Access Health, Connecticut's health insurance exchange under the Affordable Care Act, experienced dozens of mostly small data breaches over about a 3 1/2-year period, and the vast majority involved one contractor, says an auditor report that recommends the exchange make improvements to data security.
Two teenage boys arrested and charged by the City of London Police in connection with its investigation into the Lapsus$ hacking group have been released on bail for an undisclosed sum. They are due to appear in Southwark Crown Court on April 29.
In the latest weekly update, four editors at ISMG discuss important cybersecurity issues, including the lessons we can learn from Okta's breach fallout and subsequent response, how the first NFT rug pull of 2022 has amounted to over $1 million, and the much-anticipated return to in-person events.
The disruption of tens of thousands of Viasat consumer broadband modems across central Europe on Feb. 24 when Russia invaded Ukraine may have involved "AcidRain" wiper malware, security researchers at SentinelOne report. Viasat says those findings are "consistent" with the known facts of the attack.
Tools and methodologies that have been helpful for global public health research might also provide better understanding of the root causes of cybercrime and the motivation of cybercriminals, especially as such crime has surged during the COVID-19 pandemic, says Stanley Mierzwa of Kean University.
Recent breach reports filed by a law enforcement benefits health plan, a healthcare staffing firm and a rural medical center are the latest examples of the diverse range of healthcare sector entities being targeted by cyberattackers. What do experts recommend?
Two serious remote-code-execution vulnerabilities have been discovered in VMware's widely used Spring, which is a platform for building online applications. With at least one of the vulnerabilities already being actively exploited, VMware urges immediate patching.
Hackers have allegedly managed to breach the infrastructure belonging to Russia's Federal Air Transport Agency, or Rosaviatsiya, and wiped out its entire database and files consisting of 65TB of data, including documents, files, aircraft registration data and emails from the servers.
Globant, the Luxembourg-based software development company, on Thursday confirmed that an undisclosed actor - reportedly Lapsus$ - has illegally accessed the company's code repository, containing source code associated with some of its clients.
Harold Moss, the CEO of Tautuk, has a background in building products, but many in cybersecurity do not come from a product background. In this interview with Brian Barnier, he discusses the importance of context, listening and collaboration for teams to understand creative and critical thinking.
This edition analyzes how hackers exploited a misconfigured VPN device, gained access to Viasat's satellite network and caused a massive outage in Europe as Russia's invasion of Ukraine began. It also examines the invasion's impact on financial services and how to modernize security operations.
Since threats are becoming increasingly hard to find, it's crucial that your cybersecurity practice adopts a strategy focused on proactive preparedness and takes actions - in advance of an attack - that harden and reduce the threat surfaces that hackers exploit. Adam Mansour of ActZero offers tips.
As Finnish technology giant Nokia announces it is ceasing sales in Russia over the war with Ukraine, the company is facing tough questions over how it helped enable a mass surveillance program that supports President Vladimir Putin's autocratic regime.
An apparent ransomware attack and alleged data theft by the Hive cybercriminal group has left Partnership HealthPlan of California struggling to recover its IT services for more than a week. The nonprofit says it is unable to receive or process treatment authorization requests.