Security News

Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. From a clinical perspective, digital identity makes accessing technology completely transparent - invisible even.

Europe's proposed "Chat Control" legislation to automatically scan chat, email, and instant message communications for child sexual exploitation material ran up against broad resistance at a meeting of the German Parliament's Digital Affairs Committee on Wednesday. Chat Control 2.0 would make content scanning mandatory, even for encrypted communications - which would mean either content scanning prior to encryption or encryption keys managed by the service provider instead of the end user.

Resecurity identified one of the largest investment fraud networks by size and volume of operations created to defraud Internet users from Australia, Canada, China, Colombia, European Union, India, Singapore, Malaysia, United Arab Emirates, Saudi Arabia, Mexico, the U.S. and other regions. Modus operandi of the group was focused on investment options in non-existing products and investment plans supposedly offered by the Fortune 100 corporations and state-owned entities.

As part of this, he listed a series of key questions that every organization should ask itself to properly understand the risks faced. Does the organization know what its "Crown jewels" are? Does the organization have a thoughtful security culture at all levels, or does everyone leave it to a security department that's off to one side, only to be contacted in an emergency? Has the organization put the right controls in place to assess the risks attached to its funding sources and partnerships, and to protect its supply chain? Does the organization have a strategic approach to managing the risks and have those risks been discussed at board level?

Digital forensics is growing while being more tied with incident response, according to the latest State of Enterprise Digital Forensics and Incident Response survey from Magnet Forensics. Digital forensics increasingly involved with incident response.

In this role, Bhagwat will lead the evolution, growth, and expansion of the Entrust Digital Security portfolio, which includes solutions for data encryption, public and private certificate authorities, identity and access management, digital signing, and security policy management. In this insightful Help Net Security interview, Bhagwat delves into the ever-evolving landscape of digital security solutions, shedding light on the latest trends and advancements in the field.

Russia's invasion of Ukraine continues to have a major impact on energy prices, inflation, and cyberthreats, with the ransomware scene experiencing some of the biggest shifts, according to ESET. "The ongoing war in Ukraine has created a divide among ransomware operators, with some supporting and others opposing the aggression. Attackers have also been using increasingly destructive tactics, such as deploying wipers that mimic ransomware and encrypt the victim's data with no intention of providing a decryption key," explains Roman Kováč, Chief Research Officer at ESET. The digital threats trends. The war also affected brute-force attacks against exposed RDP services, but despite the decline of these attacks in 2022, password guessing remains the most favored network attack vector.

Email marketing service Mailchimp has confirmed intruders have gained access to more than 100 customer accounts after successfully deploying a social engineering attack. The latest digital burglary happened on January 11 when the resident security team spotted an "Unauthorized actor accessing one of our tools used by Mailchimp customer-facing teams for customer support and account administration," the company blog states.

The U.S. Cybersecurity and Infrastructure Security Agency has published four Industrial Control Systems advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw and command injection.

A top priority of organizations this year is improving reliability and success of backups, followed by ensuring that Infrastructure as a Service and Software as a Service protection is equitable to the protection they rely on for datacenter-centric workloads. Modern data protection is needed to keep businesses running.