Medical Workers Plead Guilty to PHI Access-Related Crimes

Marianne Kolbasuk McGee • December 6, 2021

A medical biller in Florida and an emergency medical technician in New York have each pleaded guilty in two separate federal cases involving the criminal misuse of patient information. One case involved healthcare fraud and identity theft, and the other criminal HIPAA violations.

Incident & Breach Response

Pfizer Alleges Worker Took COVID Vaccine, Trade Secrets

Latest

Breach Notification

Incident Response: Best Practices in the Age of Ransomware

Mathew J. Schwartz • December 6, 2021

Good news on the breach prevention and incident response front: More businesses are getting more mature practices in place, although as attackers continue to improve their efforts, so too must defenders, says incident response expert Rocco Grillo of consultancy Alvarez & Marsal.

Cyberwarfare / Nation-State Attacks

Mandiant: SolarWinds Attackers Continue to Innovate

Prajeet Nair • December 6, 2021

A suspected Russian group blamed for the SolarWinds compromise in 2020 is continuing to innovate and is infiltrating technology services and resellers, according to a new report from Mandiant. Mandiant says the group, which it calls UNC2452 and Microsoft calls Nobelium, practices "top-notch operational security."

Access Management

Missouri Governor's Hack Accusation Loses Steam

Jeremy Kirk • December 6, 2021

In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.

3rd Party Risk Management

Alert: 'Cuba' Ransomware Slams Critical Sector Organizations

Prajeet Nair • December 4, 2021

The FBI warns that the "Cuba" ransomware-wielding attackers have extorted $43.9 million in ransom payments from victims after compromising at least 49 organizations across five critical infrastructure sectors - financial services, government, healthcare, manufacturing and IT - since early November.

Endpoint Security

Report: NSO Group Spyware Found on State Department Phones

Dan Gunderman • December 3, 2021

Spyware from sanctioned Israeli firm NSO Group has reportedly been detected on at least nine iPhones belonging to U.S. State Department officials with "state.gov" email addresses, who are located in Uganda or whose work focuses on Uganda, according to Reuters.

Business Continuity Management / Disaster Recovery

Ransomware Operations Double Down on Data Leak Sites

Mathew J. Schwartz • December 3, 2021

Many ransomware-wielding attackers continue to rely on initial access brokers to easily gain deep access to victims' systems, allowing them to steal data and attempt to pressure victims into paying via data leak sites. Researchers say that the number of victims being listed on such sites has surged.

Account Takeover Fraud

ISMG Editors: Are We Close to Cracking Cybercrime Ecosystem?

Anna Delaney • December 3, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the FBI has seized bitcoins from an alleged REvil ransomware affiliate, how to mitigate risks from BIN attacks and the latest COVID-19 trends globally.

Business Continuity Management / Disaster Recovery

Need to Negotiate a Ransomware Payoff? Newbies: Start Here

Anna Delaney • December 3, 2021

The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.

Critical Infrastructure Security

Cyber Officials Outline Critical Infrastructure Protections

Dan Gunderman • December 2, 2021

Several cybersecurity officials charged with safeguarding U.S. critical infrastructure on Thursday outlined both current progress and the complexity of today's network defense. Oversight officials also testifying before the House discussed top-line items that remain outstanding among major agencies.

Business Continuity Management / Disaster Recovery

FBI Seizes Bitcoins From Alleged REvil Ransomware Affiliate

Mathew J. Schwartz • December 1, 2021

The FBI has seized 39.9 bitcoins worth $2.3 million from an alleged affiliate of the notorious REvil - aka Sodinokibi - ransomware group. A forfeiture notice filed by the government accuses Russian national Aleksandr Sikerin of having amassed the cryptocurrency via victims' ransom payments.

Access Management

The ROI of Shift-Left Automated Testing

Information Security Media Group • December 1, 2021

Forrester evaluates the benefits of automated testing for the mainframe.

Access Management

The Evolution of Privileged User Monitoring for Mainframes

Information Security Media Group • December 1, 2021

Learn how the latest advances in privileged user monitoring can close windows of opportunity for attackers and keep business-critical data safe from credential theft, lateral attack movement, ransomware, and other threats.