An April ransomware attack against one of Australia's largest law firms swept up the data of 65 Australian government agencies, the country's national cybersecurity coordinator said Monday. The Russian-speaking Alphv hacking group claimed responsibility earlier this year for hacking HWL Ebsworth.
Credit reporting agency TransUnion may be the subject of a hacking incident leading to a data breach after a hacker apparently stole information of 58,505 customers across North and South America and Europe. TransUnion has not acknowledged the hack and refused to discuss the matter on the record.
Established provider LexisNexis Risk Solutions remains atop Forrester's digital fraud management rankings, while upstart Sift broke into the leaders category for the first time. Many providers in the space have expanded from payment transactions to account takeover fraud as well as handling scams.
DHS says it will eschew biased artificial intelligence decision-making and facial recognition systems as part of an ongoing federal effort to promote "trustworthy AI." "Artificial intelligence is a powerful tool we must harness effectively," said Secretary of Homeland Security Alejandro Mayorkas.
With only 90 early adopters, Federal Reserve's FedNow program faces the challenge of persuading U.S. banks to sign on to the real-time payments initiative launched in July. Experts say the Fed could learn some lessons from successful efforts in Brazil and India.
Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.
The list of healthcare entities affected by MOVEit file transfer hacks continues to grow. Nuance Communications acknowledged that hackers had stolen data belonging to 14 of its clients, all North Carolina medical providers. Hackers may have obtained diagnostic information including imaging reports.
The Clop ransomware group's zero-day attack on MOVEit software was its fourth data theft campaign targeting secure file transfer users. Organizations can combat such attacks by using data minimization and encryption - among other defenses, says Teresa Walsh, global head of intelligence for FS-ISAC.
A financially motivated criminal syndicate that mainly operates in Telegram and underground forums has expanded its criminal arsenals to deploy ransomware and other intrusion capabilities on various cloud applications, warn Mandiant researchers.
Iranian state threat actor "Peach Sandstorm" is growing in sophistication, warns Microsoft in an alert about a campaign of password hacking targeting the satellite, defense and pharmaceutical sectors. The group's newfound polish is reflected in what the hackers did after establishing persistence.
In the latest weekly update, four editors at ISMG discuss important cybersecurity and privacy issues, including how to keep assets secure in the quantum era, when common usernames pose a cybersecurity threat, and how to strike the right balance between regulation and innovation in AI.
Casino and hotel giant Caesars Entertainment is warning customers that their personal details were stolen in a recent hack attack. After successfully shaking down Caesars for a ransom, the same attackers are continuing to extort MGM Resorts, claiming to have crypto-locked its EXSi hypervisors.
Generative AI holds great potential for many amazing applications in healthcare, but it's critical to establish a strong framework before deploying it, said Barbee Mooneyhan, vice president of security, IT and privacy of Woebot Health, a provider of AI-driven online mental health services.
AI allows U.S. agencies to address hard problems like quickly writing secure code but comes with risks around nation-states generating attacks more efficiently. "The cybersecurity element is a great example of the bright and the dark side of AI technology," said White House Director Arati Prabhakar.
This week, exiled Russian journalist Galina Timchenko's iPhone was found to contain NSO Group's Pegasus spyware, a Russian businessman was sentenced for insider trading, more than 300,000 people were affected by an attack on See Tickets and period-tracking apps raised privacy concerns in the U.K.