Hackers Sagar Steven Singh and Nicholas Ceraolo pleaded guilty Monday in federal court to conspiring to commit computer intrusion and aggravated identity theft after illegally accessing a nonpublic law enforcement database, according to the Justice Department.
Medibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.
Spanish National Police have arrested a 22-year-old British national based on an International Arrest Warrant from the U.S. that accuses him of stealing bitcoins worth $27 million. Reports suggest the suspect is a key member of the Scattered Spider cybercrime group that hacked MGM and Clorox.
Many healthcare organizations have discovered major gaps in business operations preparedness - the ability to quickly rebound from major IT disruptions, such as those caused by the Change Healthcare cyberattack. Jigar Kadakia, CISO of Emory Healthcare, said it's time to come up with a Plan B.
Healthcare is increasingly complex and interconnected, and the push to exchange more digital patient information among providers adds to the threat of busy staff falling victim to phishing and other scams that can jeopardize data, said Krista Arndt, CISO of United Musculoskeletal Partners.
This week, feds counted cyber incidents; Ukraine made arrest; Black Basta seemed to exploit flaw; 51 flaws in Patch Tuesday; SolarWinds, JetBrains patched flaws; Alan Turning Institute debunked paper on AI; Santander wants password changes; Christie's spoke of data breach and cyber pros face burnout.
Brazil's growing profile on the world stage comes freighted with cyberthreats from abroad and a thriving criminal ecosystem from within, warns Google. "As Brazil's influence grows, so does its digital footprint, making it an increasingly attractive target for cyberthreats."
The city of Cleveland, Ohio, is launching an investigation into an apparent cyber event that forced a shutdown of its information technology systems throughout the start of the week, officials said Tuesday, though additional details surrounding the incident remain unclear.
The 2023 hack at medical transcription firm Perry Johnson & Associates, which affected dozens of clients and about 14 million individuals, triggered the largest health data breach reported to regulators last year. Now the incident appears to be under federal criminal investigation.
What’s old is new again…Mid-market and small banks are as vulnerable as ever to check kiting schemes due to limited resources and outdated technology, if not more due to the rise in check fraud. Manual verification processes and outdated detection methods make it easier for fraudsters to exploit the delay between...
An investigation into info stealer-driven attacks on Snowflake customers shows that approximately 165 clients potentially had data stolen by financially motivated hackers, says cyber threat intel firm Mandiant. It attributed the attacks to a cluster of threat activity that it now tracks as UNC5537.
A financially motivated hacker claims to have stolen over 34 gigabytes of data belonging to Singapore-based Telecom company Absolute Telecom. The hacker dubbed GhostR claims to have access to the company's data including corporate accounting, credit cards and customer information.
A high-ranking U.S. senator is urging the Department of Health and Human Services to get tougher on healthcare sector cyber requirements. He says its failure to regulate the cyber practices of top healthcare organizations is contributing to the "major epidemic" of attacks such as Change Healthcare.
This week, Microsoft deprecated NTLM authentication, a hacker put apparent Snowflake data up for sale, Ticketmaster confirmed its breach, the FBI disrupted LockBit, Cisco patched Webex flaws, pro-Russian hacktivists claimed a DDoS attack and Kaspersky launched a free virus removal tool for Linux.
A cyberattack on a U.K. laboratory services provider is disrupting patient care and testing services at several London-based NHS hospitals and other care facilities. Meanwhile, in the U.S., Ascension is providing a restoration timeline for its hospital EHRs in the wake of its attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.