Two recent apparent ransomware attacks on health plans have potentially affected hundreds of thousands of individuals. One of the incidents allegedly involved the Conti ransomware group, and the other allegedly involved Hive. One of the health plans is already facing legal fallout.
Attackers who successfully infect targets with ransomware primarily first gain access by exploiting poorly secured remote desktop protocol or VPN connections or by using malware-laden phishing emails, reports security firm Group-IB, based on more than 700 attacks it investigated in 2021.
The latest edition of the ISMG Security Report analyzes the changes in the ransomware landscape one year after the attack on Colonial Pipeline. It also revisits the Ryuk ransomware attack on a school district in Illinois and examines common culprits hindering effective Zero Trust adoption.
To compete in the digital world, enterprises are not only looking to shed yesterday’s applications with flexible and modular cloud-based applications, but also to reimagine their processes to align with their cloud-first strategy. In this research, Everest Group presents an assessment and detailed profiles of IBM...
Alberto Hasson, the CISO at ICL Group, discusses how to avoid becoming the next victim of a ransomware or other malware attack. He outlines what defenders can do to close gaps in their defense strategies and how they can mitigate attackers' ever-evolving tactics.
North Korean information technology workers have been attempting to obtain employment in public and private sectors in the United States to fund their home country's weapons of mass destruction and ballistic missiles programs, according to an advisory from U.S. federal agencies.
Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.
Criminals are doubling down on their use of information-stealing malware, such as Cryptobot, RedLine Stealer and QuilClipper, to steal private keys and siphon off cryptocurrency being stored in internet-connected hot wallets or to raid cryptocurrency holders' online exchange accounts.
The Association of Certified Fraud Examiners, or ACFE, has released its study titled "Report to the Nations." Mason Wilder, research manager at the ACFE, shares some important findings from the report and discusses how occupational fraud is reported and which organizations are affected by it.
Ransomware group Conti, which has been holding to ransom crypto-locked Costa Rican government systems since April, has claimed on its leak site Conti News that it has "insiders" in the country's government, and that they are working toward the compromise of "other systems."
Cyber Risk Analytics is Flashpoint's data breach research team that since 2013 has analyzed incidents and trends. Inga Goddijn, who heads that team, opens up on ransomware, Russia's invasion of Ukraine and why so much of successful defense still comes back to getting the basics right.
U.S. authorities have charged a cardiologist based in Venezuela with developing and selling multiple strains of ransomware, including Jigsaw and Thanos, as well as recruiting affiliates to use the crypto-locking malware against victims in return for a cut of any ransoms paid.
Trust is the currency of today’s digital economy. Businesses that earn and keep that trust, thrive – and those that don’t, struggle. With more than 5 billion users conducting their lives online, the opportunities for businesses to earn – and lose – trust are endless. In 2021, for the first time ever,...
In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.
In its most recent assault against a healthcare entity, ransomware-as-a-service operator AvosLocker claims to be behind an attack allegedly involving data theft from Texas-based CHRISTUS Health, which operates hundreds of healthcare facilities in the U.S., Mexico and South America.