The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.
Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.
T-Mobile on Tuesday began informing a portion of its customers that some of their mobile phone account information may have been compromised in a data breach that took place in early December. About 200,000 customers are affected.
Citrix is warning its customers that attackers are taking advantage of the company's ADC products to conduct and amplify DDoS attacks, according to a notification published by the firm. A permanent fix to address this security issue won't be available until January.
More than two years after Europe's tough new General Data Protection Regulation came into full effect, EU privacy watchdogs are finding more consensus, and consumers have been benefiting, experts say. But how regulators apply sanctions, in particular, remains a work in progress.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
The latest edition of the ISMG Security Report features an analysis of why the FireEye breach is a wake-up call for the cybersecurity industry. Also featured: Monero cryptocurrency scams; key considerations for cloud security.
A Florida-based company that provides support services to hundreds of dental practices in 20 states says it's been hacked, exposing information - including payment card numbers - on more than 1 million patients.
FireEye, one of the world's top cybersecurity firms, says attackers stole its penetration testing tools and sought information about government clients. But FireEye doesn't believe the suspected nation-state hackers exfiltrated any data.
The U.S. National Security Agency is warning that Russian state-sponsored threat actors are attempting to exploit a known vulnerability in several VMware products, according to an alert. Federal agencies are urged to apply fixes as soon as possible.
A source code flaw in the Google Play store platform could enable attackers to perform remote code execution for credential theft on several prominent apps, a new report by security firm Check Point Research finds.
Sophos is warning that some of its customers may have had their data exposed to a misconfigured internal system, according to a published report. The security firm confirmed that a "small set" of customers was affected.
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.