This edition of the ISMG Security Report analyzes what prosecutors say is the biggest cryptocurrency seizure in U.S. history as well as the biggest financial seizure. It also details how a school district CISO resigned over the district's handling of a severe data breach and busts Zero Trust myths.
Are ransomware-wielding criminals running scared? That's one likely explanation for the sudden release this week of free, master decryption keys for three different strains of formerly prevalent ransomware: Maze, Sekhmet and Egregor.
The arrest of a married New Yorker couple, charged with laundering bitcoins worth $3.6 billion that were stolen from a currency exchange in 2016, highlights the risk facing anyone who wants to launder large amounts of cryptocurrency and stay free long enough to enjoy their alleged rap career.
In a U.S. Senate hearing on Tuesday, the Apache Software Foundation and leaders from Cisco, Palo Alto Networks and The Atlantic Council discussed open-source software security, urging both government and private sector entities to recognize the breadth of the free-to-use software and adversaries' willingness to...
As a CISO in financial services, Bradley Schaufenbuel of Paychex enjoys the velocity of change - no two days are alike. But with that pace comes a corresponding uptick in supply chain risk, which adds a new degree of difficulty to an already challenging leadership role.
It is essential that entities across all industries - and especially in healthcare - better prepare every type and level of worker on how to respond to potentially devastating ransomware attacks, says privacy and security attorney Erik Weinick of law firm Otterbourg PC.
A Kentucky hospital and the Maryland Department of Health are among healthcare sector entities still battling to fully recover from recent ransomware and other disruptive cyber incidents. What can other organizations do to avoid similar fates?
As information security officer at MVB Financial Corp., Cara Coleman says the single biggest cybersecurity threat is just keeping up with the pace of attacks - and understanding the sophistication and trickery of the broad range of attackers. Here's how she tackles the challenge.
ThycoticCentrify renames itself Delinea to grow as a "seamless" security solution. Other acquisitions focus on providing tools to developers to better secure applications and software, boost healthcare device security, fight against chargeback fraud and bring smaller organizations into compliance.
Some of the biggest cybercrime-focused darknet markets selling stolen payment card data, passwords, malware and more have retired in the past year, with administrators oftentimes boasting it's because they've gotten rich. As they exit, other players remain ready to grab their market share, experts say.
Four ISMG editors discuss important cybersecurity issues, including misconceptions around Zero Trust implementation, lessons learned from the crippling NotPetya malware attack of 2017 that nearly sank logistics giant Maersk and how a Russian cyberwar in Ukraine could move beyond its borders.
The latest edition of the ISMG Security Report features an analysis of how Russia's escalation in Ukraine is raising cyber defense alarms. It also describes how a Dark Overlord collaborator received a three-year prison sentence and shares tips for Zero Trust implementation.
A New York federal court has recommended the dismissal of a class action lawsuit filed against medical practice management vendor Practicefirst in the aftermath of a 2020 ransomware attack that involved data exfiltration and affected the personal and health information of 1.2 million individuals.
Pharmaceutical giant Pfizer alleges in a federal lawsuit that two former executives stole documents containing trade secrets about diabetes, obesity and cancer treatments under development by the drugmaker to benefit two new biotech startups they had launched.
A variety of underground markets exist to help malware-wielding criminals monetize their attacks, including via log marketplaces such as Genesis, Russian Market and 2easy, which offer for sale batches of data that can be used to emulate a victim, whether it's a consumer, an enterprise IT administrator or anyone in...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.