Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?
The French government is pursuing a new law that will grant the country's law enforcement agencies sweeping power to snoop on suspected cybercriminals and other online miscreants by remotely accessing their phones and computers. The measure is now headed to the French National Assembly.
For the third time since the discovery of the MOVEit Transfer application zero-day vulnerability, Progress Software has revealed a new critical SQL injection vulnerability that allows remote attackers to bypass authentication and execute arbitrary code.
The personal information of nearly 35 million Indonesian passport holders is up for sale on the dark web for $10,000 by notorious hacktivist Bjorka, who routinely criticizes the Indonesian government, publishing damaging information about lawmakers on social media. The government is investigating.
In the latest weekly update, four editors at ISMG discuss highlights from recent ISMG events, the winners and losers in Forrester's first-ever network analysis and visibility rankings, and the ongoing tech trade war between the U.S. and China and its impact on the global supply chain.
Ransomware continues to be the biggest threat to the European healthcare sector, but the region also is experiencing an uptick in distributed denial-of-service attacks tied to hacktivist groups, the European Union Agency for Cybersecurity warned.
Service providers typically lack the skills and large security teams needed to thwart complex and high-volume cyberattacks on their own, said A10 Networks CEO Dhrupad Trivedi. MSPs telecom and cloud providers struggle to assess the scale of cyber incidents and to detect and remediate them.
This week, Charming Kitten targeted nuclear experts; over 130,000 solar energy monitoring systems are exposed; organizations confirmed a breach due to the MOVEit zero-day; Russian hackers took over a Ukrainian government agency's Facebook page; and a WordPress plug-in gave admin privileges to users.
A ransomware attack in May that and compromised the sensitive information of 319,500 individuals, including addiction treatment center patient data, has so far generated three proposed federal class action lawsuits against the Pennsylvania real estate firm that owns the medical group.
Legacy DLP is broken due to excess complexity, extended time to value and misalignment with security and business goals, said Next's Chris Denbigh-White. Addressing insider threats in a meaningful way is one of the biggest data protection challenges for organizations, he said.
A growing number of security teams are looking to consolidate tools to simplify operations, said Gartner analyst Dionisio Zumerle. "When you have the complexity, it's very hard to identify misconfigurations between the different overlapping tools, and it's also hard to identify security gaps."
International law enforcement agencies say they arrested the mastermind of a French-speaking cybercriminal syndicate dubbed Opera1er for carrying out more than 30 successful attacks against financial institutions, banks, mobile banking services and telecommunications companies.
Hackers use generative AI to churn out code that exploits vulnerabilities, while defenders use it to get more context around flaws discovered in their ecosystem, said CEO Amit Yoran. Tenable uses generative AI to spot and prioritize all the instances of MOVEit in a customer's environment.
Organizations need to adopt a creative approach when building policies around the legal, commercial and reputational risks raised by generative AI tools - such as with privacy, consumer protection and contractual obligations, said legal expert Anna King of Markel.
Every week, ISMG rounds up cybersecurity incidents in the digital assets world. This week, a Poly Network hacker stole $10 million, Belarus mulled banning P2P crypto payments, the Ethereum community proposed a new security standard and Russia raised $20 million in crypto.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.