The newly relaunched HardBit 2.0 ransomware group is now demanding victims disclose details of their cyber insurance coverage before negotiating a ransom demand. The group, which has been active since 2022, has demanded that one victim pay $10 million in ransom, according to researchers at Varonis.
Will large language models such as ChatGPT take cybercrime to new heights? Researchers say AI for malicious use so far remains a novelty rather than a useful and reliable cybercrime tool. But as AI capabilities and chatbots improve, the cybersecurity writing is on the wall.
AT&T wants to unload its cyber assets just five years after doubling down on security through its $600 million purchase of threat intelligence vendor AlienVault. The Dallas-based carrier has been working with British banking firm Barclays to solicit bids for its cybersecurity business, Reuters said.
Lehigh Valley Health Network, which operates 13 hospitals and numerous physician practices and clinics in eastern Pennsylvania, says it has been hit with an attack by Russian-based ransomware-as-a-service group BlackCat. The network says it didn't pay a ransom and operations were not disrupted.
Ireland's child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive, which formerly managed Tusla's IT systems.
In the latest weekly update, ISMG editors discuss the ESXiArgs ransomware campaign that has snared 2,800 victims, the data breach reported in an SEC filing by a multistate hospital chain, and Check Point's building of SD-WAN capabilities that are integrated with the company's network security stack.
Threats from API and application vulnerabilities increased in 2022, but ransomware, human error and hygiene continue to pose the greatest threats to organizations, according to findings from CyberTheory's 2022 Performance Study. CyberTheory's Steve King shares how education can make a difference.
Attackers are continuing to target unpatched VMware hosts to infect them with ESXiArgs and RansomExx2 crypto-locking malware and hold them to ransom. VMware urges immediate updating, saying that the attacks don't appear to be targeting zero-day vulnerabilities but rather long-patched flaws.
A ransomware incident last fall that disrupted some of hospital chain CommonSpirit's operations for at least a month has cost the organization $150 million in lost revenue, remediation and other expenses so far. CommonSpirit also likely faces additional legal expenses.
Negotiations between the LockBit ransomware-as-a-service gang and Royal Mail appear to have broken down shortly after a postal representative called the criminal group's $80 million extortion demand "absurd." A LockBit ransomware attack incapacitated Royal Mail's international shipping operation.
The California city of Oakland is in a state of emergency as its response to a ransomware attack enters its second week. The attack did not affect emergency systems, including 911 dispatch and fire services, or the city's financial systems, the city says.
As ransomware continues to disrupt British organizations, the U.K. for the first time has sanctioned alleged cybercriminals, including accused Conti and TrickBot operators. Ransomware victims must conduct due diligence before paying any ransom, as violating sanctions carries severe penalties.
Ahead of RSA Conference 2023, Greg Day, a program committee member focusing on "hackers and threats," previews top themes at this year's event. Day, a member of the RSA Conference program committee, says one common theme is "old vulnerabilities and threat techniques being used in new environments."
The BlackCat ransomware-as-a-service group dumped more than 6 gigabytes worth of information stolen from Ireland's Munster Technological University staff. The Sunday dump appears to include sensitive data including staff medical diagnoses and student bank account information.
A previously unknown, self-proclaimed politically-motivated hacking group disrupted Israel's Technion University following a Sunday ransomware attack. Attackers, going under the name "DarkBit," took credit for the attack in a Telegram post accusing Technion of serving "an apartheid regime."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.