The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
John Riggi, national adviser for cybersecurity at the American Hospital Association, and Carolyn Crandall, chief security advocate at Attivo Networks, explain why threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally.
Smartphones used by Spain's prime minister and defense minister were infected with Pegasus spyware built by Israel's NSO Group, government officials allege. The discovery follows human rights researchers finding Pegasus infections targeting Catalonians, likely traceable to the Spanish government.
As ransomware-wielding attackers continue to target businesses large and small, the organizations that respond best and escape most unscathed from such attacks are those that already have in place well-honed, rehearsed plans, says ransomware expert and attorney Guillermo Christensen of Ice Miller.
The Computer Emergency Response Team of Ukraine and the National Bank of Ukraine are warning of massive DDoS attacks against pro-Ukrainian targets. The intelligence service in Romania, SRI, also warns of a similar type of attack targeting sites belonging to its national authorities.
Recent incidents affecting the sensitive information of tens of thousands of individuals underscore the ongoing threats and risks facing organizations that handle health and other delicate personal information, including a community health center and a social services agency.
In this edition, four ISMG editors discuss important cybersecurity issues, including how virtual currency Monero is becoming the main alternative to Bitcoin as the crypto choice for criminals, the challenges involved in an identity-centric Zero Trust approach and how to influence change in culture.
Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
Ransomware attacks have come storming back after experiencing their typical end-of-the year decline. Security researchers report that the greatest number of known victms has been amassed by Lockbit, followed by Conti, Hive and Alphv/BlackCat.
There were no CISOs when Marene Allison started her career. There was not even a cybersecurity discipline. But starting with a distinguished stint in the military, she has progressed through the public and private sectors - including time with the FBI - to become CISO for Johnson & Johnson.
As one of the architects of Israel's offensive Red Team intelligence unit and Incident Response Team, Reuven (Rubi) Aronashvili, CEO of Israeli cybersecurity company CYE, provides a highly informed view of current cyberwarfare in the Russia-Ukraine war, including how it differs from kinetic warfare.
Double-extortion ransomware. Supply chain attacks. Weaponized zero-days. It's an advanced threat landscape, and it requires advanced defenses. Taylor Ettema of Palo Alto Networks outlines the key capabilities today's security solutions require to step up against the adversaries' ongoing innovation.
In this eBook...
The American Dental Association allegedly was hit with an attack by new ransomware group "Black Basta." ADA is the latest medical professional organization to have a cyber incident disrupt services and potentially affect members' information. Tenet Health also experienced a cyberattack last week.
Ransomware group Stormous, in a Telegram post on Monday, said that it has breached and exfiltrated 161GB worth of critical data from beverage manufacturing giant Coca-Cola. The soft drink company has told Information Security Media Group that it is investigating the claim.
The U.S. government on Tuesday announced a reward of up to $10 million for information pertaining to six alleged Russian military hackers tied to the 2017 NotPetya destructive malware campaign. The malware spread globally, causing commercial damage of up to $10 billion.