Hackensack Meridian Mountainside Medical Center in Montclair, New Jersey is among the Ardent Health hospitals still affected by a Thanksgiving Day ransomware attack. (Image: Hackensack Meridian Health)

Thanksgiving Day Attack on Ardent Health Serving Leftovers

Marianne Kolbasuk McGee • November 28, 2023

Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.

Fraud Management & Cybercrime

CISA Releases Health Sector Vulnerability Mitigation Guide

Latest

Security Information & Event Management (SIEM)

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Michael Novinson • November 28, 2023

Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk has driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. It hit the $100 million ARR milestone last quarter thanks to LogScale's search speed, data gravity and cost efficiency.

Critical Infrastructure Security

Iranian Hacking Group Attacks Pennsylvania Water Authority

Chris Riotta • November 28, 2023

The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as "Cyber Av3ngers" that targeted a small municipal water authority in Pennsylvania over its use of Israeli-owned software, according to officials.

Government

Second Front Raises $40M to Support More Classified Networks

Michael Novinson • November 28, 2023

A vendor focused on fast-tracking government access to commercial software closed its Series B funding round to support more classified and regulated environments. The $40 million will allow Second Front Systems to support additional bespoke networks in the U.S. Defense and National Security space.

Email Security & Protection

Proofpoint Snags Former VMware President Sumit Dhawan as CEO

Michael Novinson • November 28, 2023

Proofpoint landed top VMware lieutenant Sumit Dhawan as its new chief executive just days after the cloud and virtualization giant was acquired by Broadcom. The Silicon Valley-based email security firm said it liked Dhawan's track record of building security, cloud and end-user computing businesses.

Business Continuity Management / Disaster Recovery

Insights From Israel: Guy Shafir, WideOps

Tom Field • November 28, 2023

DDoS and other cyberattacks against media outlets and critical services are what Guy Shafir, CTO of Israeli tech vendor WideOps, has been dealing with since the start of the terrorist attacks in Israel on Oct. 7. Shafir shared details about the response to these intense attacks.

Cybercrime

Police Bust Suspected Ransomware Group Ringleader in Ukraine

Mihir Bagwe , Mathew J. Schwartz • November 28, 2023

Police have arrested a group of criminals in Ukraine, including their alleged ringleader, who they suspect launched ransomware attacks against organizations across 71 countries, amassing at least 1,800 victims, from which they demanded ransoms collectively worth hundreds of millions of dollars.

Active Directory

Mapping Access - and Attack - Paths in Active Directory

Steve King • November 28, 2023

A directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active Directory.

Data Loss Prevention (DLP)

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

Michael Novinson • November 27, 2023

Zscaler infused generative AI features into its data protection bundles and is introducing AI-powered products that quantify risk and predict breaches, said CEO Jay Chaudhry. The cloud security firm enhanced its data protection policies for AI/ML apps and tools to lower the likelihood of data loss.

Artificial Intelligence & Machine Learning

US, UK Cyber Agencies Spearhead Global AI Security Guidance

Akshaya Asokan , Chris Riotta • November 27, 2023

Nearly two dozen national cybersecurity organizations on Sunday urged AI developers to embrace "secure by design" and other preventive measures aimed at keeping hackers out from the mushrooming world of AI systems. The United Kingdom and United States spearheaded its development.

Endpoint Security

Udderly Insecure: Researchers Spot Cow-Tracking Collar Flaws

Mathew J. Schwartz • November 27, 2023

Not even dairy cows appear to be safe from internet of things flaws, researchers report after reverse-engineering health-monitoring collars for cows and finding they could eavesdrop on and alter data. Once addressed by the manufacturer, they said the non-updateable collars would have to be replaced.

API Security

ISMG Editors: Will Federal Budget Cuts Bite US Security?

Anna Delaney • November 24, 2023

In the latest weekly update, the former federal CISO, Grant Schneider, joins three editors at ISMG to discuss important cybersecurity issues, including advice for the next White House cyber director and liability concerns facing CISOs following SolarWinds and its CISO being accused of fraud.

Critical Infrastructure Security

Breach Roundup: Filipinos Under Fire From 'Mustang Panda'

Anviksha More • November 23, 2023

This week, Chinese-affiliated hackers targeted the Philippine government; Kansas courts confirmed data theft; officials warned of exploited flaws in Sophos, Oracle and Microsoft software; AutoZone disclosed a Clop ransomware attack; and Optus' CEO resigned after a network outage.