Cyber experts recommend security teams stay on high alert in protecting enterprise networks as Russia launches cyberattacks against Ukraine, atop its ground invasion. This thread serves as a comprehensive security-related news thread for the Russia-Ukraine conflict.
A bipartisan Senate bill proposes closer collaboration between the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency, with a goal of strengthening cybersecurity in the health and public health sectors. But would that make a major difference?
Google's threat analysis team has detected a new remote code execution flaw leveraged by North Korean nation-state attackers targeting cryptocurrency, fintech and other industries. Although not named in the report, there appears to be a link to the notorious Lazarus cybercrime group.
An Estonian national accused of causing more than $53 million in ransomware losses has been sentenced to U.S. federal prison for furthering and facilitating computer intrusions, the movement of fraudulently obtained goods and funds, and the monetization of stolen financial account information.
As President Joe Biden visits Europe this week, the U.S. and the European Commission announced they have agreed in principle to a new Trans-Atlantic Data Privacy Framework. Officials say it will foster cross-border data flows and address concerns raised by the EU Court of Justice in 2020.
In the latest weekly update, editors at Information Security Media Group discuss important cybersecurity issues, including the White House warning about escalated cyberthreats from Russia, the impact of the Russia-Ukraine war on the healthcare sector and why combating SIM swap fraud remains challenging.
Online attackers are increasingly targeting the financial services sector. John Fokker, head of cyber investigations at Trellix, says his firm has charted a 22% quarterly increase in ransomware attacks on financial services, and APT detections have risen by 37%. Here's how the industry must respond.
Police in London say they've arrested seven people that the BBC reports are tied to the Lapsus$ hacking group, which has claimed responsibility for data breaches involving Okta, Microsoft, Nvidia, Ubisoft and more. The names of the suspects, who are mostly teenagers, have not been released.
With so much at stake, organizations have to formulate a framework of cybersecurity strategies that can adapt to new and evolving threats. Cybersecurity involves not just technological defenses but a comprehensive process that keeps employees updated about security policies, ensures there's a thorough evaluation of...
A ransomware attack can be extremely expensive for victims and can cost them over $700,000 to recover.
A Research suggests that in 2020, a new organization will be hit by ransomware every 14 seconds.2 In the future, ransomware as a service is expected to rise quickly as well, making ransomware an even bigger...
TLS machine identity-related outages—from expired, misconfigured or unknown TLS certificates—are the Achilles heel of digital transformation projects. Do it wrong and perfectly functioning applications and services can be rendered inoperable. Worse still the security controls you rely on, from traffic inspection...
The U.S. Department of Justice has indicted a 23-year-old Russian national for operating a cybercriminal marketplace that sold thousands of stolen login credentials, PII and authentication tools, according to U.S. Attorney Brit Featherston of the Eastern District of Texas.
The number of major health data breaches posted to the federal tally so far in 2022 - and the total number of individuals affected by those breaches - has surged in recent weeks as reports of large hacking incidents continue to flow in to regulators.
IT officials from Ukraine continue to call out alleged Russian cyberattacks. This comes as hacktivists have taken matters into their own hands in the digital underground. Also: NATO pledges additional cyber support, while President Joe Biden urges U.S. governors to bolster defenses.
The latest edition of the ISMG Security Report reviews the latest cyber resilience "call to action" from the White House and also explores authentication provider Okta's failure to inform hundreds of customers in a timely manner that their data could have been stolen by the Lapsus$ group.