A Russian group that was behind the massive SolarWinds supply chain attack has returned with a fresh phishing campaign, according to Microsoft. This new campaign compromised a marketing firm used by the U.S. Agency for International Development - USAID - to send malicious messages to thousands.
Two China-linked threat groups are still exploiting unpatched flaws in Ivanti's Pulse Connect Secure VPN products, using additional malware variants to support cyberespionage, FireEye's Mandiant Threat Intelligence team says.
In this week's panel discussion, four editors at Information Security Media Group discuss cyber insurance, persistent ransomware attacks and whether ransom payments should be banned.
The latest edition of the ISMG Security Report features an analysis of the city of Tulsa's decision to refuse to pay a ransom following an attack. Also featured: Johnson & Johnson's CISO on shifting priorities; mitigating quantum computing risks.
The U.S. government should more closely collaborate with Big Tech companies to better respond to the surge in ransomware attacks and other cybercrimes hitting healthcare and other sectors, says crisis management and investigations attorney Bill Moran.
Another big wave of large breaches stemming from hacking incidents, including ransomware attacks, has flooded the federal tally of major health data breaches in recent weeks.
The Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government and take other security steps.
Belgium's interior ministry, Federal Public Service Interior, is investigating an attack against its network that appears to have the hallmarks of a cyberespionage campaign.
A threat group likely operating from Iran has been attacking Israeli targets for more than a year with the wiper variants Apostle and Deadwood, masking the intrusions as ransomware attacks to confuse defenders, according to SentinelOne.
More than five months after the SolarWinds supply chain attack came to light, federal agencies continue to struggle with supply chain security, according to a top GAO official who testified before a House committee.
Network intrusion displaced phishing as the leading hack-attack tactic last year, while ransomware continued to surge as the pandemic complicated incident response efforts, says BakerHostetler's Craig A. Hoffman, who describes trends from the 1,250 incidents his firm helped manage.
Carl Pei, co-founder of OnePlus, a smartphone company, said Tuesday that his Twitter account had been compromised via a third-party app called IFTTT and a tweet had been injected via his profile for an apparent cryptocurrency scam.
A Detroit man is the fourth individual to plead guilty in connection with hacking human resources databases at the University of Pittsburgh Medical Center and stealing the personally identifiable information of more than 65,000 UPMC employees, some of which was used to commit federal income tax fraud.
The U.S. Department of Homeland Security is preparing cybersecurity regulations for the oil and gas industry in the wake of the ransomware attack on Colonial Pipeline Co. that resulted in the company suspending operations for several days, according to The Washington Post.
Iran is using its abundance of oil to generate electricity that powers a massive bitcoin cryptomining operation that enables the country to turn its greatest natural resource into money, offsetting some of its income lost as a result of economic sanctions, according to cryptocurrency analysis firm Elliptic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.