The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.
A federal grand jury has indicted WikiLeaks founder Julian Assange on 18 counts under the U.S. Espionage Act for his role in publishing classified material, the Justice Department announced Thursday. He's currently serving a prison sentence in the U.K. and fighting extradition to the U.S.
European police have shuttered Bestmixer.io, considered one of the largest underground money laundering websites for cryptocurrencies used in connection with criminal activities, including ransomware attacks.
The former owner of the company behind the LeakedSource.com website, which trafficked in billions of stolen login credentials, will pay a fine equivalent to the money he made off the scam, according to the Royal Canadian Mounted Police.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest Verizon's Data Breach Investigations Report. Author John Grim shares insight.
Several recently reported breaches involving ransomware attacks in which organizations recovered without paying a ransom to extortionists offer a glimmer of hope that healthcare entities are getting better prepared to deal with such incidents.
The U.S. Commerce Department will offer a 90-day reprieve to a handful of companies that conduct business with Huawei before the Trump administration's ban on the use of the Chinese company's technologies fully kicks in, the Wall Street Journal reports. Meanwhile, Google announces it will continue to work with Huawei.
MuddyWater, an advanced persistent threat group that has targeted organizations in the Middle East, has changed some of its tactics to better avoid detection as it continues to plant backdoors within targeted networks, according to new research from Cisco Talos.
It's been nearly seven years since HSBC was fined $1.9 billion by U.S. authorities for money laundering violations involving international drug cartels. But Everett Stern, the former employee who blew the whistle on the bank, continues to tell his story because he believes similar criminal activity is ongoing.
The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports.
After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license. Many chipmakers and other technology firms have also said they will cease or at least pause the sharing of software, hardware and services.
Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all.
Law enforcement agencies in the U.S. and Europe have disrupted a malware attack platform called GozNym. Six suspects have been arrested in four countries and face local prosecution on fraud, money laundering or malware-writing charges. Five Russian suspects remain at large.