Analysis, Groups and Insurance - Information Management Today

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing. Actual Actuarial Validity.

Insurance

Insurance Artificial Intelligence Risk Compliance

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

IT Governance

AUGUST 25, 2022

Lloyd’s of London has announced that its insurance policies will no longer cover losses resulting from certain nation-state cyber attacks or acts of war. In a memo sent to the organisation’s insurance syndicates , Underwriting Director Tony Chaudhry said that Lloyd’s remains “strongly supportive” of policies that cover cyber attacks.

Insurance

Insurance IT Government Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Previously undetected Earth Longzhi APT group is a subgroup of APT41

Security Affairs

NOVEMBER 15, 2022

Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Further analysis, revealed that the same threat actor targeted multiple regions using a similar Cobalt Strike loader and has been active since 2020. ” reads the analysis published by Trend Micro.

Archiving

Archiving Passwords Metadata Insurance

The business value of operating core insurance solutions on the cloud

IBM Big Data Hub

JUNE 23, 2023

Although interest rates have increased at an unprecedented rate over the past year due to efforts by central banks to curb inflation, insurers are locked into low-yielding investments, and it will take several years for their investment yields to improve. Core modernization (processes and technology) is a top priority for every insurer.

Insurance

Insurance Cloud Digital transformation Customer Experience

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. According to CryptoIns analysts, the crypto assets insurance market is expected to reach $7 billion by 2023. Why do crypto exchanges’ users need insurance?

Insurance

Insurance Risk Marketing Cybersecurity

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Security Affairs

AUGUST 13, 2020

Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. A presumably Russian-speaking group conducts thoroughly planned attacks on private companies across numerous industries using a unique toolset. From Russia to Canada.

Cloud

Cloud Phishing Analytics Access

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Security Affairs

APRIL 8, 2024

Greylock McKinnon Associates (GMA) provides expert economic analysis and litigation support to a diverse group of domestic and international clients in the legal profession, the business community, and government agencies, including the Department of Justice (DoJ).

Data breaches

Data breaches Insurance Cybersecurity Government

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. billion per month.

Insurance

Insurance Data breaches Financial Services Passwords

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance

Insurance Paper Privacy Risk

Global Capture & IDP Vertical Market Analysis

Info Source

FEBRUARY 20, 2023

For example, an auto insurance claim often involves an e-form for the FNOL, plus paper based or digital documents covering the police report and the assessment of the repair shop but also photos or video documentation of the damage. A newer but strongly growing group of uses cases are related to Case Management.

Marketing

Marketing Artificial Intelligence B2B Paper

Regulatory Update: NAIC Summer 2021 National Meeting

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance

Insurance e-Delivery Paper Sales

Researchers released a free decryptor for Black Basta ransomware

Security Affairs

JANUARY 2, 2024

The Black Basta ransomware group has been active since April 2022 , like other ransomware operations, it implements a double-extortion attack model. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022.

Ransomware

Ransomware Encryption Blockchain Insurance

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

. “We have performed an analysis of the affected system and associated data to determine whether your information was potentially impacted. Based on that analysis, we have determined that certain of your information was included in those files.” million Teachers Insurance and Annuity Association of America 2.6

Data breaches

Data breaches Retail Education Ransomware

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. in Germany, and 5.9%

Ransomware

Ransomware Blockchain Retail Insurance

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation.

Insurance

Insurance Paper Artificial Intelligence Big data

Black Basta gang claims the hack of the UK water utility Southern Water

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware group added Southern Water to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 29, 2024. At this time, it is unknown what ransom the group has demanded from the victim. At this time, it is unknown what ransom the group has demanded from the victim.

Encryption

Encryption Ransomware Blockchain Insurance

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. ” continues the report.

e-Delivery

e-Delivery Insurance Retail Government

Global Scamdemic: Scams Become Number One Online Crime

Security Affairs

JUNE 10, 2021

Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. Group-IB also unveiled Scam Intelligence, a fraud-tracking technology that paved the way for DRP, the company’s proprietary solution. million in one year .

