Cryptocurrency trading platform Binance restricted access to 85 accounts as part of an action against the LockBit ransomware affiliates, and authorities estimated that members of the now-defunct ransomware-as-a-service operation had pocketed "hundreds of millions" in ransom.
In the latest weekly update, Jeremy Grant of Venable LLP joins editors at ISMG to discuss the state of secure identity in 2024, the challenges in developing next-generation remote ID proofing systems, and the potential role generative AI can play in both compromising and protecting identities.
Hackers are on a tear to exploit unpatched ConnectWise ScreenConnect remote connection software to infect systems with ransomware, info stealers and persistent backdoors. The attacks observed by researchers include ransomware deployments tied to the now-defunct LockBit ransomware operation.
"Who is LockBitSupp?" Police teased they would reveal the answer to that question Friday, but when the big reveal came, they disclosed very little, except to cryptically say the apparent member of the LockBit ransomware group's leadership team "has engaged with law enforcement."
Once the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.
Global Tel Link, a major prison communications provider in the U.S., will be required to notify its users - as well as the Federal Trade Commission - about certain data breaches and security events after suffering a major data breach in 2020 that left users’ sensitive information available online.
It's not just medical device cybersecurity that's keeping some healthcare security leaders up at night - it's also the risks posed by other critical connected gear that patients and clinicians depend upon, said Ali Youssef, director of medical device and emerging tech security at Henry Ford Health System.
The U.K. telecom regulator Ofcom faces "significant challenges" in implementing the newly passed Online Safety Act, which is intended to protect children from online harm, says analysis by the House of Commons Committee of Public Accounts.
Change Healthcare - a unit of Optum that provides IT services and applications to hundreds of U.S. pharmacies, payers and healthcare providers - is dealing with a cyber incident that has forced the company to take its applications offline enterprisewide. The company said is triaging the situation.
This week, FixedFloat lost $26 million in a hack, the U.K. Financial Conduct Authority found illegal promotions of cryptocurrency, GoFundMe shuttered a Tornado Cash fundraiser, and an Australian cop allegedly stole $4 million worth of bitcoins.
This week: more fallout from LockBit, Avast to pay $16.5M, Russia-linked group targeted mail servers, no indication that AT&T was hacked, analysis of a patched Apple flaw, Microsoft enhanced logging, an Android banking Trojan, North Korean hackers and a baking giant fell to ransomware.
In most organizations, the privacy team plays an important role in artificial intelligence implementation and governance. Tarun Samtani, DPO and privacy program director at International SOS, said privacy principles inherently align with the demand for responsible data use of AI technology.
The notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being shut down, security researchers reported. Even so, experts say it's unlikely the group would be able to successfully reboot.
Previous studies on IoT and OT devices have primarily focused on internal components, neglecting open-source components that are crucial for internet and network connectivity, according to Stanislav Dashevskyi and Francesco La Spina, security researchers at Forescout Technologies.
Software giant ConnectWise urged customers to promptly update critical vulnerabilities that could allow the execution of remote code or directly affect confidential data or critical systems. The two vulnerabilities stem from an authentication bypass weakness and path traversal flaw.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.