First-party fraud hits banks from many different places - credit card fraud claims, bust-out schemes, lending fraud and synthetic identity fraud. The diversity of scams poses major challenges in spotting fraudulent activity, said Frank McKenna, chief strategist and co-founder of Point Predictive.
The healthcare sector needs a 911-style cyber civil defense system that can help all segments of the industry, including under-resourced groups, to more rapidly and effectively respond to cyberattacks and related incidents, said Erik Decker, CISO of Intermountain Health and a federal cyber adviser.
The Department of Health and Human Services is working on grant programs and other financial programs to help under-resourced healthcare organizations deal with the cybersecurity challenges they're facing, said La Monte Yarborough, CISO and acting deputy CIO at HHS.
What did Microsoft mean when it said that nation-state hackers are "attempting to use secrets of different types" they found in its emails with customers, what's the risk posed by those attackers also accessing Microsoft's source code and what can - and should - customers do about it all?
Phishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.
First-party fraud is largely invisible. It requires financial institutions to overhaul their traditional fraud detection approaches. Unlike more commonly recognized forms of fraud, first-party fraud involves account holders acting deceitfully, which makes detection and prevention more complex.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
The Conservative government of British Prime Minister Rishi Sunak says it won't champion a reinsurance plan for cyber insurance similar to flood insurance, telling a parliamentary committee it doesn't want to "damage competition." Global ransomware payments surged to record levels during 2023.
The U.S. Cybersecurity and Infrastructure Security Agency apparently had a good reason to urge federal agencies to reset vulnerable Ivanti VPN devices: Hackers breached two gateways used by CISA, forcing the agency to yank them offline. The agency "immediately took offline" the affected VPNs.
UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.
In the latest weekly update, ISMG editors discussed the cyberattack that's sending shock waves through the U.S. healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.
A Russian state hack against Microsoft was more serious than initially supposed, Microsoft acknowledged in a Friday disclosure to federal regulators. Microsoft said a Moscow threat actor obtained access to "source code repositories and internal systems."
As ransomware groups are causing massive damage and disruption and showing no signs of stopping, cybersecurity policy expert Ciaran Martin said it's time for governments to start asking tough questions and "figure out how to make a ransomware payments ban work."
Hackers are mass-exploiting a recently disclosed critical authentication bypass vulnerability in on-premises versions of TeamCity. JetBrains fixed the bugs in a Monday update, but researchers warn users running unpatched instances to assume compromise.
A Chicago children's hospital has finally restored access to its electronic health records systems following a cyberattack detected in late January. But the pediatrics hospital is still working to bring its MyChart patient portal and various other systems back online.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.