It's becoming more critical than ever for hospitals to have vigorous programs that continuously evaluate and address the security risks posed by third-party vendors, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Cryptocurrency hackers are shifting their focus from bitcoin to other tokens and newer blockchain services such as cross-chain bridges for illicit activity. Why is the oldest crypto token so unappealing to hackers these days, and what do other options offer? Ari Redbord of TRM Labs explained.
How bad is the breach of the MOVEit zero-day to businesses, government agencies and their customers? The short answer is that the known fallout from the Clop ransomware group attack already looks bad and keeps getting worse as ongoing investigations add to the victim count of 20 million people.
Microsoft estimates that each day threat actors attack 95 million Active Directory accounts. In the face of so many attacks, security teams should assume compromise and focus not just on securing Active Directory but also on recovery and resilience, said Semperis' Simon Hodgkinson.
The administrator of the now-defunct BreachForums has pleaded guilty to two counts of hacking and one count of child pornographic possession. Conor Fitzpatrick, 20, operating under the moniker Pompompurin, made nearly $700,000 running the criminal online forum for just under a year.
Cybercriminals may be using a generative AI tool called WormGPT to create convincing phishing emails to support business email compromise attacks. A new survey shows that 1 in 5 people fall for the fake, AI-generated emails, according to cybersecurity researchers.
Enterprise software firm JumpCloud says a sophisticated nation-state threat actor is behind a security incident that targeted a small and specific set of customers last week. JumpCloud reset all of its API keys, potentially affecting thousands of customers including Cars.com and GoFundMe.
In the latest weekly update, ISMG editors discuss the complex task of phasing out magnetic stripe payment cards and why the United States lags behind, the great debate over best of breed vs. a single platform vendor approach, and AI insights from Palo Alto CIO Meerah Rajavel.
To rethink security strategies, enterprises should tap into edge computing, adopt technologies such as generative AI and ensure "secure by default" practices, said Fastly Vice President Sean Leach. He discussed the evolving risk landscape and third-party providers' role in managing security.
This week, an IT security worker was sentenced for impersonating a ransomware gang, Deutsche Bank and other financial institutes were hit by Clop ransomware, USB drive malware attacks are on the rise in 2023, and a gaming company is investigating data breach claims and resetting users' sessions.
Threat actors are using dedicated mobile Android OS device spoofing tools to defraud customers of online banking, payment systems, advertising networks and online marketplaces globally. Resecurity observed cybercriminals using spoofing tools to exploit stolen cookies and access victims' systems.
Plaintiffs filed the first of what will likely be many more proposed class action lawsuits against HCA Healthcare just two days after the hospital chain publicly disclosed a hacking incident involving the posting of information for potentially 11 million patients on a dark web forum.
Between July 6 and 13, Multichain saw unauthorized outflow of $125 million, the DOJ announced its first DeFi smart contract-focused indictment, Silk Road boss Ross Ulbricht's aide and two others were sentenced, and the FTC and SEC turned up the heat on Celsius.
Cryptocurrency is the lifeblood of ransomware gangs, and their illicit use of crypto could hit record numbers this year. While overall crypto proceeds, including from crimes such as scams, fell dramatically over the past year, ransomware funds are expected to hit $899 million in 2023.
British prosecutors have accused two teenagers of several high-profile hacks while being part of the now-inactive, teenager-dominated Lapsus$ hacking group, clearing the way for their legal prosecution. The two suspects face charges related to blackmail, fraud and Computer Misuse Act violations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.