Regulator Eyes Revamped Data Breach Reporting Requirements
Source: Data Breach today
Update Would Be First Revision of Rules for Telecommunications Sector Since 2007. Citing the mounting severity of data breaches, the Federal Communications Commission on Friday initiated a rule-making process to update breach reporting requirements for telecommunications carriers.
New FDA authority for medical device security signals big changes for manufacturers
Source: SC Media
For the last decade, healthcare provider organizations have borne the brunt of securing the expansive, complex medical device ecosystem. And most of even the best-equipped health systems struggle (and don’t) close all medical device security risks. But all that may soon change, at least for premarket device submissions.
Misconfigured PostgreSQL Used to Target Kubernetes Clusters
Source: infoRisk Today
Kinsing Malware Targeting Kubernetes Environment, Oracle Flaw. Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained access by exploiting weakly configured PostgreSQL containers and vulnerable container images.
Research confirms threat actor impersonating cryptocurrency firm on Telegram
Source: SC Media
A month after Microsoft revealed that a threat actor was targeting using Telegram to connect with cryptocurrency VIPs and infect them with malware, another firm has found additional evidence of malicious actors using tactics to impersonate legitimate actors in the cryptocurrency space.
The number of cloud apps delivering malware nearly tripled in 2022
Source: SC Media
Netskope reported Jan. 10 that more than 400 distinct cloud applications delivered malware in 2022 — nearly triple the amount seen the year before. The researchers also found that 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive.
Comentarios