The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
The U.S. Department of Health and Human Services has notified Congress that the information of at least 100,000 individuals has been compromised in hacking incidents at HHS contractors involving exploitation of a flaw in managed file transfer software MOVEit from Progress Software.
The European Commission is set to finalize its digital wallet initiative after the proposal achieved political consensus on the core elements concerning its implementation. The latest digital monetary initiative comes as Europe rolls out plans for a digital euro.
In the latest weekly update, ISMG editors discuss the potential fallout from an SEC investigation of SolarWinds and its CFO and CISO, why the number of individuals affected by Clop's campaign against MOVEit is on the rise, and highlights from InfoSecurity Europe.
While financial fraud has been prevalent for years, businesses still struggle to find it among large pools of data. In this second installment on accounting fraud, a panel of experts discussed the challenges including a lack of resources, skills and tools to identify fraud.
This week, the U.S. sanctioned Russians running influence campaigns, the owner of the Monopoly darknet drug market was charged, CISA ordered federal agencies to patch flaws before July 13, Suncor Energy suffered a cyberattack and Petro-Canada gas stations were affected.
The new ransomware group 8Base is fast becoming a big player in the underground market, amassing nearly 40 victims in June - second only to the notorious LockBit ransomware gang. The group's top targets include business services, finance, manufacturing and IT industries.
The sensitive personal information of about 1.1 million National Health Service patients including trauma patients and victims of terrorism is reportedly among data compromised in a recent cyberattack on the United Kingdom's University of Manchester. The incident also affected students and alumni.
Researchers discovered an undisclosed malware family named EarlyRat being used by a branch of the North Korea-backed Lazarus Group. Kaspersky researchers said they stumbled upon the never-before-seen malware family, which is deployed in Log4j and phishing attacks.
More victims of the Clop ransomware group's supply chain attack against popular file transfer software MOVEit continue to come to light. Security experts say about 150 organizations now appear to have been affected by the attacks, which compromised the personal data of over 16 million individuals.
Federal regulators have issued a warning about a vulnerability in medical device maker Medtronic's Paceart Optima System which, if exploited, could lead to a denial-of-service or remote code execution affecting the system's cardiac device data.
Venn Software landed Series A funding to help businesses ensure the security and compliance of data on laptops they don't necessarily manage or own. The $29 million will enable firms to control and govern corporate data on worker-owned devices without forcing users to launch remote virtual desktops.
A firm that provides coding and billing services to healthcare entities has agreed to pay federal regulators a $75,000 fine and implement a corrective action plan in the wake of an exfiltration incident that compromised patient data contained in an unsecured network server.
A Cleveland-based healthcare system is notifying a not-yet-disclosed number of individuals about an incident involving unauthorized medical records access by an employee that continued for 15 years. The safety-net organization says the worker has been disciplined.
Security researchers at Censys found hundreds of federally owned devices at 50 different agencies exposed to the internet, accessible through IPv4 addresses and loaded with potentially vulnerable MOVEit and Barracuda Networks' ESG software. The vulnerabilities violate new CISA policy, the firm said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.