Banner Health Breach Lawsuit Settled

Marianne Kolbasuk McGee • December 9, 2019

A federal court has granted preliminary approval of a multi-million dollar settlement of a consolidated class action lawsuit filed against Banner Health in the wake of a massive 2016 breach of healthcare and financial information. Here's a rundown of the details.

Artificial Intelligence & Machine Learning

Sentara Hospitals' HIPAA Settlement: Why $2.2 Million?

Latest

Business Continuity Management / Disaster Recovery

Decryptor Bug Means Ryuk Victims Stuck in Ransomware Rut

Jeremy Kirk • December 10, 2019

Emsisoft has spotted a buggy decryptor for the Ryuk ransomware and developed a custom tool to fix it. But victims will still have to pay the ransom to recover files.

Encryption & Key Management

Quantum-Proof Cryptography: What Role Will It Play?

Suparna Goswami • December 10, 2019

CISOs need to begin investigating the use of quantum-proof cryptography to ensure security is maintained when extremely powerful quantum computers that can crack current encryption are implemented, says Professor Alexander Ling, principal investigator at the Center for Quantum Technologies in Singapore.

Governance

FTC Sanctions Defunct Cambridge Analytica: So What?

Mathew J. Schwartz • December 9, 2019

The U.S. Federal Trade Commission has sanctioned data analytics firm Cambridge Analytica for misusing Facebook users' personal details as part of voter-targeting campaigns. Just one problem: The firm declared bankruptcy in May 2018. Meanwhile, voter microtargeting continues unchecked.

Finance & Banking

A $200,000 Internet Fraud: Will Anyone Investigate?

Jeremy Kirk • December 9, 2019

Internet crime has grown so rapidly that law enforcement is outpaced. Here's the story of how a Manhattan doctor lost $200,000 in an internet scam, and why he's struggling to get law enforcement's attention.

Artificial Intelligence & Machine Learning

8 Takeaways: Black Hat Europe's Closing 'Locknote' Panel

Mathew J. Schwartz • December 8, 2019

Security experts speaking on the ending "locknote" panel at this year's Black Hat Europe highlighted trends from the conference, including the rise of fuzzing, simplification via the cloud, increasing vendor transparency as well as the industry too often still failing to focus on the basics.

Account Takeover

Two Russians Indicted Over $100M Dridex Malware Thefts

Jeremy Kirk • December 6, 2019

Two Russian men have been charged with stealing more than $100 million from banks around the world using the notorious Dridex malware, according to an unsealed U.S. indictment that caps off a decade-long investigation led by American and British law enforcement agencies.

Critical Infrastructure Security

How the Adversarial Mindset Is Making Cybersecurity Better

Mathew J. Schwartz • December 6, 2019

Applying offensive hacking expertise and a more adversarial mindset to better hone not just network defenses but also public policy is proving effective, says Jeff Moss, founder and creator of the Black Hat conference.

Endpoint Security

Analysis: Smart TV Risks

Nick Holland • December 6, 2019

The latest edition of the ISMG Security Report offers an analysis of the FBI's security and privacy warnings about smart TVs. Also featured: discussions on the security of connected medical devices and strategies for fighting synthetic identity fraud.

Cybercrime

Skimming Campaign Leveraged Heroku Cloud Platform: Report

Akshaya Asokan • December 5, 2019

Several e-commerce sites were targeted with a card skimming campaign that used the Salesforce-owned Heroku cloud platform to host skimmer infrastructure and stolen credit card data, according to a new report from the security firm Malwarebytes.

Governance

GOP Federal Privacy Bill Would Supersede CCPA

Suparna Goswami • December 5, 2019

After several moves by Democrats to introduce federal privacy legislation, Republican Senator Roger Wicker on Tuesday unveiled a draft consumer privacy bill, the United States Consumer Data Privacy Act of 2019, that would override various state laws on privacy, including the California Consumer Privacy Act.

Endpoint Security

Cybersecurity Defenders: Channel Your Adversary's Mindset

Mathew J. Schwartz • December 4, 2019

A clear theme Wednesday throughout the first day of the Black Hat Europe conference was the importance of approaching the design and defense of networks and systems by thinking like the enemy.

Endpoint Security

FBI Warns of Smart TV Dangers

Jeremy Kirk • December 4, 2019

The FBI has a new suspect in its sights, and there's one in nearly every home: smart TVs. It warns consumers to be wary because the devices can pose privacy and security threats - an unsecured smart TV could be the avenue hackers use to gain access to a home network.