Every week, ISMG rounds up cybersecurity incidents around the world. This week, attackers hit European Investment Bank; a California pension fund suffered a cyberattack related to MOVEit; UPS Canada disclosed a data breach; and a new Android malware campaign spread GravityRAT spyware.
British law firms are at increased risk of being hacked due to a growing number of cybercrime-as-a-service groups, the country's top cybersecurity agency warned in a new advisory. Lawyer are under attack from cybercriminals, nation-state groups and ransomware gangs.
Researchers at AhnLab Security Emergency Response Center observed APT37 target South Korean individuals with spear-phishing emails to inject wiretapping malware. The state-backed cybercrime group primarily employs spear-phishing to compromise the devices of victims.
Fallout for Progress Software continues as hundreds of private and public sector organizations that use its MOVEit file transfer software face data breaches due to a zero-day attack. Some victims have filed a proposed class action suit in federal court, alleging poor security controls at Progress.
What does it look like when an attacker accesses your network, and how can you mitigate the threat before it becomes a crisis?
This eBook reveals the various ways a real-life attack played out within the environment of a healthcare business associate. It documents how the attack happened and the moves and...
The U.S. Department of Justice unveiled a new team - the National Security Cyber Section - to disrupt nation-state threat actors and prosecute them at the "earliest stages." NatSec Cyber will work closely with the DOJ's Computer Crime and Intellectual Property Section.
A service selling DDoS disruptions via a Mirai-based botnet called Condi is the latest to target consumer-grade Wi-Fi routers made by TP-Link with firmware not yet patched to fix a known flaw. Unusually, a recently spotted sample of Condi has been stripped down to target only that flaw.
A British cyber law that criminalizes hacking is outdated, hindering law enforcement action against cyber crooks, U.K. lawmakers heard during a parliamentary hearing on cybercrime. Graeme Biggar, the director general of the U.K's National Crime Agency, said it should be an offense to steal data.
Pro-Russian and self-declared "hacktivist" group Anonymous Sudan appears to use expensive online infrastructure to perpetuate distributed denial-of-service attacks, undermining its claim to be a volunteer group operating from an impoverished East African country.
This week, the list of MOVEit victims grew and now includes the U.S. government. Also, CISA and its global peers crowned LockBit the world's top ransomware threat, North Korean hackers copied a popular South Korean web portal, and an impersonation campaign used SEO techniques to target top brands.
Each year, billions of dollars are transferred in and out of money mule accounts to support a variety of money laundering schemes. But banks are now using machine learning and AI more effectively to spot mule accounts. Two experts shared the latest approaches and tools for beefing up AML programs.
After nearly a year during which it was thought to be dead, the notorious Emotet botnet roared back to life in November 2021.The malware has added several new abilities and features that make it more dangerous than ever.
Download this eBook to learn more about:
Why Emotet is more dangerous than ever;
A...
In the latest weekly update, four ISMG editors discuss highlights from Verizon's 16th annual Data Breach Investigations Report, what's on the mind of CISOs in Malaysia and the Philippines, and how the U.S. SEC sued crypto trading platforms Binance and Coinbase over securities violations.
The Supreme Court on Thursday narrowed federal prosecutors' ability to bring identity theft charges in an opinion holding that misuse of another person's identification must be the crux of a criminal offense "rather than merely an ancillary feature of a billing method."
A former employee of an Arizona hospital has been sentenced to federal prison and ordered to pay restitution to victims after pleading guilty to criminal HIPAA violations and his participation in an identity theft scam that compromised the data of nearly 500 patients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.