The SEC voted 3-1 to advance new, mandatory cybersecurity rules for registered investment advisers, companies and funds. The proposal - open for a 30-day public comment period - would require entities to adopt and implement written cybersecurity policies and a 48-hour incident reporting mandate.
It’s a challenging time for organizations and security professionals charged with defending their organization against breaches and incidents. Investigations are multiplying and diversifying–there are more of them, and new types of cases arise all the time. Spurred by global trends and challenges, such as COVID-19...
This edition of the ISMG Security Report analyzes what prosecutors say is the biggest cryptocurrency seizure in U.S. history as well as the biggest financial seizure. It also details how a school district CISO resigned over the district's handling of a severe data breach and busts Zero Trust myths.
Michael Hamilton, CISO at security firm Critical Insight, discusses health data breach trends. The bad news: The number of major breaches reported to regulators in 2021 hit a record high. The good news: The rate of breaches reported last year compared to 2020 appears to be slowing down.
Jeff Williams, co-founder and CTO of Contrast Security, says people have a right to know if the products they use are secure. It's difficult to tell if software is secure, he says, so companies need incentives to build good security programs, improve their software and disclose any flaws they find.
Are ransomware-wielding criminals running scared? That's one likely explanation for the sudden release this week of free, master decryption keys for three different strains of formerly prevalent ransomware: Maze, Sekhmet and Egregor.
Equifax has agreed to a settlement for the 2017 data breach that exposed the personal information of 147 million people. The settlement with the U.S. Federal Trade Commission, the Consumer Financial Protection Bureau and 50 U.S. states and territories includes up to $425 million to help victims.
The European Central Bank, the central bank of the 19 EU countries using the euro, has reportedly warned against potential Russian cyberattacks, and EU banking institutions are reportedly conducting cyber war games to test resiliency against a potential cyber offensive, according to Reuters.
Federal authorities are again warning healthcare and public health sector entities about potential threats posed by ransomware-as-a-service group LockBit 2.0, despite the cybercrime gang's claim that it does not target healthcare organizations.
A "deliberate and malicious" cyberattack struck Vodafone Portugal, including its 4G/5G network, fixed voice, TV, SMS and voice/digital answering services. ATM networks of large banks connected to its 4G network were also disrupted. The company says its 4G network has now been partially restored.
Israeli officials announced they will set up a commission of inquiry to investigate reports that the nation's police force used the flagship spyware of Israeli firm NSO Group, called Pegasus, to hack the phones of Israeli public officials, journalists and activists.
It is essential that entities across all industries - and especially in healthcare - better prepare every type and level of worker on how to respond to potentially devastating ransomware attacks, says privacy and security attorney Erik Weinick of law firm Otterbourg PC.
Swissport, a global company that provides aviation-related services, confirmed it was hit by a ransomware attack on Thursday. The incident has now been contained, and a full system cleanup and recovery process is underway with no significant delays in sight, a company spokesperson says.
Meter, a blockchain infrastructure company that provides multi-chain bridging and allows users to trade multiple cryptocurrencies across Ethereum and other public chains, has been exploited for around $4.4 million, the company acknowledged via Twitter. The hack also affected the Moonriver network.
The ransomware operation known as Alphv - aka BlackCat - appears to be a reboot of the DarkSide group, which rebranded as BlackMatter following serious encryption and victim-selection mistakes. Amid reports that Alphv has disrupted 17 oil terminals in Western Europe, how long until the next rebrand?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.