Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?
The French government is pursuing a new law that will grant the country's law enforcement agencies sweeping power to snoop on suspected cybercriminals and other online miscreants by remotely accessing their phones and computers. The measure is now headed to the French National Assembly.
For the third time since the discovery of the MOVEit Transfer application zero-day vulnerability, Progress Software has revealed a new critical SQL injection vulnerability that allows remote attackers to bypass authentication and execute arbitrary code.
The personal information of nearly 35 million Indonesian passport holders is up for sale on the dark web for $10,000 by notorious hacktivist Bjorka, who routinely criticizes the Indonesian government, publishing damaging information about lawmakers on social media. The government is investigating.
In the latest weekly update, four editors at ISMG discuss highlights from recent ISMG events, the winners and losers in Forrester's first-ever network analysis and visibility rankings, and the ongoing tech trade war between the U.S. and China and its impact on the global supply chain.
Granting third parties access to sensitive data introduces inherent risks that organizations must address effectively. So how does an organization best manage that third-party risk while balancing an organization's inherent need for usability?.
Ransomware continues to be the biggest threat to the European healthcare sector, but the region also is experiencing an uptick in distributed denial-of-service attacks tied to hacktivist groups, the European Union Agency for Cybersecurity warned.
This week, Charming Kitten targeted nuclear experts; over 130,000 solar energy monitoring systems are exposed; organizations confirmed a breach due to the MOVEit zero-day; Russian hackers took over a Ukrainian government agency's Facebook page; and a WordPress plug-in gave admin privileges to users.
A ransomware attack in May that and compromised the sensitive information of 319,500 individuals, including addiction treatment center patient data, has so far generated three proposed federal class action lawsuits against the Pennsylvania real estate firm that owns the medical group.
Legacy DLP is broken due to excess complexity, extended time to value and misalignment with security and business goals, said Next's Chris Denbigh-White. Addressing insider threats in a meaningful way is one of the biggest data protection challenges for organizations, he said.
International law enforcement agencies say they arrested the mastermind of a French-speaking cybercriminal syndicate dubbed Opera1er for carrying out more than 30 successful attacks against financial institutions, banks, mobile banking services and telecommunications companies.
Organizations need to adopt a creative approach when building policies around the legal, commercial and reputational risks raised by generative AI tools - such as with privacy, consumer protection and contractual obligations, said legal expert Anna King of Markel.
Every week, ISMG rounds up cybersecurity incidents in the digital assets world. This week, a Poly Network hacker stole $10 million, Belarus mulled banning P2P crypto payments, the Ethereum community proposed a new security standard and Russia raised $20 million in crypto.
The world is moving on from magnetic stripe payment cards, with one notable exception: the United States. Credit card issuers, banks and consumers agree the magnetic stripe is prone to hacking - so why is one of the largest markets for plastic payment still clinging to decades-old technology?
Ransomware believed to originate from the Russian LockBit 3.0 group locked up computer systems for the Port of Nagoya, Japan's largest cargo hub. The attack held up shipments of Toyota auto parts containers for two days, but the port reopened Thursday morning.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.