New York state officials are investigating a data breach at Illuminate Education, maker of a widely used software platform for K-12 schools. More than 1 million current and former New York students' personal details were exposed, and some students in California, Colorado and Connecticut were also affected.
A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based on forensic analysis.
An incident commander plays a vital role in the response to major cybersecurity incidents. The sharp rise in ransomware incidents makes them increasingly important.
Most network defenders have never experienced a business-critical incident. An incident commander brings much-needed experience and knowledge to guide...
Two signs that the tide may finally, if slowly, be turning on ransomware: The number of victims who choose to pay continues to decline, while the amount they pay - when they choose to do so - recently dropped by one-third, reports ransomware incident response firm Coveware.
If threat actors breach your network, they can steal data, encrypt servers, eavesdrop on meetings, and send harassing messages to employees and customers. Containing the threat by severing the attacker's access is essential for a secure recovery.
Download now to find out how to avoid attackers by using the...
Arguably one of the top tools in a CISO's toolbox is the use of an incident response retainer. The
primary use of a retainer is to give security leaders peace of mind. They know that if they have an
incident response situation, they do not go to the back of the line. Conversely, they can engage with an
incident...
Secureworks incident responders assisted in the containment and remediation of more than 450 security incidents in just 2 months.
The motivation and context for incident response (IR) engagements vary. For example, an
organization's decision to use IR services could be influenced by the organization's...
Kellogg Community College, or KCC, has resumed operations in all its five campuses - Battle Creek, Albion, Coldwater, Hastings and Fort Custer Industrial Park in Michigan - starting Wednesday. The college management had suspended classes on Monday as the result of a ransomware attack.
DeFi platform Fei Protocol has offered a $10 million "no questions asked" bounty to hackers in an attempt to recover some of the funds stolen from its recently merged DAO partner Rari Capital. Blockchain security firms BlockSec and CertiK say the amount of stolen funds totals about $80 million.
The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
Smartphones used by Spain's prime minister and defense minister were infected with Pegasus spyware built by Israel's NSO Group, government officials allege. The discovery follows human rights researchers finding Pegasus infections targeting Catalonians, likely traceable to the Spanish government.
As ransomware-wielding attackers continue to target businesses large and small, the organizations that respond best and escape most unscathed from such attacks are those that already have in place well-honed, rehearsed plans, says ransomware expert and attorney Guillermo Christensen of Ice Miller.
The Computer Emergency Response Team of Ukraine and the National Bank of Ukraine are warning of massive DDoS attacks against pro-Ukrainian targets. The intelligence service in Romania, SRI, also warns of a similar type of attack targeting sites belonging to its national authorities.
In what is likely the shortest breach reporting timeline globally, the Indian Computer Emergency Response Team, CERT-In, has mandated that starting June 28, government and private organizations in the country must inform the agency within six hours of discovering a cybersecurity incident.
In this edition, four ISMG editors discuss important cybersecurity issues, including how virtual currency Monero is becoming the main alternative to Bitcoin as the crypto choice for criminals, the challenges involved in an identity-centric Zero Trust approach and how to influence change in culture.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.