California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
State-backed Russian hacking groups are continuing to focus less on Ukrainian military targets and much more on civilian infrastructure, Ukrainian cybersecurity officials report. Since the start of the year, Ukraine's Computer Emergency Response Team has tracked more than 2,100 major hack attacks.
One of the primary healthcare systems in the northwestern Italian city of Alessandria has been listed as a recent victim of the Ragnar Locker ransomware group, which has leaked stolen data and appears to be continuing to try and extort the organization.
In the latest update, four ISMG editors discuss important issues of 2022, including: CISO Marene Allison's unique career path; Ukrainian government cybersecurity official Victor Zhora on lessons learned from countering cyberattacks; and insights from CEO Nikesh Arora of Palo Alto Networks.
Phishing and other socially-engineered schemes are going to get bolder, the attack surface is only going to get bigger, and enterprises everywhere are going to have to focus more on building cyber resilience. These are among the New Year's predictions from Zoom's new CISO, Michael Adams.
Hospitals must not only prepare in advance for ransomware and other debilitating attacks on their organizations, but also for responding to the effect of cyber incidents at neighboring facilities, says Dr. Christian Dameff of the University of California San Diego.
A cybercrime forum this week listed for sale what a seller purports to be 30 million passenger records for users of India's railways. The Indian Ministry of Railways denies that the Indian Railway Catering and Tourism Corp, is the source of any data breach, but says it's investigating.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.
Twitter has suffered its first major outage since Elon Musk bought the company in late October and began serving as its CEO. The outage lasted several hours The uptime problems come amid ongoing concerns about site security following last month's mass layoffs and cybersecurity staff exodus.
Many healthcare organizations struggle to recover from ransomware attacks, putting clinical procedures and patient safety in jeopardy during the process, says Steve Cagle, CEO of privacy/consulting firm Clearwater. "They need to think about how the technology is supporting the business," he says.
Everyone knows why criminals rob banks. But since most robbers are operating remotely, which tactics are cybercriminals actually employing and how often are they successful? Too often, it seems, thanks to phishing attacks, money laundering, ATM skimmers, malware and more.
As a CISO, your mission is to keep your organization ready to handle rising threats and build a strong security culture, but staying ahead of threat actors and risks can be a challenge.
Understanding the current threat landscape is crucial to preparing for today’s most significant risks. To help you stay ahead,...
Information Security Media Group asked some of the industry's leading cybersecurity experts about the trends to watch in 2023. Responses covered a variety of emerging threats and evolving trends affecting security technologies, leadership and regulation. Here is a look at the year ahead.
North Korean attackers are using phishing websites to impersonate popular NFT platforms and DeFi marketplaces to steal digital assets worth hundreds of thousands of dollars. They set up nearly 500 decoy sites, including one of a project associated with the World Cup and NFT marketplace OpenSea.
A critical Linux kernel vulnerability exposed the server message block protocol to remote hacking with highest privileges. The vulnerability received the maximum possible severity rating of 10 on the CVSS scale owing to the kernel-level code execution privileges it gave to the attacker.