Police have arrested a group of criminals in Ukraine, including their alleged ringleader, who they suspect launched ransomware attacks against organizations across 71 countries, amassing at least 1,800 victims, from which they demanded ransoms collectively worth hundreds of millions of dollars.
Cybercriminals are increasingly using supply chain attacks to distribute malicious software to devices. In this type of attack, attackers gain access to a company's account on a, such as GitHub, which is used to store source code and software files. The attackers then upload a malicious software package that looks...
Tennessee-based Ardent Health Services, which operates dozens of hospitals and other healthcare facilities in several states, said on Monday that it is dealing with a ransomware attack that has forced the entity to divert some patients and cancel or reschedule certain procedures.
In the latest weekly update, the former federal CISO, Grant Schneider, joins three editors at ISMG to discuss important cybersecurity issues, including advice for the next White House cyber director and liability concerns facing CISOs following SolarWinds and its CISO being accused of fraud.
European lawmakers slammed the EU executive branch's inaction after a parliamentary committee called for tougher rules designed to prevent spyware abuse across the trading bloc. More than half of European Parliament lawmakers backed a resolution demanding rapid action.
This week, Chinese-affiliated hackers targeted the Philippine government; Kansas courts confirmed data theft; officials warned of exploited flaws in Sophos, Oracle and Microsoft software; AutoZone disclosed a Clop ransomware attack; and Optus' CEO resigned after a network outage.
This week's cryptocurrency hack roundup features hackers stealing $87 million from Heco, Kronos reporting $25 million stolen via an API breach, regulators filing charges against Kraken, and feds charging three people with stealing $10 million and seizing $9 million tied to a pig-butchering scam.
North Korean state-affiliated hackers are continuing to exploit zero-days in popular software applications as part of global supply chain attack campaigns for espionage and financial theft purposes, British and South Korean cybersecurity and intelligence officials said.
The Asia-Pacific region will dramatically increase its investment in offensive and security tools over the next decade, amid a worsening threat landscape and rising losses, experts predict. Telemetry data from IBM and BlackBerry highlights a sharp rise in attacks against organizations in the region.
A report from the global financial services company Moody’s Corp. says the Industrial and Commercial Bank of China may suffer reputational damage to its financial services subsidiary after the unit was hit with a ransomware attack from the notorious Russian-linked cybercriminal group LockBit.
The hacktivist group SiegedSec has taken responsibility for a massive data breach targeting Idaho National Laboratory, a leading nuclear energy testing lab. Concerns are now growing over what data was stolen from the laboratory - and who might have access to it.
The world's largest cryptocurrency exchange will withdraw from the U.S. market after now-former chief executive officer Changpeng Zhao pleaded guilty to felony money laundering charges in a U.S. court and the company agreed to pay $4.3 billion into federal coffers.
Mobile banking Trojans spread through deceptive social media messages remain a problem for Indian smartphone users, warns Microsoft. India accounts for 4 in 10 global transactions made with digital payments, according to the National Payments Corporation of India.
Binance Chief Executive Changpeng Zhao will plead guilty to violating anti-money laundering statutes in U.S. federal court in a settlement ending an investigation into illicit transactions at the world's largest cryptocurrency exchange. The company will pay $4.3 billion in fines and forfeiture.
With experts warning that NetScaler ADC and Gateway devices are being exploited by nation-state and cybercrime groups, the manufacturer has again urged all users to "patch immediately" as well as terminate active sessions, which attackers can otherwise use to access devices even post-patch.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
