The DOGE website has recently come under scrutiny for its security shortcomings and its heavy reliance on X, the social media platform owned by Elon Musk. An investigative review by WIRED has revealed that the DOGE homepage predominantly features a stream of its posts from X, while its underlying code…
Governance & Risk Management, Identity & Access Management, Identity Governance & Administration President Matt Mills Discusses M&A Strategy and Machine Identity Security Focus Michael Novinson (Michael Novinson) • February 14, 2025 Matt Mills, President of SailPoint (Image: SailPoint) SailPoint’s transition from a traditional software company to a software-as-a-service (SaaS) provider…
Data Breach at Zacks Exposes Millions of Accounts A significant cybersecurity incident has unfolded at Zacks Investment Research, where a cybercriminal claims to have compromised approximately 12 million customer accounts. Originally reported as 15 million, a subsequent investigation has led to a revised estimate of 12 million stolen data records.…
The emergence of RansomHub in 2024 marks a significant evolution in ransomware threats, impacting over 600 organizations following recent disruptions faced by established groups ALPHV and LockBit, as reported by Group-IB. Group-IB’s latest analysis, exclusively presented to Hackread.com, sheds light on the alarming ascent of ransomware-as-a-service models, with RansomHub identified…
Artificial Intelligence & Machine Learning, Healthcare, Industry Specific Lawsuit Claims Insurer Misused AI in Denying Necessary Medical Care Marianne Kolbasuk McGee (HealthInfoSec) •February 14, 2025 Image: UnitedHealthCare A proposed class action lawsuit against UnitedHealth Group has gained judicial approval to progress. The case contends that UnitedHealthCare, the company’s insurance division,…
Title: Salt Typhoon Targets Cisco Devices in Global Cyber Campaign In a significant cybersecurity incident, the advanced persistent threat (APT) group known as Salt Typhoon has compromised over a thousand Cisco devices across a network of telecommunications companies, internet service providers (ISPs), and academic institutions. This widespread attack poses serious…
Researchers have identified an ongoing and sophisticated phishing campaign orchestrated by Russian operatives aimed at compromising Microsoft 365 accounts across various sectors. This threat leverages a technique known as device code phishing, which manipulates a specific authentication method under the OAuth standard—referred to as device code flow. Device code flow…
Emerging Trends in Fraud Prevention and Anti-Money Laundering Solutions As cybercriminals utilize advanced technologies, including artificial intelligence to orchestrate deepfake scams and synthetic identity fraud, financial institutions are ramping up investments in fraud detection, anti-money laundering (AML) solutions, and identity verification systems. This evolution in the threat landscape is compelling…
A significant data breach has reportedly affected Zacks Investment Research, a prominent investment research firm based in the United States. Recent findings reveal that account information from nearly 12 million users has been leaked online, following a cyberattack in June. This incident was disclosed in a report by BleepingComputer, which…