Clinic Breach Affecting 200,000 Tied to Vendor's 2020 Attack

Marianne Kolbasuk McGee • January 14, 2022

A family medical practice is notifying nearly 200,000 individuals that their information was compromised in a 2020 ransomware attack on cloud hosting vendor Netgain Technology, an incident that also affected several of the vendor's other clients and hundreds of thousands of their patients.

3rd Party Risk Management

EHR Vendor Breach Lawsuit Seeks Security Improvements

Latest

Cybercrime

Russia Charges 8 REvil Ransomware Suspects After Raids

Mathew J. Schwartz • January 17, 2022

Russian authorities have charged eight individuals with crimes tied to the REvil ransomware operation, after raiding 25 properties and detaining 14 suspects, thanks in part to U.S.-shared intelligence. The White House says one of the suspects was also responsible for last year's attack on Colonial Pipeline.

3rd Party Risk Management

Accellion Agrees to $8.1 Million Breach Settlement

Prajeet Nair • January 15, 2022

More than a year after the December 2020 cyberattack on Accellion's File Transfer Appliance, the company has agreed to an $ 8.1 million settlement to resolve a class action against it following the data exposure that resulted in the theft of both consumer and patient data.

Application Security

ISMG Editors: Is 2022 the Year of the SBOM?

Anna Delaney • January 14, 2022

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of incident repose planning; the worldwide impact of the LOg4j flaw, which may lead to 2022 being the year of the SBOM; and the increasingly blurred line between conventional...

Cybercrime

Russia Arrests 14 Suspected REvil Ransomware Group Members

Mathew J. Schwartz • January 14, 2022

Russian authorities have arrested 14 individuals suspected of being part of the notorious REvil, aka Sodinokibi, ransomware operation. Russia's Federal Security Agency, the FSB, said it used intelligence provided by the U.S. to help identify the suspects.

Business Continuity Management / Disaster Recovery

Ukrainian Websites Defaced as Tensions With Russia Continue

Mathew J. Schwartz • January 14, 2022

Multiple government sites in Ukraine, as well as Swedish, U.K. and U.S. embassy websites, have been defaced with warnings to "be afraid and expect the worst." The defacements occurred after a week of "intensive" but unresolved talks between NATO and Russia, which continues to mass troops on Ukraine's border.

3rd Party Risk Management

Ransomware Gatecrashes the Apache Log4j Attack Party

Anna Delaney • January 14, 2022

The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.

3rd Party Risk Management

Why Third Parties are the Source of So Many Hacks

Isa Jones • January 14, 2022

Protecting your critical access points and assets should be the number one priority in your cybersecurity strategy.

Governance & Risk Management

Insider Threats are a Quiet Risk in your System

Isa Jones • January 14, 2022

No matter the root cause, the result is the same: reputation damage, fines, compliance issues, and of course the ripple effects that extend outward from a breach.

Governance & Risk Management

Zero Trust Is More Than A Buzzword

Isa Jones • January 14, 2022

Since no one is trusted in this model, insider and outsider access needs to be verified and authenticated each time a user logs into a system.

Application Security

White House Hosts Open-Source Security Summit With Big Tech

Dan Gunderman • January 13, 2022

In the wake of the explosive Apache Log4j vulnerabilities, the White House hosted tech leaders and federal agencies in a summit to discuss ways to improve open-source software security. The meeting was hosted by Deputy National Security Adviser for Cyber and Emergency Technology Anne Neuberger.

Business Continuity Management / Disaster Recovery

Ukraine Police Bust Ransomware Suspects Tied to 50 Attacks

Mathew J. Schwartz • January 13, 2022

Police in Ukraine have arrested five individuals on suspicion of using ransomware to extort more than 50 companies across the United States and Europe, as well as to provide an IP-changing service to international hackers to help them distribute malware, steal sensitive data and disrupt sites.

Application Security

Night Sky Ransomware Distributed via Log4j Exploits

Mathew J. Schwartz • January 12, 2022

Attackers wielding Night Sky ransomware are among the latest groups that have been attempting to exploit critical vulnerabilities in widely used Apache Log4j software. Microsoft says that among other attacks, a China-based ransomware operator has been exploiting Log4j flaws in VMware Horizon.