Michael Lines is working with ISMG to promote awareness of the need for cyber risk management. As a part of that initiative, CyberEdBoard posts draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter is "Recognize the Threats."
As the Russia-Ukraine war continues, healthcare sector entities need to be prepared to deal with potential spillover cyber incidents, says Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware. She discusses current cyber challenges.
As war in Ukraine rages and the Putin regime continues to drive toward population centers in the former Soviet state, U.S. cybersecurity officials remain on high alert - questioning whether the Russians will elevate the cyberwar against their Western neighbor or even NATO networks.
Automotive technology/parts supplier Denso confirmed that it suffered a ransomware attack last week. Investigations are ongoing. The company has not disclosed the ransom demanded or the attacker's name, but dark web monitoring platform DarkTracer says it's the work of the Pandora ransomware group.
What are the ethics of paying ransom to cybercriminals who might be working as a proxy cyber force in support of Russia's invasion of Ukraine? Realistically, whether or not to pay often comes down to a business decision. But Russia's invasion further complicates the optics for ransomware victims.
Expel is out with its new forward-looking report, "Great eXpeltations," and among the topics covered is supply chain targeting. Jon Hencinski of Expel and Bruce Potter of Clear Street share insights on why organizations must pay attention to these attacks.
Ukraine's cybersecurity authority says the country is fighting its first-ever hybrid war - combining conventional and digital warfare strategies and tactics. In this time of high alert, Rob Dartnall of Security Alliance calls for organizations to develop their threat intelligence capabilities.
Hacking group MuddyWater, linked to the Iranian Ministry of Intelligence and Security, is targeting Turkey and the Arabian Peninsula to conduct espionage and intellectual property theft and to deploy ransomware and destructive malware. The campaign uses malicious documents to deploy RATs on systems.
After months of political infighting, a landmark cybersecurity provision requiring critical infrastructure providers to report security incidents and ransom payments has passed both chambers of Congress and now heads to President Joe Biden's desk. The mandate is part of an omnibus spending bill.
Two suspected ransomware operators have been extradited to the U.S. from Ukraine and Canada, according to the Department of Justice. One was allegedly part of the July 2021 Kaseya attack, and the other allegedly attacked healthcare facilities with NetWalker ransomware during the COVID-19 pandemic.
Cybersecurity in Russia right now is complicated, owing to reprisals over its Ukraine invasion, leading to Russia launching its own root certificate to keep sites online; facing down "Russians only" RURansom wiper malware; and Avast being the latest business to suspend all operations in the country.
The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
The Lapsus$ ransomware group is tricking users into installing malware by disguising it as verified and signed certificates, which researchers say are believed to have been stolen from the Nvidia and Samsung source code leaks.
In an excerpt from his book "CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide," Peter Gregory discusses choosing the fifth option in risk management, which is ignoring the risk. He warns of the problems that choice can cause.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.