Several cybersecurity, storage and cloud vendors have been evaluating the effect of the high-severity flaw in OpenSSL, tracked as CVE-2022-0778, which could be exploited to facilitate a denial-of-service condition, reports SecurityWeek.
Security researchers say the XM Cyber research underscores the reality that most network access still depends on shared secrets and the difficulty companies are having controlling lateral movement.
This week’s healthcare data breach roundup includes multiple ransomware-related incidents, including the ongoing outage at Partnership HealthPlan of California allegedly caused by Hive threat actors.
Reuters reports that the US government has held private briefings warning critical infrastructure organizations regarding the potential security risks of using Kaspersky software a day after Russia invaded Ukraine.
VentureBeat reports that while several news outlets have noted that a new remote code execution flaw in the widely-used Spring Core Java framework dubbed "SpringShell" may be the "next Log4Shell" vulnerability, it may not be as severe.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.