It's time for companies dealing with non-HIPAA-regulated health information to plan their compliance with Washington state's My Health My Data Act, which goes into effect in the new year and affects organizations that are based in other states, said attorney James Hennessy of law firm Reed Smith.
Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister.
A previously undiscovered critical exploit can allow threat actors to gain persistent, unauthorized access to Google services and connected accounts even after users have changed their passwords, cybersecurity researchers warn. They said the flaw enables hackers to manipulate the OAuth 2 protocol.
In this weekly update, four editors at Information Security Media Group delve into key 2023 cybersecurity issues, spotlighting efforts by the Biden administration, proposed U.S. healthcare cybersecurity laws, and crucial upcoming dates for the information security community.
Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.
Albania's Parliament and a telecommunications service provider faced online attacks on Christmas day, according to the Albanian National Authority for Electronic Certification and Cyber Security. Iranian hackers called Homeland Justice have claimed responsibility for the latest wave of attacks.
This week, a breach at real estate firm Wealth Network exposed 1.5 billion records, Corewell Health patients were hit by a second breach, data of 1.3M LoanCare mortgage customers was exposed, and Yakult Australia admitted to experiencing a "cybersecurity incident" that exposed 95 gigabytes of data.
This week in the cryptocurrency industry, Thunder Terminal successfully prevented a hack, Changpeng Zhao ranking 34th on a list of billionaires, Coinbase refuted a senator's allegations of subverting crypto regulations, and scammers stole $3 million in 24 hours using fake ads.
Cyberspace aggression against Israel has intensified since the onset of war in the Gaza Strip, changing from online vandalism to attacks aimed at disruption and sowing fear, says Israel's cybersecurity agency. A prominent attack vector is phishing emails.
Hackers are targeting Linux Secure Shell servers to install tools for port scanning and dictionary attacks to compromise other vulnerable servers, forming a network for cryptocurrency mining and distributed denial-of-service attacks, say researchers at AhnLab Security Emergency Response Center.
Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
A Russian man accused by the U.S. of trafficking in a hacked database of online credentials will apparently evade American courts after the Russian government said it had succeeded in extraditing him. Russian prosecutors say Nikita Kislitsin faces charges related to an October 2022 hacking incident.
Senior analyst Alla Valente discusses Forrester's "Predictions 2024: Cybersecurity, Risk and Privacy" report, which outlines five predictions to help security, risk and privacy leaders prepare for the coming year. She also discusses the significance of governance and accountability in the use of AI.
All has not been quiet on the malicious cybersecurity front this year, thanks to constant cybercrime innovation, cyberattacks and cyberespionage, and malicious or inadvertent data breaches. Here are 12 notable incidents and trends of 2023 and their implications for the bigger cybersecurity picture.
Hackers carried out a double-extortion ransomware attack on medical software company ESO Solutions, exposing personal details and healthcare information of 2.7 million U.S. patients and encrypting some of the company's systems. Double-extortion attacks also exfiltrate data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.