An anesthesiology practice and an accounting firm are among the latest organizations reporting ransomware-related health data breaches. Meanwhile, other entities and vendors that serve the healthcare sector are dealing with their own challenges and fallout involving recent ransomware incidents.
Like CISOs everywhere, Dawn Cappelli of Rockwell Automation awoke last Friday to news about the Log4j vulnerability and the risk it posed to her company, customers and partners. Here is how she approached triage, response and capturing insights to be shared with other security leaders.
Botnet operators have launched DDoS attacks on devices that have not applied patches for two separate vulnerabilities, researchers say. One is a Mirai-based botnet dubbed Moobot, according to cybersecurity firm Fortinet, and the other is an unnamed Mirai-reminiscent botnet, according to Qrator Labs.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Ultimate Kronos Group, a U.S.-based multinational firm that provides workforce management and human resource management systems, says that its private cloud service has fallen victim to a ransomware attack. An executive with the company says service restoration may take "several weeks."
Accenture's State of Cybersecurity Resilience 2021 study finds that 55% of large companies are not effectively stopping cyberattacks, finding and fixing breaches quickly, or reducing the impact of breaches. Ryan LaSalle of Accenture Security discusses how to increase cyber resiliency.
Multiple security researchers have spotted threat actors already exploiting the Apache Log4j vulnerability by deploying Muhstik and Mirai botnets to target Linux devices. Their advice: Ensure to remove any existing compromise before patching, and expect this flaw to be exploited for the long term.
A Russian national has been sentenced to 48 months in prison for aiding a botnet scheme that infected victims' devices with malicious Kelihos malware and ransomware, according to the U.S. Justice Department.
Indian Prime Minister Narendra Modi's official Twitter account was compromised - for the second time - as part of a cryptocurrency scam. The account was "immediately secured" by Twitter, according to a tweet by the PM’s Office. Cyberlaw experts discuss where the onus of protection lies.
The Biden administration has announced that the U.S. and several allies have aligned to create the Export Controls and Human Rights Initiative, which puts stricter criteria around the export of certain offensive cyber tools, particularly those that end up in the hands of authoritarian regimes.
Federal regulators are warning healthcare sector entities worldwide that an authentication vulnerability in a variety of Hillrom Welch Allyn cardio products, if exploited, could allow attackers access to privileged accounts. Why is the flaw so worrisome for some healthcare IT environments?
COVID-19 has been a game changer - not just in how government agencies deliver services, but in how fraudsters try sneaking illegal access to them. Ryan Schaller, senior CIAM developer specialist at Okta, discusses these new faces of fraud and what state and local governments can do to combat them.
Cybercriminals are organized and work together as multi-billion dollar enterprises whose labs are equipped with the same security tools that you are using. They study these tools to identify and exploit weaknesses, and hide in the noise of the lower priority alerts that are generated. Learn how resolving all alerts...
Our security experts predict an action-packed year, and suggest you buckle your seatbelt. Get the latest on key trends, including:
Ransomware + supply chain = big new challenges.
Are cloud providers too ripe a target?
Threat intel is in for a makeover.
Most of what you need to know about security you’ve already...
Ransomware attacks are not only becoming more sophisticated, but also more frequent. Empower your enterprise by protecting them from malicious activity by learning to implement the most effective security strategies with the Microsoft security stack and staying ahead of impending cyberattacks.
Download this eBook to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.