Many ransomware-wielding attackers - including big-name groups - have been collectively shooting themselves in the foot by resorting to "amateur" tactics, including decryptors that fail to decrypt as well as gangs re-extorting the same victims. Cue fewer victims opting to pay a ransom.
Elon Musk lugged a sink into Twitter headquarters to announce his takeover of the social network. But it will take more than a porcelain prop for the richest person in the world to successfully surmount the cybersecurity, legal, disinformation, regulatory and other challenges facing Twitter.
One of Australia's largest private testing laboratories announced a data breach affecting 223,000 Australians. Ransomware-as-a-service group Quantum took credit for the incident, posting an 86-gigabyte file in June. "There is no evidence of misuse of any of the information," says Medlab Pathology.
Healthcare entities need to rehearse breach response playbooks to avoid paying fines to the Department of Health and Human Services for poor incident response after a severe breach. Well-tested security incident response plans ensure the security of patient data, says the HHS Office of Civil Rights.
Health insurer EyeMed Vision Care will pay New York regulators $4.5 million to settle an investigation into its 2020 data breach incident. States are becoming more aggressive in applying enforcement actions against data breaches, say regulatory attorneys.
Cybereason has abandoned its IPO plans altogether and hired JPMorgan Chase to find a buyer, The Information reported Friday. Why is Cybereason no longer poised to make it to the IPO Promised Land? An unfavorable competitive environment and a muddled go-to-market strategy provide some clues.
Is Australia's data breach wave a coincidence, bad luck or intentional targeting? Maybe all three. But the security weaknesses that have led to the incidents are not exotic. And the people behind these attacks are most likely workaday cybercriminals, not top-level nation-state attackers.
More Russian-speaking, ransomware-wielding attackers are gunning for Russian businesses and government agencies, researchers report. The unwritten rule of Russian cybercrime has historically been to never attack inside Russia or neighboring allies.
Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
Zero trust-targeted attacks, phishing, vishing, smishing and social engineering are on the rise, targeting individuals and human vulnerabilities. What can companies do to stay ahead? Steve Benton of Anomali shares insights on intelligence-empowered detection and response.
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
Lloyd's of London says it has fully restored network services and that an investigation uncovered no evidence of a compromise. The insurance and reinsurance marketplace giant took systems offline last week after detecting what it called "suspicious activity."
Two Australian regulatory agencies are investigating the telecommunications company behind the country's second-largest data breach, affecting approximately 10 million people. Optus could face millions of dollars in fines from probes into the firm's privacy and data retention practices.
Patient portals, electronic prescriptions and some other IT systems are still affected at an undisclosed number of CommonSpirit Health hospitals and clinics in several states more than one week after a cyber incident hit the multistate hospital chain.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.