Data Breach Today

JANUARY 12, 2023

healthcare sector organizations better tackle some of the top challenges involving vendor risk management, a coalition of CISOs has launched the Health3PT Council. To help U.S. Members John Houston of UMPC and Omar Khawaja, former CISO of Highmark Health, describe the effort.

Risk 130

Risk 130

Data Breach Today

JANUARY 11, 2024

Cybersecurity Researchers Detail Defenses Against Attackers Abusing Cloud Services While cybercriminals and advanced persistent threat groups have long abused legitimate internet services both to scale and disguise various types of attacks, a new report warns of a growing challenge posed by the illegitimate use of GitHub and offers essential defenses (..)

Risk 277

Risk Cloud Cybersecurity 277

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. ru, the very same account Truniger used to recruit hackers for the Snatch Ransomware group back in 2018. ru account and posted as him.

Ransomware 218

Ransomware Data breaches Encryption Systems administration 218

Data Breach Today

JANUARY 21, 2023

Crypto Mining Campaign Targets Public Cloud Environments, Increases Security Risks Cybersecurity researchers say a Chinese for-profit threat group tracked as 8220 Gang is targeting cloud providers and poorly secured applications with a custom-built crypto miner and IRC bot.

Cloud 157

Cloud Mining Risk Cybersecurity 157

Data Breach Today

AUGUST 13, 2021

Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.

Risk 274

Risk Cybersecurity Ransomware Information Security 274

Data Breach Today

JANUARY 23, 2023

Cryptomining Campaign Targets Public Cloud Environments, Increases Security Risks Cybersecurity researchers say a Chinese for-profit threat group tracked as 8220 Gang is targeting cloud providers and poorly secured applications with a custom-built crypto miner and IRC bot.

Cloud 130

Cloud Risk Cybersecurity Security 130

Data Breach Today

NOVEMBER 25, 2022

The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.

Ransomware 130

Ransomware Encryption Risk Security 130

Data Breach Today

FEBRUARY 18, 2021

California Medical Imaging Group Describes Data Exposure A California medical imaging group practice says vulnerabilities in its picture archiving and communications system left patient data at risk of unauthorized access for more than a year.

Risk 239

Risk Archiving Communications Access 239

Data Breach Today

NOVEMBER 24, 2022

The latest edition of the ISMG Security Report discusses how the profits of ransomware group, Zepplin, have been smashed by security researchers, the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.

Ransomware 130

Ransomware Risk Security 130

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. Yet, boardroom focus on cyber risk appears to be diminishing. trillion by 2025, a 300% increase since 2015 1.

Risk 189

Risk Insurance Energy and Utilities Marketing 189

Schneier on Security

JUNE 1, 2023

Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. Poses ‘Risk of Extinction,’ Industry Leaders Warn.”

Risk 118

Risk Artificial Intelligence Government Security 118

Data Breach Today

APRIL 30, 2020

As Google and Apple Prepare an Infrastructure, Electronic Frontier Foundation Urges Caution As Google and Apple prepare to offer a jointly developed infrastructure for contact-tracing smartphone apps to help fight the COVID-19 pandemic, the Electronic Frontier Foundation, a privacy advocacy group, is raising concerns about the risks involved.

Privacy 194

Privacy Risk 194

Data Breach Today

DECEMBER 26, 2019

TMF Group's Devender Kumar on Effectively Handling Vendor Risk It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.

Risk 147

Risk IT 147

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The Daixin Team group added NTMWD to the list of victims on its Tor leak site. The leak of the data puts the company at risk of frauds in the next months.

Ransomware 119

Ransomware Phishing Access Risk 119

Security Affairs

OCTOBER 12, 2023

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide.

Ransomware 133

Ransomware Personal data Access Cybersecurity 133

The Last Watchdog

SEPTEMBER 18, 2023

18, 2023 – The first comparative research into the evolution of the vulnerability management market authored by Omdia has found risk-based vulnerability management (RVBM) is set to encompass the entire vulnerability management market by 2027. About Omdia: Omdia, part of Informa Tech, is a technology research and advisory group.

Marketing 130

Marketing Risk Digital transformation Cybersecurity 130

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

Risk 52

Risk Energy and Utilities Cybersecurity Systems administration 52

Data Breach Today

APRIL 26, 2019

The risks posed by third-party vendors are a top concern for Aaron Miri, CIO of University of Texas at Austin's Dell Medical School and its affiliated UT Health Austin group practice. He explains steps he's taking to help mitigate those risks.

