This edition of the ISMG Security Report features an analysis of CISA's finding that agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by properly configuring firewalls. Also featured: Congressman discusses deterring nation-state attacks; insider threat mitigation tips.
The FBI is requesting $40 million in additional funding for its fiscal 2022 budget to help combat and counter ransomware attacks and other cyberthreats. The bureau is also requesting $15 million to help strengthen its internal security infrastructure as well as address network vulnerabilities.
Wolfe Eye Clinic, which operates diagnostic and surgical centers in 40 Iowa communities, is notifying 500,000 current and former patients that their data may have been inappropriately accessed during a recent ransomware attack. But the organization refused to pay a ransom.
Two cybercrime ecosystem cornerstones today are high-end bulletproof hosting services and ransomware, says Mark Arena, CEO of Intel 471. He notes that ransomware-as-a-service operations don't function like gangs or the Mafia, but rather as individuals collaborating "based on a culture of mistrust."
The recovery costs for the May ransomware attack on Health Service Executive, Ireland's publicly funded healthcare system, is likely to total $600 million, says Paul Reid, HSE's director general.
A newly identified threat group is using a repurposed version of REvil ransomware to wage attacks, according to security company Secureworks’ Counter Threat Unit.
Advanced persistent threat actors will continue to "up their game," including taking advantage of the COVID-19 pandemic even as its impact diminishes, says Kelvin Coleman, executive director of the National Cyber Security Alliance.
Customer identity and access management - CIAM - has taken off over the past year. But too many of the initiatives are limited in scale, says Dennis McDermott of OpenText. He shares key CIAM components and milestones.
Cybersecurity pioneer John McAfee, 75, was found dead in a Spanish prison cell Wednesday, hours after a Spanish court had authorized his extradition to the U.S. to face tax evasion charges, according to news reports.
Colonial Pipeline Co. now faces at least two lawsuits seeking class action status in the aftermath of a ransomware attack in May that led the firm to shut down the operations of a 5,500-mile pipeline for nearly a week.
Maximus Corp., a global provider of government health data services, says a data breach exposed the personal information of more than 334,000 Medicaid healthcare providers nationwide.
The U.S. has seized the domains of 36 websites linked with Iran and Iraq for allegedly publishing disinformation and running malicious influencing campaigns targeting Americans. Those running the sites violated sanctions by not obtaining a license to buy domain names from U.S. companies.
A bill introduced this week in the Australian Parliament would make it mandatory for organizations based in the country to report to the Australian Cyber Security Center any payments they plan to make to ransomware gangs.
How can financial institutions deal with the problem of authorized push payment fraud? Three experts - Karen Boyer of People’s United Bank, Alasdair MacFarlane of NatWest Bank and Dave Excell of Featurespace - offer their insights on best practices.
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.