Point32Health, which provides health plans to millions of New Englanders and is Massachusetts' second-largest health insurer, is still struggling to recover 10 days after it identified a ransomware attack that forced the company to take many of its IT systems and functions offline.
An affiliate of the Russian-speaking Clop ransomware-as-a-service gang and the LockBit cybercrime group are each exploiting vulnerabilities in popular print management software. PaperCut began urging customers to update their software earlier this month after customer reports of suspicious activity.
Automated XDR platforms are increasingly sought after as organizations grapple with tool sprawl and the complexity of their security stack. But is there a risk of XDR platforms becoming a single point of failure? Microsoft Senior Director Scott Woodgate emphasized building "resiliency" for XDR.
Between April 21 and 27, hackers stole $1.8 million from Merlin, $22,638 from Kucoin and $170,000 from Trust Wallet and attacked UniSat Wallet. The U.S. indicted two men for DPRK-linked money laundering, and a U.K. parliamentary panel heard plans to curb cybercrime with better crypto seizure skills.
Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. In the days between April 21 and April 27, the spotlight was on the arrest of a Ukrainian trafficker in stolen data, a U.S. Navy shipbuilder and incidents in Canada, India and Kenya.
Changes to FedRAMP regulations will have a major impact on cloud services providers, compliance and cybersecurity controls, said Tony Bai, director, federal practice lead, at A-LIGN. Bai offers insight on navigating the U.S government authorization requirements as well as the StateRAMP program.
Hackers are attempting to infect a consumer-grade Wi-Fi router model with Mirai botnet malware following the discovery of zero-days in the device in a December hacking competition. TP-Link released a patch in mid-March. Telemetry shows infections in Eastern Europe and elsewhere.
Cybersecurity incidents can have high-profile impacts on the business - from schools to hospitals. But many incidents that disrupt businesses don’t make front-page news. SEI Sphere's Mike Lefebvre said it's time for security vendors to act as fiduciaries - in the best interests of their clients.
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. A group's newly dubbed "Educated Manticore" is sending Iraq-themed bait to coax deployment of an implant known as PowerLess.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
An Indian court convicted 11 people for their roles in the North Korean heist of $13.5 million in 2018 from Pune-based Cosmos Cooperative Bank. The United Nations attributed the thefts to North Korea, which uses criminal activity, including financially motivated hacking, to obtain hard currency.
The United Kingdom should augment its cryptocurrency asset seizure abilities as part of an effort to combat ransomware and other cybercrime, a parliamentary panel heard. The rate of seizures is not commensurate with the level of crypto adoption, said Aidan Larkin, CEO of Asset Reality.
Ransomware attackers are constantly evolving, hitting and severely hampering even the most sophisticated targets, says Jon Miller, CEO and co-founder of Halcyon. The incidents "are almost on the edge of growing out of control," he said. "I don't feel as an industry we've gotten ahead of them."
ChatGPT may be grabbing headlines, but many security practitioners are still skeptical about AI. ISMG editors at the RSA Conference 2023 in San Francisco discuss the hot topics this year, from the looming risk of the metaverse and our reality to the latest approach to cloud development.
The United States' second-highest-ranking prosecutor said the Department of Justice has pivoted its security strategy from pursuing courtroom victories to preventing and disrupting cybercrime. Lisa Monaco said Justice officials now put victims at the center of their cybercrime response.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.