This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.
The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
Some 700 million records of LinkedIn users have reportedly been offered for sale on a hacker forum. The social media platform, and several security experts, say that the offering stems from the "scraping" of records from websites and not a data breach.
In a multinational effort led by the Dutch National Police, authorities seized servers and web domains used by DoubleVPN, a Russia-based company that allegedly provided a safe operating infrastructure for cybercriminals, according to Europol.
The Justice Department has filed seven new criminal charges against Paige Thompson, who is suspected of hacking Capital One in 2019, compromising the data of 100 million Americans, including exposing hundreds of thousands of Social Security numbers. If convicted, She now faces a possible 20-year sentence.
Deputy national security adviser Anne Neuberger says the White House is preparing to release additional details, including attribution, about the attacks that targeted vulnerable on-premises Microsoft Exchange email servers at government agencies and other organizations earlier this year.
The legitimate security penetration testing tool Cobalt Strike is increasingly being used by threat groups, especially those that are less technically proficient, according to a Proofpoint report. The security firm says the number of attacks using the tool rose by 161% from 2019 to 2020.
A government watchdog is urging NASA to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network, infrastructure and data. NASA, in turn, is working toward making some security improvements outlined by the GAO by the end of this year.
Microsoft recently released updates for its Edge browser, including a fix for a bypass vulnerability that could allow a remote attacker to bypass implemented security restrictions.
An unidentified hacking group is deploying a rootkit dubbed Netfilter, which is signed in as a legitimate Microsoft driver but used to affect gaming outcomes, researchers at German security firm G Data CyberDefense say.
The code used to build copies of Babuk ransomware - to infect victims with the crypto-locking malware - has been leaked, after someone posted the software to virus-scanning service VirusTotal. Whether the leak was intentional - perhaps a rival gang seeking to burn the operation - remains unclear.
Several proposed class action lawsuits against Scripps Health allege that a recent ransomware attack put personal and health information of nearly 150,000 individuals at risk for fraud. But one of the lawsuits claims that the network disruption also resulted in delay of critical patient care.
Security researchers at Eclypsium have reported that they had identified four vulnerabilities that could affect 30 million users of computer technology company Dell's laptops, desktops and tablets. The vulnerabilities have a cumulative CVSS score of 8.3 (high).
NIST has published its definition of "critical software" for the U.S. federal government as the standards agency begins fulfilling requirements laid out in President Biden's executive order on cybersecurity. The software part of the executive order looks to reduce the threat of supply chain attacks.
Owners of Western Digital My Book Live devices have seen their data remotely wiped by attackers targeting a flaw first detailed in 2019. But WD stopped supporting these devices in 2015, which is a reminder that the best way to secure some types of internet of things devices may be to discard them.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.