Yet another audit has given the Department of Health and Human Services information security program a "not effective" rating for several issues, including contingency planning weaknesses in operating divisions.
The SolarWinds attack has cybersecurity leaders everywhere taking a hard look at third-party risk. But it’s one thing to have a fresh strategy and quite another to actually start holding vendors accountable for their own security.
Download this expert briefing to learn:
The areas that risk managers commonly...
The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
The Government Accountability Office is urging the U.S. government to respond more rapidly to cybersecurity issues, especially in the wake of the SolarWinds supply chain attack that led to the breach of nine federal departments as well as about 100 companies.
Eleven U.S. senators are raising concerns about the Department of Energy's cybersecurity readiness as the department continues to investigate a breach related to the SolarWinds supply chain attack.
Left unsaid in Fat Face's "strictly private and confidential" data breach notification to affected customers this week was any indication that the fashion clothing retailer had paid a reported $2 million ransom to the Conti gang to unlock its systems. Fat Face has now confirmed the ransomware hit.
A third-party claims administrator of health and social services programs for the elderly apparently paid a ransom to Netwalker attackers about a month before global law enforcement officials disrupted the gang in January.
The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report.
The U.S. electrical grid's distribution systems that deliver electricity directly to customers are increasingly prone to cyberthreats, and the Department of Energy needs to do more to protect this critical infrastructure, according to a GAO audit.
With the explosion of remote business, we are now digitizing many of our documents and processes. Entrust’s Jay Schiavo explains what new mindset this shift requires, what’s needed to ensure document authenticity and integrity.
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
In an eye-opening look at the cost burden of a ransomware attack, Universal Health Services reports that an incident last September had a $67 million economic impact - citing, for example, the need to divert patients to competing facilities for urgent care. But insurance may cover much of the cost.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
