Count Log4Shell among Chinese hackers' favorite vulnerabilities, federal agencies say in a compilation of top exploits used by Beijing for state-sponsored cyber theft and espionage. Chinese state-sponsored hacking remains "one of the largest and most dynamic threats," warn the FBI, NSA and CISA.
Crypto exchange Binance restored operations on its BSC Token Hub smart contract early Friday, hours after a $568.6 million hack. It upgraded the vulnerable contract in a new version and shared plans for potential measures to address this incident and increase security measures.
In the latest weekly update, ISMG editors examine the story of a Maryland couple facing charges for giving military medical records to Russia, the sentencing of a former Seattle tech worker for her massive Capital One hack, and why David Hatfield resigned as co-CEO of cloud security vendor Lacework.
U.S. President Joe Biden will mount the third attempt to normalize commercial trans-Atlantic data flows by signing an executive order implementing privacy safeguards on American intelligence gathering. The order follows nearly two years of negotiations between Brussels and Washington.
Crypto exchange Binance paused its smart contract platform Binance Smart Chain after a hacker exploited an internal verification vulnerability to steal cryptocurrency from its cross-chain bridge. Binance has acknowledged a theft of at least $100 million; PeckShield says hackers stole $586 million.
The latest edition of the ISMG Security Report discusses how adversaries have a new favorite tactic to circumvent MFA, why vendor Akamai is an appealing target for private equity, and what the industry can do differently to attract more females to leadership roles.
What if you were hired for an office job but ended up negotiating with cybercriminals? There aren’t many rules around ransomware, but this is a story about one rule that was definitely broken. By the end, the path to the truth led to a place on the other side of the world where no one wanted to be.
Made up of 3,000 public utilities, the U.S. power grid has many weak links in its cyber defenses. Regulators can fine utilities for service outages, but a proposed federal program and recent Purdue University study say financial incentives will help firms make the right security investments.
A Baltimore, Maryland-based healthcare organization has agreed to spend nearly $8 million improving and maintaining its data security as "injunctive relief" to settle a class action lawsuit involving two data breaches that affected a total of about 540,000 individuals.
Security operations stalwart Arctic Wolf has taken on more than $400 million in debt to pursue acquisitions in the cloud, SIEM, endpoint and XDR markets. The money will fuel an upcoming launch in the Asia-Pacific region and expansion in markets such as South Africa, Benelux and the Nordics.
Lloyd's of London is probing a possible cybersecurity incident that led it to yank some systems offline. Details are scarce at the moment, including whether the incident is malicious or involves ransomware and who may have instigated the incident.
If exploited, a hard-coded credential vulnerability in certain BD medical laboratory equipment used for cancer screenings could allow an attacker to access, modify or delete sensitive patient information, the manufacturer and federal authorities warn.
Police arrested a teenager in his suburban Sydney home for allegedly attempting to extort AU$2,000 from victims of the Optus data breach. The unnamed 19-year-old allegedly threatened to conduct financial crimes using the information of 93 individuals unless he received a payout.
The January memorandum from President Biden’s Office of Management and Budget calls for adopting multifactor authentication that includes the verification of device-based security controls, continuous monitoring, and authentication and mandates a switch to phishing-resistant MFA by January 2023.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.