In the latest weekly update, Troy Leach, chief strategy officer at Cloud Security Alliance, joins ISMG editors to discuss preparing for new regulations, new requirements for third-party cloud penetration testing, and the opportunities and risks of AI in the financial sector.
A ransomware attack has forced a California-based hospital chain to divert ambulances from its emergency rooms and cancel appointments for services. The group of 17 hospitals, 166 outpatient clinics and various doctor practices is still recovering after an IT systems shutdown.
Fortra has pursued acquisitions in the infrastructure protection, data protection, and digital risk and email protection markets to help customers improve security posture. CEO Kate Bolseth said clients told Fortra they had challenges within segments such as security awareness and managed services.
A Russia-linked hacking group is shifting its online infrastructure likely in response to public disclosures about its activity. Its ability to adapt to public reporting suggests it will persist with "operations for the foreseeable future" and continue to evolve its tactics, Recorded Future warned.
A Russian espionage group attacked multiple organizations to steal credentials using Microsoft Teams chats that appear to originate from technical support. Microsoft on Wednesday attributed the campaign to a threat actor originating in the Russian Foreign Intelligence Service.
Ilya "Dutch" Lichtenstein, 35, confessed in U.S. federal court to hacking billions of dollars from virtual currency exchange Bitfinex and laundering stolen funds with his 33-year-old wife, Heather Morgan. Lichtenstein pleaded guilty to conspiracy to commit money laundering.
New CEO Scott Harrell wants Infoblox to evolve from classic networking DNS management to bringing networking and security together in ways that optimize protection and efficiency. DNS serves as a building block for security since it is universal across large client devices and small mobile phones.
A contractor that provides claims processing and other services says several of its community health plan customers - including 1.7 million members of the Oregon Health Plan - are victims of the zero-day MOVEit vulnerability, which has affected more than 500 organizations worldwide.
ISMG's roundup of digital assets-related cybersecurity incidents includes Kenya, France and Germany's probe into WorldCoin; July security incidents; Curve Finance and LeetSwap theft; the crypto amendment in the NDAA; and India's lack of crypto regulation.
How much of a risk do hacktivists pose? Hacktivism's heyday was arguably a decade ago. While activists do keep using chaotic online attacks to loudly promote their cause, they're tough to distinguish from fake operations run by governments, including Russia and Iran.
A little-known cloud infrastructure provider called Cloudzy has been facilitating nation-state hackers, commercial spyware operations and ransomware affiliates' attacks by failing to keep a close eye on what its customers are doing, researchers at cybersecurity firm Halcyon warn.
A Tennessee-based cardiac care clinic is notifying more than 170,000 patients and others that hackers may have stolen their sensitive personal and medical information in a cyberattack detected in April. The Karakurt cybercrime group claimed credit for the hack a month later.
Human Factor Security expert Robin Lennon Bylenga advised that in building an internal threat management program, it is imperative to not send mixed messages to the broader workforce. It's wise to conduct an assessment of human risk - not just IT risk, she said.
Synthetic ID fraud has moved beyond business-to-consumers to business-to-business fraud as more bad actors are opening fraudulent commercial accounts at financial institutions, said Dori Buckethal, vice president of risk and fraud solutions at Thomson Reuters.
Fears that cyber insurance coverage drives companies into paying ransomware demands more easily than not appear unfounded, concludes a British think tank study that also suggests insurers should do more to enact corporate discipline. Cyber insurance has been dogged by accusations of moral hazard.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.