A Florida healthcare system says it is diverting emergency patients and is only accepting certain Level 1 trauma cases while it deals with an "IT security incident." Meanwhile, a Maryland hospital is responding to its own ransomware incident.
According to the World Economic Forum, geopolitical instability has helped to close the perception gap between business and cyber leaders' views on the importance of cyber risk management, and "91% of all respondents" believe that "a far-reaching, catastrophic cyber event" is on the horizon.
In the latest weekly update, ISMG editors discuss the lasting effects of the takedown of the Hive ransomware group, why the U.S. government is warning of a surge in Russian DDoS attacks on hospitals, and why the lack of transparency in U.S. breach notices is creating more risk for consumers.
Criminals lately have been prioritizing two types of attacks: exploiting Remote Desktop Protocol and penetrating cloud databases. So warns cyber insurer Coalition, based on analyzing in-the-wild attacks seen in 2022 via underwriting and claims data, scans of IP addresses and honeypots.
Another day, another crypto hack: A hacker on Wednesday exploited a smart contract vulnerability on a decentralized platform to steal cryptocurrency. The attacker got away with either $120 million or $1 million, depending on whom you ask. It's complicated.
While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
The insider threat hacker who attempted to extort $1.9 million out of Ubiquiti Networks faces sentencing in May after pleading guilty to three crimes in federal court. The hacker, Nickolas Sharp, was the company's cloud lead and was on the team remediating the security incident he caused.
The BlackCat ransomware-as-a-service group says it's selling 2 terabytes worth of military data including classified documents culled from Indian explosives and propellant manufacturer Solar Industries. Ransomware criminals say they've stolen specifications of rocket propellant and warheads.
Lacework has debuted an attack path analysis tool to help organizations understand the havoc specific threats could wreak within their cloud infrastructure, says CEO Jay Parikh. The company helps customers prioritize which risk elements inside their infrastructure should be addressed first.
The Russia-Ukraine war has had huge economic consequences for Eset, given that the Slovakian vendor was the largest cybersecurity company in Ukraine and second-largest in Russia. The decision to halt sales in Russia and a spending slowdown in Ukraine due to the war hurt Eset, says CEO Richard Marko.
Hackers stymied by Microsoft's crackdown on macros are shifting to malicious OneNote attachments. Particularly worrying is the takeup of the tactic by an initial access broker associated with various ransomware infections, say researchers from Proofpoint.
Christmastime was bleak for a number of organizations in Britain that got hit with ransomware, including car dealership giant Arnold Clark, which originally reported that no customer data had been stolen. But the business subsequently revised its assessment, after attackers dumped stolen data.
Researchers from cybersecurity firm WithSecure say they spotted a North Korean espionage campaign they dub "No Pineapple" that reveals a slew of tools in the Pyongyang hacking arsenal. They're confident the hackers were North Korean: One hacker connected to an infected server using a DPRK address.
Security director Ian Keller, rants about the insider threat and the massive role leadership plays in changing people's behavior so they don't become one. As Keller says, "The way you treat people is directly reflected in how they treat you and your business."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.