Police in London say they've arrested seven people that the BBC reports are tied to the Lapsus$ hacking group, which has claimed responsibility for data breaches involving Okta, Microsoft, Nvidia, Ubisoft and more. The names of the suspects, who are mostly teenagers, have not been released.
The U.S. Department of Justice has indicted a 23-year-old Russian national for operating a cybercriminal marketplace that sold thousands of stolen login credentials, PII and authentication tools, according to U.S. Attorney Brit Featherston of the Eastern District of Texas.
Why didn't Russia unleash major cyberattacks against Ukrainian critical infrastructure ahead of its invasion troop advance? While theories abound, some experts warn that, unfortunately, this war and its cost to human life is only set to get worse.
Anyone trying to make sense of data breach trends faces a transparency challenge. Too often, a lack of detail undercuts consumers' ability to assess their identity theft risk and businesses' ability to block emerging attacks or ensure that their supply chains remain secure.
Russian authorities have continued to arrest alleged administrators of multiple Russian-language cybercrime markets and communities, including Ferum Shop, Sky-Fraud and Trump's Dumps. It follows last month's arrest of suspected REvil/Sodinokibi ransomware affiliates based in the country.
In case anyone doubts that Russia is the epicenter of ransomware operations, follow the money, as Chainalysis finds that "roughly 74% of ransomware revenue in 2021 - over $400 million worth of cryptocurrency - went to strains we can say are highly likely to be affiliated with Russia in some way."
The arrest of a married New Yorker couple, charged with laundering bitcoins worth $3.6 billion that were stolen from a currency exchange in 2016, highlights the risk facing anyone who wants to launder large amounts of cryptocurrency and stay free long enough to enjoy their alleged rap career.
The U.S. Internal Revenue Service says it will pull back plans to use facial recognition for authentication of new users of its online accounts. The move comes amid concerns from Congress members and privacy advocates about cybersecurity, software bias and third-party transparency issues around the IRS' proposal to...
New York State Attorney General Leticia James detailed a credential stuffing investigation that showed the compromise of 1.1 million user accounts linked to "well-known" retail operations. The 17 companies involved reportedly agreed to put new measures in place to mitigate cyber risks.
Buckle up. The healthcare industry and consumers are heading into the New Year with indications of significant changes to the regulation and enforcement of health information privacy and security by the Department of Health and Human Services. What's in store?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the ransomware-as-a-service model shifted in 2021, the rise of fraud in faster payments and how to prevent it, and one CISO's take on the state of the industry.
Attackers continue to employ commercial penetration testing tools as well as "living off the land" tactics - using legitimate tools or functionality already present in a network - to exploit victims. Accordingly, organizations must monitor for both, to better identify potential intrusions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.