|
|
|
The U.S. Energy Department has fixed a vulnerability that let people use fake email addresses to access its portal for critical minerals and energy innovation. Fraudsters could create email addresses that resemble those of Energy Department employees without the portal verifying identities, according to an outside security researcher who found the bug. (NextGov)
|
|
|
|
|
|
Nearly nine years later: U.K. retailer DSG must pay a fine of £500,000, about $675,000, related to a July 2017 cyberattack that breached the data of more than 14 million people, the country's Court of Appeal ruled. DSG and the Information Commissioner’s Office have been battling in various courts since the U.K.'s data-privacy regulator first issued the fine in 2020.
-
The ICO found several security failings that allowed scammers to install malware on 5,390 cash registers at DSG stores, collecting payment information and other customer details. (Cybernews)
|
|
|
|
|
600+
|
|
Number of Fortinet FortiGate firewalls compromised by Russian-speaking hackers using AI tools across more than 55 countries during five weeks in January and February, according to new research from Amazon's threat intelligence group.
The hackers didn't exploit known flaws in the devices. Instead, they looked for ripe weaknesses, such as open ports and poor authentication setups, Amazon said. If they didn't find any, they moved on quickly, "underscoring that their advantage lies in AI-augmented efficiency and scale."
|
|
|
|
|
|
|
|
Robert Carvajal was promoted to CISO at BayCare, a non-profit healthcare system based in Clearwater, Fla.
Rich Friedberg joined wealth-management firm Envestnet as CISO after four years in the same role at Live Oak Bank. Friedberg reports to Envestnet's chief technology officer.
|
|
|
|
|
|
|
|
|
|
|
|
|