Phishing

Phishing Retail Insurance Risk

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. ” concludes the report.”Once

Security

Security Military Insurance Cybersecurity

Global Data Breaches and Cyber Attacks in December 2023 – 2,241,916,765 Records Breached

IT Governance

JANUARY 5, 2024

This month, we have found several ‘group’ incidents. This blog provides analysis of the data we’ve collected. Note 1: Reported remediation typically includes conducting a forensic analysis to establish exactly what happened (often by engaging a third-party specialist). In November 2023, this was 227 incidents (48%).

Data breaches

Data breaches Insurance Manufacturing Ransomware

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. “What’s the takeaway? .

Insurance

Insurance Data breaches Sales Government

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance

Insurance Paper Risk Analytics

Regulatory Update: NAIC Fall 2018 National Meeting

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. NAIC Exposes Group Capital Calculation Field Testing Template For Public Comment.

Insurance

Insurance Paper Risk Big data

Regulatory Update: NAIC Summer 2018 National Meeting

Data Matters

AUGUST 24, 2018

The National Association of Insurance Commissioners (NAIC) held its Summer 2018 National Meeting in Boston, Massachusetts, from August 4 to 7, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data . The NAIC is also considering insurers’ use of big data in underwriting life insurance products.

Insurance

Insurance Big data e-Delivery Risk

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Security Affairs

APRIL 8, 2021

Group-IB , a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. Group-IB notified the national CERTs in the above-mentioned countries about the breach so they could take the necessary steps to mitigate the threat.

Passwords

Passwords Insurance Personal data Sales

Report Shows Major Security Holes in Banking Apps

Adam Levin

APRIL 10, 2019

A security analysis of 30 major banking and financial apps has shown major security holes and a lax approach to protecting user data.

Retail

Retail Security Insurance Encryption

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Cybersecurity Authentication

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

MAY 9, 2020

30), we have observed three SilverTerrier actors/groups launch a series of 10 COVID-19 themed malware campaigns.” ” reads the analysis published by Palo Alto Networks. The good news is that none of the attacks carried out by the SilverTerrier groups using COVID-19 lures has been successful in compromising the victims.

Government

Government Energy and Utilities Insurance Phishing

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Data breached: 1,201,000 people’s data.

Data breaches

Data breaches Education Manufacturing Retail

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. 92,391,296 known records breached in 222 publicly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. GB Signature Performance, Inc.

Data Privacy

Data Privacy Manufacturing Privacy Security

After Springhill: Assessing the Impact of Ransomware Lawsuits

eSecurity Planet

OCTOBER 18, 2021

” Cyber Insurance No Longer Reliable. Perhaps the largest lesson to draw from this case, Crockett said, is to take these threats more seriously and look beyond a simple cost-benefit analysis. ” Crockett said unofficial numbers indicate that only about 10 percent of such cyber insurance claims are paid out.

Ransomware

Ransomware Insurance Digital transformation Cybersecurity

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The group has allegedly exfiltrated more than 10 million files. Welcome to this week’s round-up of the biggest and most interesting news stories. Data breached: 41,500,000 records.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

“Our continuous monitoring of underground activity revealed despite the conviction, Flint24 never left the cybercrime scene,” reads an analysis penned by Intel 471. Intel 471 says Selivanon also was charged along with Stroganov in this past week’s law enforcement action. Among them is MrWhite[.]biz

Retail

Retail Insurance Cybersecurity Data breaches

1M compromised cards available for free in the underground market

Security Affairs

AUGUST 8, 2021

Group-IB detected an unconventional post on several carding forums containing links to a file containing 1 million compromised cards. On August 2, Group-IB Threat Intelligence & Attribution system detected an unconventional post on several carding forums. It’s especially unusual for a previously unknown market player.

Marketing

Marketing Sales IT Insurance

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

AIIM

OCTOBER 15, 2018

Go for a holistic four-dimensional requirements analysis. Allianz – a global financial services and insurance company – is one of those organizations which had to rethink their approach on e-signatures. Helping organizations to go paperless with their signature processes in banking, insurance, telecommunication and other industries.

Compliance

Compliance Insurance Digital transformation Authentication

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

The Last Watchdog

MAY 10, 2021

Back in the mid-1990s, big banks and insurance companies came up with something called “bespoke assessments” as the approach for assessing third party vendor risk. It’s this middle group that’s really terrifying because they get access to sensitive information and many of them have very little security in place,” Kneip says.

