Hundreds of U.S. counties continue to work with pen and paper after a cyberattack on their digital records management vendor last week disrupted methods to view, add and edit government records. The attack slowed the processing of birth certificates, marriage licenses and real estate transactions.
Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
Software supply chain security (SCS) is rapidly gaining unwelcome notoriety as high-impact breaches hit the headlines. Third-party software suppliers SolarWinds, Apache (Log4j), and Kaseya have had far more than fifteen minutes of fame, alerting businesses and governments to the extent of structural weaknesses in the...
Modern organizations often have complex cloud and on-premise environments often managed with siloed security tools. This situation leads to fragmented visibility, an inability to prioritize risks for remediation and a lack of business-level reporting.
In this webinar, security leaders will learn how cloud security...
Malaysian Communications and Digital Minister Fahmi Fadzil has ordered an inquiry into an alleged massive data breach that reportedly involves data of Maybank, Astro and the Election Commission. The alleged breach reportedly affects 13 million citizens.
Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data. As if.
According to Accenture Security's Cyber Threat Intelligence team, information stealer malware - malicious software designed to steal information, including passwords - became one of the most discussed malware types on the cybercriminal underground in 2022.
Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
State-backed Russian hacking groups are continuing to focus less on Ukrainian military targets and much more on civilian infrastructure, Ukrainian cybersecurity officials report. Since the start of the year, Ukraine's Computer Emergency Response Team has tracked more than 2,100 major hack attacks.
Phishing and other socially-engineered schemes are going to get bolder, the attack surface is only going to get bigger, and enterprises everywhere are going to have to focus more on building cyber resilience. These are among the New Year's predictions from Zoom's new CISO, Michael Adams.
Hackers stole and leaked personal data for nearly 270,000 patients and employees of Louisiana's Lake Charles Memorial Health System as part of a ransomware attack for which Hive claimed credit. Patients and regulators have just been informed about the October attack.
A cybercrime forum this week listed for sale what a seller purports to be 30 million passenger records for users of India's railways. The Indian Ministry of Railways denies that the Indian Railway Catering and Tourism Corp, is the source of any data breach, but says it's investigating.
The latest edition of the ISMG Security Report shares tips for security leaders to navigate the threat landscape next year, discusses cybersecurity and privacy policy shifts to watch, and explains why global political and economic instability should not be cause for cybersecurity budgets to drop.
Posing as leading banks, the North Korea-backed BlueNoroff group is evading Microsoft Windows' Mark of the Web security measure to help infect machines with malware. Hackers are refining their techniques for bypassing MOTW, which warns users when they try to open a file downloaded from the internet.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.