBA helps in enhancing network safety by watching traffic and observing unusual activity and departures of a network operation," says Techopedia.

Gorelik discusses challenges posed by regulatory frameworks, incomplete asset inventories, and manual methods, while also exploring the role of automated systems, the future of vulnerability prioritization in the face of evolving cyber threats, and key factors organizations should consider in building effective remediation strategies. A vulnerability with proven exploitability or a high probability of exploitation existing within an active internet-facing business application is likely a higher priority than a vulnerability residing within an unused application in a well-protected environment.

A Verato survey offers perspectives on the data management strategies of healthcare executives, highlighting the crucial role of Healthcare Master Data Management in addressing key gaps, facilitating seamless data exchange, and aligning with the mandates of the 21st Century Cures Act. The 21st Century Cures Act set standards for the secure and frictionless exchange of data among payers, providers and consumers, including the establishment of an information-blocking rule that was finalized earlier this year.

At its core, encryption involves the use of algorithms, mathematical functions that manipulate data into a seemingly random and indecipherable form. This encoded information, referred to as ciphertext, can only be converted back into its original, meaningful state by those possessing the appropriate cryptographic key.

Infosec in brief MongoDB on Saturday issued an alert warning of "a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information." At the time of posting, the NoSQL pioneer advised it was "Not aware of any exposure to the data that customers store in MongoDB Atlas." Atlas is the provider's multi-cloud database-as-a-service offering.

Shadow Play advanced six distinct narratives, with two dominant themes: that China is "Winning" a technology war with the US; and the competition for rare earth minerals. Other narratives include that "The US is headed for collapse and its alliance partnerships are fracturing; that China and Russia are responsible, capable players in geopolitics; that the US dollar and the US economy are weak; and that China is highly capable and trusted to deliver massive infrastructure projects," outlined ASPI. Infosys loses fourth senior exec.