The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
A 2020 breach of US courts' digital docketing system was done by three foreign actors, said Rep. Jerry Nadler, D-N.Y., House Judiciary Committee chairman. Sen. Ron Wyden, a Democratic member of Senate Intelligence, said the U.S, Administrative Office of the Courts is hiding the attack's gravity.
Lisa Sotto of Hunton Andrews Kurth LLP joins three ISMG editors to discuss important cybersecurity and privacy issues, including data breach preparedness, the evolution of LockBit 3.0 and the potential impact of the Cyber Incident Reporting for Critical Infrastructure Act of 2022.
Federal regulators say credit unions should report cyber incidents within 72 hours, including those experienced by third-party vendors that process member data. Just five deposit, payment, and data processing service companies dominate the credit union market.
Ohio's top elections official plugged bug bounties as one way of ensuring the integrity of American elections. Secretary of State Frank LaRose, a Republican, told a congressional panel that Ohio was the first U.S. state to implement a vulnerability disclosure policy for its election systems.
A $2 billion fund to root out equipment from Chinese manufacturers Huawei and ZTE operating within small and rural U.S. telecoms isn't enough to cover costs, the Federal Communications Commission informed Congress. The program's full cost is closer to $5 billion, wrote FCC Chair Jessica Rosenworcel.
The Albanian government says a cyberattack forced the national e-services portal offline. The office of Prime Minister Edi Rama says the attack is similar to those seen in Ukraine and other European countries where there has been an uptick in cyberattacks following Russia's invasion of Ukraine.
Venable's Grant Schneider and Jeremy Grant and ISMG editors discuss progress at the U.S. federal level in developing legislation for digital identity, the significance of an 18% increase in funding for CISA in fiscal year 2023 and the challenges of expanding the use of software bills of materials.
Synthetic identity fraud can take eight to 12 months before resulting in mass fraud, meaning banks must leverage that opening to reauthenticate customers, says, Greg Woolf, founder and CEO of FiVerity. Synthetic IDs are often hard to detect, but "over a period of time, there are telltale signs."
Please don't pay ransoms, authorities continue to urge. Britain's lead cyber agency and privacy watchdog are now making that appeal directly to legal advisers, warning them that paying a ransom offers no data protection upsides and won't lessen any fine they might face.
It's been a year since President Biden's executive order that called out zero trust as a primary focus. Richard "Chit" Chitamitre of Corelight discusses the prevalent misunderstandings about zero trust, as well as use cases for how to embrace the framework and make measurable progress along the way.
The National Institute of Standards and Technology today announced a first group of encryption algorithms designed to withstand the assault of a future quantum computer. Selection of the four algorithms comes after six years of evaluation by the U.S. federal agency.
Building out a threat intelligence program is no easy feat for even the largest and most resource-rich organizations, and the challenges are only amplified for smaller companies that have limited budget or personnel, according to AJ Nash, ZeroFox's vice president of threat intelligence.
A popular line of portable electrocardiographs contains vulnerabilities that allow hackers to execute commands and access sensitive information, federal authorities warn. Device manufacturer Hillrom Medical has released a patch and coordinated disclosure with CISA.
Indian hyperlocal logistics provider Grab says it wasn't hacked by a Malaysian hacktivist group. DragonForce Malaysia posted last Saturday on Twitter and Telegram the purported details of Grab delivery personnel. The group is amid an active campaign dubbed OpsPatuk against Indian targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.