Risk

Risk Insurance Access Security

What Is a Firewall Policy? Steps, Examples & Free Template

eSecurity Planet

JANUARY 5, 2024

They provide a foundation for recognizing possible security issues and aiding forensic analysis. Examples include Users, User Groups, Applications, Application Groups, Countries, IPv4/IPv6 Endpoints, Host DNS Names, and more. Application Groups combine various apps for unified handling.

Compliance

Compliance Access Communications Cybersecurity

Threat actors using FrameworkPOS malware in POS attacks

Security Affairs

MARCH 3, 2019

Most of the indicators collected by the experts point to the FIN6 hacking group, even if some of them are also tied to the EmpireMonkey group. ” reads the analysis published by Morphisec. ” reads the analysis published by Morphisec. Some indicators are also tied to the EmpireMonkey group.

Insurance

Insurance Libraries Sales Security

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Security Affairs

NOVEMBER 8, 2020

Luxottica Group S.p.A. The analysis of the leaked files revealed that they contain confidential information regarding the recruitment process, professional resumes, and info about the internal structures of the Group’s human resource department. ” On October 27th, the company began to notify affected users.

Data breaches

Data breaches Insurance Retail Ransomware

Driving innovation and growth, Reltio powers into 2024

Reltio

FEBRUARY 22, 2024

We unveiled the velocity packs in February, featuring pre-built connectors and smooth integrations to speed deployment for clients in sectors like healthcare, financial services, and insurance. Marquee brands, including a leading international hotel group, joined the Reltio customer roster. As measured by revenue, as of 2024.

Customer Experience

Customer Experience MDM Healthcare Digital transformation

30 million Americans affected by the Astoria Company data breach

Security Affairs

MARCH 25, 2021

Astoria Company LLC is a lead generation company that leverages on a network of websites to collect information on a person that may be looking for discounted car loans, different medical insurance, or even payday loans. Collected data si shared with a number of partner sites (such as insurance or loan agencies), that pay per lead referral.

Data breaches

Data breaches Sales Insurance Marketing

What Is the Role of Information Management in Customer Experience?

AIIM

APRIL 21, 2022

It doesn’t matter if you’re an insurance company, local government agency, or something else. In tapping into the AIIM end-user community, we found impressive examples of that philosophy at work in leading organizations like Farmers Insurance, Ogilvy, and UnitedHealth Group.

Customer Experience

Customer Experience Digital transformation Insurance Government

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

NYDFS issues significant guidance on insurers using AI or external data

Webinars

Trending Sources

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

Webinars

Previously undetected Earth Longzhi APT group is a subgroup of APT41

The business value of operating core insurance solutions on the cloud

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

American Insurance firm State Farm victim of credential stuffing attacks

Regulatory Update: NAIC Summer 2022 National Meeting

Global Capture & IDP Vertical Market Analysis

Regulatory Update: NAIC Summer 2021 National Meeting

Researchers released a free decryptor for Black Basta ransomware

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Regulatory Update: NAIC Summer 2020 National Meeting

Black Basta gang claims the hack of the UK water utility Southern Water

TA505 group updates tactics and expands the list of targets

Global Scamdemic: Scams Become Number One Online Crime

China-linked Moshen Dragon abuses security software to sideload malware

Global Data Breaches and Cyber Attacks in December 2023 – 2,241,916,765 Records Breached

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Regulatory Update: NAIC Summer 2019 National Meeting

Regulatory Update: NAIC Fall 2018 National Meeting

Regulatory Update: NAIC Summer 2018 National Meeting

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Report Shows Major Security Holes in Banking Apps

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

After Springhill: Assessing the Impact of Ransomware Lawsuits

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Russians Shut Down Huge Card Fraud Ring

1M compromised cards available for free in the underground market

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

What Is a Firewall Policy? Steps, Examples & Free Template

Threat actors using FrameworkPOS malware in POS attacks

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Driving innovation and growth, Reltio powers into 2024

30 million Americans affected by the Astoria Company data breach

What Is the Role of Information Management in Customer Experience?

Stay Connected