Hacking incidents still dominate the major health data breaches being reported to the U.S. Department of Health and Human Services in the first months of 2022 by far, with only one other type of breach appearing on the federal tally so far this year. Are organizations missing other breaches?
On this week's "Sound Off," attorney Lisa Sotto demonstrates how Colonial Pipeline did "a lot right" in its response to the DarkSide ransomware attack that led the firm to shut down operations for nearly a week last May. She shares best practices for enterprises to improve incident response plans.
The Conti ransomware group has a new trick up its sleeve: hiring "multiple elite developers and managers" to essentially acquire the venerable TrickBot malware operation, which it has been using for the past year to better distribute its ransomware, says threat intelligence firm Advanced Intelligence.
In 2019, 23 cities across Texas were struck by one of the largest ransomware attacks ever in the U.S. The attack, which involved the REvil ransomware, started with a compromised managed service provider. While the cities recovered quickly, the MSP sustained irreparable damage.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
If the ransomware threat is inevitable, then what can enterprises do to harden their infrastructures, ensure detection capabilities and devise a proactive, practiced response? Josh Zelonis of Palo Alto Networks shares insights and discusses the emerging role of XDR in ransomware defense.
Healthcare entities should implement a "proactive preparedness" approach for protecting their electronic health record systems, which are an increasingly attractive target for cyberattacks and other breaches, federal authorities warn.
In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Two recent hacking breaches affecting hundreds of thousands of individuals - one reported by a firm that provides services to health plans and the other by a government contractor - serve as the latest reminders of the risks involving vendors that handle sensitive personal data.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
By almost every measure, ransomware continues to get worse, not least in the average amount criminals receive when a victim chooses to pay a ransom. So say new reports assessing the volume and severity of ransomware attacks, the flow of cryptocurrency, attackers' target selection and more.
"All too often we hear that our industrial control systems have no security. That's not true," says Kevin Jones, group CISO of Airbus. In fact, he states, "some of these systems have been designed with security encapsulating them and security around them." He discusses enhancing cyber resilience.
Days after the Federal Bureau of Investigation and the U.S. Secret Service issued a cybersecurity advisory on the ransomware-as-a-service group BlackByte, it hit the corporate IT network of the U.S. National Football League's San Francisco 49ers team.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.