A North Korean state-sponsored APT group targeted nearly 900 foreign policy experts from South Korea to steal their personal data and carry out ransomware attacks. Targeted individuals mainly had backgrounds in diplomacy, defense and security and were working toward Korean unification.
Everyone knows why criminals rob banks. But since most robbers are operating remotely, which tactics are cybercriminals actually employing and how often are they successful? Too often, it seems, thanks to phishing attacks, money laundering, ATM skimmers, malware and more.
Information Security Media Group asked some of the industry's leading cybersecurity experts about the trends to watch in 2023. Responses covered a variety of emerging threats and evolving trends affecting security technologies, leadership and regulation. Here is a look at the year ahead.
She has been a CISO almost longer than there has been cybersecurity. And now Marene Allison, CISO at Johnson & Johnson, eyes retirement and her next adventures. She reflects on her career, her accomplishments and what she wishes for her successor and the next generation of cybersecurity leaders.
Recorded Future has signed an agreement with Ukraine's Ministry of Digital Transformation to help protect the county's critical infrastructure against Russian physical and cyberattacks. The company can help detect novel strains of malware and command-and-control infrastructure run by the Russians.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
Ukrainian President Volodymyr Zelenskyy made a historic visit to Washington in a bid to shore up support during a critical moment. Behind the scenes, U.S. assistance includes strengthening Ukrainian cyber resiliency. Russian cyber operations remain a threat.
Thirteen bot farms transmitting pro-Kremlin messages across more than 1.5 million fake accounts are no longer operating after Ukrainian police raided their locations. Russia's attempted conquest of Ukraine is accompanied by heavy doses of online propaganda aimed at splitting support for Kyiv.
Security researchers at Palo Alto Networks say they identified an attempted hack on a large petroleum refining company based inside a NATO member that came from a threat actor known as Gamaredon and Trident Ursa. The Ukrainian government traces the group to a Russian FSB.
A phishing campaign against users of a Ukrainian battlefield awareness tool masqueraded as an email from a Ministry of Defense employee telling the users to update their digital certificates, says the Ukrainian Computer Emergency Response Team. The tool, dubbed Delta, is a digital map.
Chinese hackers are exploiting known vulnerabilities in a Citrix networking appliance and virtual private network. The products, Citrix ADC and Gateway, are popular in the healthcare sector. Left unpatched, attackers may execute ransomware attacks or steal intellectual property.
Assets kept behind air-gapped networks should be inaccessible, but researchers from Pentera describe how hackers use the DNS protocol as a command-and-control channel. To be truly safe, companies should isolate the DNS server used for air-gapped networks and filter traffic for anomalies.
Microsoft Office's use of Internet Explorer to render HTML is the gift that keeps giving for North Korean hackers. Security researchers at Google say they spotted a Pyongyang threat actor using a now-patched JavaScript engine flaw via a malicious Office document.
Russian actors may be more willing this winter to use digital tools to coerce and influence Europe away from its support of Ukraine, computing giant Microsoft warns. The Kremlin has at its disposal ransomware and active digital disinformation operations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.