In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.
Lessons learned by first responders' efforts to deal with natural disasters can be applied to cyberattack responses, according to organizations that have teamed up to launch a cybersecurity first responder credentialing program - a first step toward creating a network of pros to help respond to cyberattacks.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Forefront Dermatology S.C., a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a recent hacking incident. The attack apparently involved a ransomware strain known as "Cuba."
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
Extended detection and response, or XDR, can play an important role in improving the detection of ransomware and supply chain attacks, says Peter Firstbrook of Gartner.
Attackers have been exploiting a zero-day flaw in SolarWinds' Serv-U Managed File Transfer Server and Serv-U Secured FTP software, the security software vendor warns. The company has released patched versions that mitigate the flaw, discovered by Microsoft, and is urging users to update.
Clothing retailer Guess suffered a ransomware attack and data breach earlier this year that exposed personal information - including Social Security numbers, driver's license and passport numbers, and financial details - for an unspecified number of individuals.
A supply chain ransomware attack affecting more than 1.2 million individuals is among the largest health data breaches reported to federal regulators so far this year.
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at the group's online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don't appear eager to...
After weeks of delays and political infighting, the U.S. Senate unanimously approved Jen Easterly to serve as director of the Cybersecurity and Infrastructure Security Agency. CISA has been without a permanent leader since former President Donald Trump fired Christopher Krebs in November 2020.
The insurance company CNA Financial Corp. has acknowledged that the cyber incident the company sustained in March was a ransomware attack and that it has notified 75,000 individuals that their data may have been compromised
Investment banking giant Morgan Stanley is the latest company to report a data breach tied to zero-day attacks on Accellion's legacy File Transfer Appliance - yet another indicator of the sustained impact of supply chain attacks.
This edition of the ISMG Security Report features three segments on battling ransomware. It includes insights on the Biden administration's efforts to curtail ransomware attacks, comments on risk mitigation from the acting director of CISA, plus suggestions for disrupting the ransomware business model.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.