Theresa Lanowitz, chief evangelist of LevelBlue, says healthcare governance teams struggle to differentiate between cyber resilience and cybersecurity, leading to misalignment between cybersecurity and business goals. This gap exposes data and organizational operations to cyberthreats.
Delta Air Lines' war of words against CrowdStrike and Microsoft over its extended IT outage continue to escalate, with the airline threatening litigation to recover $500 million in lost revenue and expenses. CrowdStrike and Microsoft have pledged to vigorously fight any such litigation.
This week, Royal ransomware, a French museum ransomware attack and a putative class action over a background check data breach. Singapore removed an app monitoring internet use on student devices, a warning over Cisco Smart Install, the upstart SharpRhino gang and an exposed Illinois voter database.
Progress Software said the U.S. Securities and Exchange Commission has dropped its probe into the business, launched after attackers exploited a zero-day flaw in its MOVEit secure file transfer software to steal data pertaining to over 2,770 organizations and 95 million individuals.
CrowdStrike has dismissed claims of negligence leveled at it by Delta Air Lines, which is threatening to sue after a faulty security software update led to days of IT disruption. In response, the cybersecurity vendor is asking why Delta's competitors recovered so much more quickly.
In the latest weekly update, Information Security Media Group editors discussed insights from IBM's data breach report, significant leadership changes at Check Point, and the potential impact of the upcoming U.S. election on federal cybersecurity policy.
This week, hackers exploited DNS flaws, Delta said the CrowdStrike outage cost it $500 million, the German BSI wanted the outage's root cause, the FBI said U.S. elections are safe from DDoS attacks, hackers exploited Google Ads, malware hid on Google Play apps, and a hacker stole Bausch Health data.
Australia's Western Sydney University said hackers exploited its Microsoft Office 365 environment to steal up to 580 terabytes of data. Breached data includes names, birthdates, health information, government identification documents, bank account information and superannuation details.
Data breaches continue to grow more costly, with the average cost of a breach hitting an all-time high of $4.9 million, driven by greater business disruption and post-breach customer support and remediation expenses, according to the latest annual Cost of a Data Breach Report from IBM.
The global IT outage triggered by a faulty CrowdStrike software update could lead to $400 million to $1.5 billion in payouts to cyber insurance policyholders, although the nonstandardized language used for such policies will make determining final losses a "lengthy process," analysts say.
Successful cybersecurity requires integrating people, processes and technology. According to Tyler Zito, senior solutions architect at Expel, without well-defined processes and communication, even advanced technology and skilled personnel can't effectively secure the enterprise.
CrowdStrike said nearly all of the Windows hosts disrupted by its faulty July 19 update are now fixed. The company said the flaw involved a relatively new threat detection feature that uses configuration data that "maps to specific behaviors for the sensor to observe, detect or prevent."
Friday's global computer outage caused by an update gone wrong from cybersecurity firm CrowdStrike continues to bring out hucksters seeking to capitalize on the incident. Hackers began milking it almost immediately, and self-proclaimed hacktivist group USDoD appears to be the latest.
This week, ICANN warned of phishing, BreachForums data was leaked, police arrested alleged pro-Russian hackers, the U.K shut down a DDoS booter site, the EU gave Meta a deadline, Russia decried U.S. sanctions, Verizon settled on breaches, and Windows 10 security support will end in October 2025.
Expect the healthcare and banking sectors to record the greatest direct losses in the U.S. as a result of the global disruptions caused by a faulty CrowdStrike software update crashing Windows systems, an underwriting agency reported, forecasting Fortune 500 direct losses of $5.4 billion.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