Risk 175

Risk IT 175

The Security Ledger

DECEMBER 12, 2022

Humanitarian groups, local governments and non-profits will be able to use Cloudflare’s Zero Trust One suite of security tools at no cost, the company announced. The post Cloudflare Targets Security Poverty Line With Free Tools For At-Risk Groups appeared first on The Security Ledger with Paul F.

Risk 52

Risk Security Government IT 52

Krebs on Security

JUNE 15, 2023

” When security experts began raising the alarm about a possible zero-day in Barracuda’s products, the Chinese hacking group altered their tactics, techniques and procedures (TTPs) in response to Barracuda’s efforts to contain and remediate the incident, Mandiant found.

Risk 213

Risk Ransomware Cybersecurity Access 213

Dark Reading

JULY 10, 2023

The public working group will develop guidance around the special risks of AI technologies that generate content.

Risk 93

Risk 93

Schneier on Security

OCTOBER 5, 2020

A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before. Paper’s website.

Authentication 139

Authentication Risk Passwords Paper 139

Security Affairs

APRIL 22, 2024

A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is currently owned by LSEG (London Stock Exchange Group). Curiously, in 2011, Thomson Reuters acquired World-Check, then in October 2018, Thomson Reuters closed a deal with The Blackstone Group.

Risk 114

Risk Archiving Access Privacy 114

Data Breach Today

JANUARY 6, 2023

Only Those Hosted Exchange Customers at Risk, CrowdStrike Forensic Probe Concludes Hosting giant Rackspace says the recent ransomware attack resulted in Microsoft Exchange data for 27 customer organizations being accessed by attackers.

Access 157

Access Ransomware Risk IT 157

Krebs on Security

APRIL 8, 2019

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups. What did we find?

Passwords 206

Passwords Privacy Manufacturing Phishing 206

Security Affairs

MARCH 15, 2023

Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. The vulnerability left the company at risk from cyberattacks over an extended period of time.

Manufacturing 87

Manufacturing Access Risk IT 87

eSecurity Planet

NOVEMBER 7, 2022

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. You also need platforms where you can share your knowledge and collaborate with other teams, which sometimes leads to catching APT groups. Defense in Depth.

Security awareness 117

Security awareness Phishing Passwords Risk 117

Data Breach Today

SEPTEMBER 1, 2023

Identity Security Expert Jeremy Grant on AI and Digital Identity Risks In the latest weekly update, Jeremy Grant of Venable joins three ISMG editors to discuss why the U.S. government is taking a back seat on digital identity issues, the risks of artificial intelligence, and takeaways from the U.S.

Artificial Intelligence 283

Artificial Intelligence Security Risk Government 283

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military 104

Military Government Phishing Access 104

Dark Reading

FEBRUARY 2, 2023

The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.

Risk 88

Risk 88

Data Breach Today

NOVEMBER 4, 2022

Investigators to Determine if Hacker Accessed Legal Aid Group’s Client Information A hack of an Australian legal aid group this week may have exposed the personal information of domestic violence, sexual assault victims and other vulnerable people around the nation’s capital.

Risk 176

Risk Access 176

Data Breach Today

NOVEMBER 24, 2022

Group Hitting Large Victims, Health Sector Cybersecurity Coordination Center Warns Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware.

Ransomware 130

Ransomware Risk Cybersecurity 130

Weissman's World

APRIL 30, 2024

Making the business case for Doing Information Right™ is often one of the biggest challenges we face, in no small part because so many of the improvements we can achieve are “soft” ones that our senior managers can readily push back on: Improving findability Boosting compliance Supporting self-service Reducing legal risk Now, we know these… Read (..)

Compliance 177

Compliance Risk Information governance Government 177

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing 117

Manufacturing Ransomware Data breaches Risk 117

Security Affairs

AUGUST 13, 2020

Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. A presumably Russian-speaking group conducts thoroughly planned attacks on private companies across numerous industries using a unique toolset. From Russia to Canada.

Cloud 139

Cloud Phishing Analytics Access 139

Security Affairs

MAY 29, 2022

Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. “With different levels of superiority, command lines and tasking. Pierluigi Paganini.

Cybersecurity 141

Cybersecurity Risk Security Government 141

Data Breach Today

DECEMBER 18, 2019

Tips From a Cybersecurity Veteran on Winning the Battle In this in-depth blog, a long-time cybersecurity specialist who recently joined the staff of Information Security Media Group sizes up evolving ransomware risks and offers a list of 11 critical mitigation steps.

Risk 124

Risk Ransomware Cybersecurity Information Security 124