The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
Several security vulnerabilities in infusion pump products from B. Braun could collectively allow malicious actors to modify the dose of medicines delivered to patients, says Douglas McKee, a security researcher on a McAfee Enterprise team that recently discovered the flaws.
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
SEC Consult reportedly found multiple vulnerabilities in Moxa devices used in critical infrastructures including railways, manufacturing, cellular and heavy industries. Moxa has confirmed patching 60 vulnerabilities in its latest firmware update and issued mitigation advice for discontinued devices.
Cisco has released an urgent software update to fix a critical authentication bug that can allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator.
Cyber Command and the U.S. Cybersecurity and Infrastructure Security Agency issued alerts Friday warning those using Atlassian's Confluence and Data Center products that attackers are actively exploiting the critical remote code execution vulnerability CVE-2021-26084.
Autodesk, a California-based design software and 3D technology firm, now says it was one of several tech and security companies targeted by a Russian-linked group that carried out the supply chain attack against SolarWinds, according to a financial filing with the SEC.
Security firm Cisco Talos reported this week that cybercriminals have found a new way to make money from their victims, by abusing internet-sharing "proxyware" platforms such as Honeygain and Nanowire to illegally share their victim’s internet connection.
When Conrad Bell joined C Spire, the cybersecurity team numbered one - him. Today he has a thriving team. The VP and CISO explains how he built it, describes the skills he values and tells how this team is helping the telecommunications firm respond to today's daunting cybersecurity challenges.
DuPage Medical Group in suburban Chicago has been smacked with a lawsuit following its recent "network outage" health data breach, which was reported to regulators as potentially affecting the protected health information of more than 655,000 individuals.. What are plaintiffs alleging?
There’s no question: 2020 brought unanticipated changes and challenges for financial services. The notable surge in consumers’ use of websites and mobile apps for their banking transactions exposed critical gaps in our digital identity and authentication methods. Keith Swanson of SAS Institute outlines techniques...
As the United States heads into a holiday weekend, experts are warning that ransomware-wielding attackers are sure to unleash crypto-locking chaos in the coming days, with Conti ransomware attacks in particular having been rising sharply in recent weeks.
Ransomware is the result of a criminal blending technology's wonders: networking and encryption. It's a modern-day implementation of extortion, a crime as old as time. The Atlantic Council contends lessons from fighting past extortion schemes, such as plane hijackings, could help fight ransomware.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the emergence of new and rebranded ransomware groups practicing double extortion and supply chain security challenges in the oil and gas industry.
Ireland's privacy law enforcer, the Data Protection Commission, has hit WhatsApp with a 225 million euro ($266 million) fine, finding that it violated the EU's General Data Protection Regulation in part by not telling users how it was sharing their data with parent company Facebook.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.