Yes, you know they are coming. And yes, the fraudsters have raised their game. But that doesn't mean you can't stop socially engineered attacks before threat actors can pull off their scams. Mike Britton of Abnormal Security tells you how.
The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns. It says that there's also been a rise in tardy breach notifications containing little detail.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of product security, the impact of ransomware on healthcare sector entities during the pandemic and thinking about cybersecurity awareness creatively.
Apache HTTP Server users are being warned to install yet another patch, as a fix released Wednesday was incomplete and introduced a new flaw. The U.S. Cybersecurity and Infrastructure Security Agency has urged all users to update immediately, citing in-the-wild attacks exploiting Apache's software.
The latest edition of the ISMG Security Report features an analysis of the arrest of two suspects tied to a major ransomware group in Ukraine. Also featured: Introducing "The Ransomware Files" and defining the next-gen CISO.
The U.S. Department of Justice said this week it will pursue government contractors that fail to report cybersecurity incidents. The department also announced the formation of a Cryptocurrency Enforcement Team to prosecute the misuse of virtual currencies.
Federal regulators are warning healthcare and public health sector organizations of potential attacks by the ransomware group LockBit 2.0 and its affiliates. The group claimed credit for the August attack on consultancy firm Accenture. What preventative steps should healthcare sector entities take?
U.S. lawmakers have introduced legislation that would require the reporting of ransom payments within 48 hours of the transaction. The bill would also require DHS to create a voluntary website to log ransom payments and task the department with studying ransomware and cryptocurrencies.
Who had heard of Syniverse before it recently disclosed a five-year breach, potentially exposing call-routing data and text messages for hundreds of mobile phone networks? The incident is just the latest supply chain attack to hit a lesser-known but nevertheless critical service provider.
The expanded recall of insulin pump devices due to vulnerabilities that pose the risk of injury or death to patients and a recent malpractice lawsuit alleging that the effects of a ransomware attack led to a baby's death are the latest warnings of dangers posed by security issues in medical gear.
Apache, a popular open-source web server software for Unix and Windows, says it has fixed a zero-day vulnerability in its HTTP server that it says has been exploited in the wild. The path traversal and file disclosure vulnerability only affects Apache HTTP servers upgraded to version 2.4.49.
Cyber extortion through digital means is nothing new, says U.K.-based cybersecurity expert John Walker, but the concerning aspect of today's ransomware attacks is that they are "low-cost in the macro sense and so easy to achieve."
Telecommunications service provider Syniverse, which routes 1 trillion messages annually for many of the world's mobile phone carriers, has disclosed a five-year breach of its systems, which handle call metadata and text messages. Experts say the exposed data poses serious criminal and espionage risks.
Some of the highest-ranking cybersecurity officials in the U.S. government discussed the pervasive threat of ransomware on Tuesday, likening it to a clear issue of national security with the ability to inflict measurable damage on major world powers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.