The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns. It says that there's also been a rise in tardy breach notifications containing little detail.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of product security, the impact of ransomware on healthcare sector entities during the pandemic and thinking about cybersecurity awareness creatively.
Apache HTTP Server users are being warned to install yet another patch, as a fix released Wednesday was incomplete and introduced a new flaw. The U.S. Cybersecurity and Infrastructure Security Agency has urged all users to update immediately, citing in-the-wild attacks exploiting Apache's software.
The latest edition of the ISMG Security Report features an analysis of the arrest of two suspects tied to a major ransomware group in Ukraine. Also featured: Introducing "The Ransomware Files" and defining the next-gen CISO.
The U.S. Department of Justice said this week it will pursue government contractors that fail to report cybersecurity incidents. The department also announced the formation of a Cryptocurrency Enforcement Team to prosecute the misuse of virtual currencies.
U.S. lawmakers have introduced legislation that would require the reporting of ransom payments within 48 hours of the transaction. The bill would also require DHS to create a voluntary website to log ransom payments and task the department with studying ransomware and cryptocurrencies.
Who had heard of Syniverse before it recently disclosed a five-year breach, potentially exposing call-routing data and text messages for hundreds of mobile phone networks? The incident is just the latest supply chain attack to hit a lesser-known but nevertheless critical service provider.
Cyber extortion through digital means is nothing new, says U.K.-based cybersecurity expert John Walker, but the concerning aspect of today's ransomware attacks is that they are "low-cost in the macro sense and so easy to achieve."
Telecommunications service provider Syniverse, which routes 1 trillion messages annually for many of the world's mobile phone carriers, has disclosed a five-year breach of its systems, which handle call metadata and text messages. Experts say the exposed data poses serious criminal and espionage risks.
Some of the highest-ranking cybersecurity officials in the U.S. government discussed the pervasive threat of ransomware on Tuesday, likening it to a clear issue of national security with the ability to inflict measurable damage on major world powers.
Hypervisors under fire: BlackMatter, HelloKitty and REvil are among the ransomware groups targeting instances of VMware's ESXi. In one case investigated by security firm Sophos, after first accessing a TeamViewer account, attackers left an organization's ESXi environment crypto-locked just three hours later.
A former U.S. Army contractor has been sentenced to 12 years and seven months in prison and ordered to pay $2,331,639.85 in restitution, for conspiring to commit wire fraud and launder money, targeting thousands of military-affiliated individuals, according to a Department of Justice statement.
As Cybersecurity Awareness Month kicks off this week, U.S. President Joe Biden has weighed in on his administration's efforts to curb cyberattacks and bolster the federal government's security posture.
Four federal agencies have been awarded $311 million to bolster the U.S. government's cyber defenses and address IT modernization challenges, according to the interagency board of the Technology Modernization Fund, a federal funding source, which made the announcement Thursday.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
