Russian state-sponsored threat actors are exploiting default MFA protocols, along with PrintNightmare, the Windows Print Spooler vulnerability, to illegally access the network of a nongovernmental organization, the U.S. Cybersecurity and Infrastructure Security Agency and the FBI say.
As the Russia-Ukraine war continues, healthcare sector entities need to be prepared to deal with potential spillover cyber incidents, says Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware. She discusses current cyber challenges.
Automotive technology/parts supplier Denso confirmed that it suffered a ransomware attack last week. Investigations are ongoing. The company has not disclosed the ransom demanded or the attacker's name, but dark web monitoring platform DarkTracer says it's the work of the Pandora ransomware group.
Two suspected ransomware operators have been extradited to the U.S. from Ukraine and Canada, according to the Department of Justice. One was allegedly part of the July 2021 Kaseya attack, and the other allegedly attacked healthcare facilities with NetWalker ransomware during the COVID-19 pandemic.
Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
Ransomware groups continue to target critical infrastructure sectors internationally. An FBI alert says that ransomware group RagnarLocker has targeted 52 entities across 10 critical infrastructure sectors, while Romania's premier petrol supplier, Rompetrol, has reportedly been hit by Hive.
The Lapsus$ ransomware group says it has released some of the data trove stolen from chipmaker Nvidia. Leaked data contains proprietary source code, drivers and documentation on Nvidia's Falcon and LHR products. Experts discuss the impact on Nvidia, the stolen data's worth and remediation measures.
Toyota Motor Corp. reportedly decided to suspend all operations starting Tuesday because of a suspected cyberattack on Kojima Industries, its manufacturing partner. The suspension means the company’s output will be down by around 10,000 cars, according to a report from media agency Nikkei Asia.
As the Russian invasion of Ukraine escalates, organizations in the U.S. and Western Europe wonder: What is the potential blowback if the U.S. strikes back at Russia? Sam Curry, veteran CSO of Cybereason, reviews the possibilities and advises about how best to approach risk and preparedness.
As Russia has invaded Ukraine, the likelihood of nation-state cyberattacks continue to escalate, and banks remain a top target. On this week's "Sound Off," David Pollino, the former CISO of PNC Bank, discusses how financial institutions should - and must - strengthen their incident response plans.
As fresh wiper malware attacks target Ukrainian government and financial services organizations and contractors, security experts are urging organizations outside the country to avoid catastrophizing and stay focused on maintaining basic, essential cybersecurity defenses.
The Ukrainian cyber police have arrested five individuals charged with stealing credit card data from at least 70,000 people, using 40 separate phishing sites. The losses from the attack are reported to amount to more than $172,656.
Cisco's Email Security Appliance is affected by a high-rated vulnerability that can allow an unauthenticated remote attacker to launch a denial-of-service attack, the company says. The company and CISA advise that affected software be updated at the earliest.
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.