Another proposed federal class action lawsuit alleges Facebook uses its Pixel tracking tool to collect millions of individuals' sensitive health data from healthcare provider websites without patients' knowledge or consent. HIPAA prohibits the use of PHI for marketing purposes without consent.
Here's unwelcome ransomware news: When a ransomware victim chooses to pay a ransom, the average amount has increased to $228,125, reports ransomware incident response firm Coveware. On the upside, however, big-name ransomware groups are having a tougher time attracting affiliates.
Fifty bucks gets cybercriminals access to a phishing-as-a-service platform for campaigns impersonating major brands in the United States and other English-speaking countries. Researchers from IronNet say the prices offered on "Robin Banks" are substantially less than comparable service providers.
Microsoft is revealing details of an advanced spyware campaign in a bid to neutralize its effectiveness. It fingers Austrian firm DSIRF as responsible for coding malware known as "Subzero," which Microsoft researchers dub "Knotweed." Pressure is mounting on companies that supply spyware apps.
Since the decline and fall of the Conti ransomware brand earlier this year, LockBit appears to have seized the mantle, listing more victims on its data leak site than any other. Experts say the group's focus on technical sophistication and keeping affiliates happy remain key to its success.
The chairman of the U.S. House Intelligence Committee vowed more action against makers of advance spyware such as Israel's NSO Group while witnesses pressed the panel to commit the intelligence community's resources to disrupting spyware companies.
A nice $10 million awaits tipsters capable of providing the U.S. federal government with information leading to the identification of state-sponsored hackers who attack systems vital to America's day-to-day operations. Of special interest are hackers employed by North Korea.
A recent Securities and Exchange Commission filing by Tenet Healthcare, a major Dallas-based healthcare delivery organization, provides the latest public peek into the hefty impact a disruptive cyber incident can have on a healthcare entity's finances.
Michael Alan Stollery, the chief executive of Titanium Blockchain, pleaded guilty in U.S. federal court to securities fraud in a scheme involving a fraudulent cryptocurrency initial coin offering in which $21 million was stolen. Stollery faces up to 20 years of imprisonment.
Cybersecurity doesn’t have competitors, it has adversaries. They react to every defense we put in place and seek new ways to achieve their aims - whether they be cybercrime, espionage, or hacktivism. The attackers are innovative, and they share new ways to exploit any vulnerability, so defenders need to share...
A music streaming blockchain service patched a bug on a smart contract that had gone undetected since 2020. An attacker used it to steal $AUDIO crypto tokens worth nearly $6 million and sold them for more than $1 million. The vulnerability wasn't detected by multiple smart contracts security audits.
Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.
First National Bank Omaha (FNBO) is a subsidiary of First National of Nebraska. It is the largest privately held bank subsidiary in the United States. Before Pindrop, FNBO relied heavily on one-time passwords (OTPs) even with genuine customers. Within the first year into the Pindrop relationship, FNBO experienced...
A scan of Russian servers led researchers to follow a trail of digital breadcrumbs to find a server with "smoking gun" evidence of connection to MedusaLocker ransomware. The malware has especially affected the healthcare industry. Attack surface risk firm Censys detailed its findings in a report.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.