Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The EU Healthcare system is under attack. Between January 2021 and March 2023, the health sector faced various cybersecurity incidents, endangering the confidential information of hospital and patient data. For the 13th year in a row, the healthcare industry reported the most expensive data breaches, averaging a cost of USD 10.93 million. This year, 40 million patients have already been impacted by data breaches, indicating that 2023 is on track to set a new record for attacks on the health sector.

Netskope Threat Labs is tracking a campaign that uses malicious Python scripts to steal Facebook users’ credentials and browser data. This campaign targets Facebook business accounts with bogus Facebook messages with a malicious file attached. The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology sectors.

Bad news first. Implementing Zero Trust is more complex than using a particular service or a product. Although definitions vary, Zero Trust is an approach to network architecture that moves security closer to user actions and away from network assets. In a 100% Zero Trust environment, no user, process or application inside a network is trusted by default.

Amerita and Pharmerica are medical companies that offer services to nursing facilities, hospitals, individuals, and seniors. These companies specialize in infusion treatments but also provide additional medical services. The companies were recently the target of a data breach that resulted in serious data losses for some of their patients. This is a major issue worth exploring, and, another example of medical information being vulnerable to attack.

Our cyber adversaries are always staying one step ahead. Threat actors love nothing more than trying out new tactics and techniques to attack targets, achieving their malicious objectives. Today, anyone is susceptible to cyber threats at practically any moment. MITRE ATT&CK is a framework that serves as a guiding light— it helps you assess your existing security measures and enhance device and endpoint security mechanisms against these evolving cyber threats.

Every year, JFrog brings the DevOps community and some of the world’s leading corporations together for the annual swampUP conference, aimed at providing real solutions to developers and development teams in practical ways to prepare us all for what’s coming next.

While ransomware continues to be a top concern for organizations, Business Email Compromise (BEC) incidents have been rising and targeting all industries. Based on the FBI’s most recent Internet Crime Report, BEC complaints outpace those of ransomware 10:1, and the losses incurred by BEC are 80 times greater than those incurred by ransomware.

Datadog Cloud SIEM helps customers protect their cloud environment and SaaS applications against threats with built-in threat detection rules, interactive dashboards, workflow blueprints, and in-depth support resources. These capabilities provide valuable insights into your security posture, so you can respond promptly to emerging threats. In order to generate these insights, Cloud SIEM analyzes log data, which users can start sending to Datadog by enabling one of our out-of-the-box integrations.

How Forrester Consulting's insights helped Tanium develop an analysis tool that can shed light into the economic impact of XEM for state and local government.

Open source software (OSS) has driven technological growth for decades due to its collaborative nature and ability to share information rapidly. However, major OSS security vulnerabilities like Log4j, Heartbleed, Shellshock and others have raised concerns about the security and sustainability of similar projects. At the same time, major open source-based companies have changed their OSS licenses, like MongoDB, Elastic (formerly ElasticSearch), Confluent, Redis Labs and most recently, HashiCorp.