Mark Zuckerberg (Photo: ISMG)

Zuckerberg Sued Over Cambridge Analytica Scandal

Prajeet Nair • May 24, 2022

Mark Zuckerberg, CEO of Facebook parent Meta, is being sued for failing to protect users of the social media platform during the Cambridge Analytica privacy scandal. The lawsuit on behalf of the District of Columbia was initiated by Washington, D.C. Attorney General Karl A. Racine.

Blockchain & Cryptocurrency

CISA: Majority of US Government Will Get EDR Later in 2022

Latest

Fraud Management & Cybercrime

13% Spike in Ransomware Is Biggest in 5 Years

Brian Pereira • May 25, 2022

Ransomware has grown 13% year on year in 2022, a jump greater than the past five years combined, a Verizon Business 2022 Data Breach Investigations Report published on Tuesday shows. It says financial gain continues to be the primary motive for attacks, followed by espionage.

Application Security

WhiteSource, Renamed Mend, Takes on Remediating Code Issues

Michael Novinson • May 25, 2022

WhiteSource has renamed itself Mend as the company pushes beyond software composition analysis to become a broad application security platform with automated remediation. The name WhiteSource didn't have any negative connotations when the company was founded, but some people today find it offensive.

Breach Notification

3 Health Data Hacks Affect 1.4 Million Individuals

Marianne Kolbasuk McGee • May 24, 2022

Hacking incidents recently reported as major breaches by three different types of health sector entities - a children's hospital, a managed care plan and a government contractor - have in total compromised the sensitive information of more than 1.4 million individuals.

Artificial Intelligence & Machine Learning

Semperis Raises $200M to Extend AI, ML to Identity Security

Michael Novinson • May 24, 2022

Semperis has closed a Series C funding round to expand geographically and enhance identity protection and threat mitigation with AI and ML capabilities. The AD security provider plans to use the $200 million to expand into safeguarding additional cloud applications and cloud identity providers.

Security Operations

UK Privacy Watchdog Imposes 7.5M-Pound Fine on Clearview AI

Mihir Bagwe • May 24, 2022

The ICO has imposed a penalty of 7.5 million pounds on Clearview AI Inc. for using scraped U.K. citizen facial images for its facial recognition database. The agency has directed the firm to delete images of all U.K. citizens and to stop scraping data from the open internet.

Governance & Risk Management

Hospital Cyberattack Compromises Data From Decades Ago

Marianne Kolbasuk McGee • May 23, 2022

A cyberattack detected in December at a Canadian healthcare entity has compromised a wide range of data, including some patient information dating back to 1996, as well as employee vaccination records from last year. Some of the affected data belonged to a nonprofit group of affiliated clinicians.

Blockchain & Cryptocurrency

Proof of Concept: How Can We Improve Industry Collaboration?

Anna Delaney • May 23, 2022

In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.

Endpoint Security

How Broadcom Acquiring VMware Would Shake Up Cybersecurity

Michael Novinson • May 23, 2022

The tumultuous experience of Symantec under Broadcom's control presents a cautionary tale for CISOs currently using VMware's security technology. Symantec saw massive customer and employee attrition following deal close, and the company's technology doesn't fare as well in reviews by Gartner.

Application Security

Pathlock-Appsian Deal Combines App Governance, ERP Security

Michael Novinson • May 20, 2022

Pathlock has merged with Appsian to form a 500-person vendor that secures users and data across SAP and Oracle's ERP apps. Bringing Pathlock, Appsian and Security Weaver together will allow the firm to take a larger bite out of the $110 billion market focused on compliance testing for business apps.

Anti-Money Laundering (AML)

What Is Behind the Increase in Crypto Fraud?

Suparna Goswami • May 20, 2022

There has been a rise in crypto fraud, and a substantial portion of it can be attributed to stimulus funding and paycheck protection programs, says David Britton, vice president of strategy, global ID and fraud at Experian. He discusses new authentication methods and stricter regulations.

Business Continuity Management / Disaster Recovery

ISMG Editors: The Case of the 'Dr. Evil' of Ransomware

Anna Delaney • May 20, 2022

In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.

3rd Party Risk Management

Ransomware: What's Changed Since Colonial Pipeline Got Hit?

Mathew J. Schwartz • May 20, 2022

When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.