Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
The $1.7 trillion omnibus spending bill signed into law last week by President Joe Biden contains new cybersecurity requirements for medical devices that make it a game changer for strengthening security within the healthcare ecosystem, says Dr. Suzanne Schwartz of the FDA.
U.S. banking regulators warned banks to be wary of cryptocurrencies, writing in a joint statement that digital assets on decentralized networks are "highly likely to be inconsistent with safe and sound banking requirements." The missive comes after a volatile year for cryptocurrency.
A Utah-based senior healthcare firm paid a $200,000 settlement to two state attorneys general after it delayed reporting a 2019 data breach by 10 months. The breach affected 14,500 individuals and included Social Security numbers and medical treatment information.
After two sensational years in the public markets during the height of COVID-19, 2022 was a rude awakening for the cybersecurity industry. The four-headed monster of inflation, interest rate hikes, supply chain shortages and the ongoing Russia-Ukraine war dragged most stock prices down.
Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data. As if.
The Bahamas Securities Commission seized digital assets worth $3.5 billion from local firm FTX Digital Markets. The regulator says the funds were at risk of "imminent dissipation" due to hack attacks and will temporarily remain under its exclusive control, stored in secure digital wallets.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.
The latest edition of the ISMG Security Report shares tips for security leaders to navigate the threat landscape next year, discusses cybersecurity and privacy policy shifts to watch, and explains why global political and economic instability should not be cause for cybersecurity budgets to drop.
The prospect of class action lawsuits being filed in the aftermath of a major data breach often has more impact on breached healthcare organizations than the potential for fines and enforcement actions by government regulators, says attorney Jeff Westerman of Westerman Law Corp.
As FTX's bankruptcy proceedings continue, customers of the cryptocurrency exchange have filed a lawsuit against its former leadership, contending that they violated "customer agreements" and that customers' missing assets should be prioritized over all claims filed by creditors.
A member of a criminal data breach forum says he's selling email addresses and phone numbers of 400 million Twitter users. If verified, the data breach would be a further blow to Twitter and its beleaguered chief executive as regulators increase pressure over the firm's security practices.
Belgian banking giant Degroof Petercam is warning hundreds of clients that their employees are at risk of fraud after personal details tied to their stock option plans were accessed, potentially by an ex-employee. The bank has reported the data breach to the Belgian Data Protection Authority.
U.S. President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act, designed "to encourage the migration of federal government IT systems to quantum-resistant cryptography" by ensuring they prepare strategies now for implementing forthcoming cryptography standards.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.