Despite repeated disruptions by law enforcement, underground cybercrime markets continue to thrive. Researchers are tracking the debut of 190 "significant" new darknet markets in 2022, connecting illegal data and access brokers with ransomware groups, fraudsters and others.
The LockBit ransomware operation claims to have stolen data from a Texas-based supplier to Elon Musk's SpaceX, which designs, manufactures and launches rockets and spacecraft. It's the latest PR-grabbing attempt by the prolific LockBit extortion group.
With the rapid increase in digital transformation & hybrid work, organizations are noticing that the biggest vulnerability is with legacy MFA solutions that have failed to keep pace with the ever-evolving skills, technology and persistence of today’s cybercriminals.
The key to defending your organization’s...
Business social media platform LinkedIn continues to pay dividends for North Korean hackers, including one group historically concentrated on South Korean targets that has expanded into pursuing security researchers and media industry workers in the West.
As Russia's full-scale invasion of Ukraine last year stalled, Russian hacking teams increasingly shifted from causing all-out disruption to cyberespionage, data theft and psychological operations, Ukraine's cybersecurity establishment says in a new lessons learned report.
Hackers are draining millions of dollars from decentralized finance protocol Euler Finance in an ongoing attack. The theft of crypto funds worth $197 million marks the largest exploit in 2023 so far. Euler Finance said it is aware of the incident.
President Joe Biden's budget request for fiscal 2024 includes a big proposed boost for the federal office charged with enforcing privacy and security within the healthcare industry. The proposal asks for $78 million in appropriations for the Office of Civil Rights.
Fundraising and customer relationship management software provider Blackbaud has reached a $3 million settlement agreement with the Securities and Exchange Commission over allegations it made "misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers."
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues, including how the new U.S. cybersecurity strategy doubles down on hitting ransomware, how the strategy shifts liability issues to vendors, and why check fraud is on the rise and what can be done about it.
Community Health Systems will soon begin notifying up to 1 million individuals estimated to have been affected by data compromise when attackers exploited a zero-day vulnerability in vendor Fortra's GoAnywhere MFT, which is secure managed file transfer software.
A healthcare revenue cycle management software vendor is facing a proposed class action lawsuit in the aftermath of a December data exfiltration attack affecting nearly 251,000 patients. Ransomware group Royal took credit for the attack, allegedly leaking samples of the stolen data on its leak site.
Hackers disrupted medical care at a major Barcelona hospital, found out the wireless plans of 9 million AT&T users and stole data of almost 140,000 Hatch Bank customers. Patrons of Chick-fil-A got a nasty surprise. Plus, a breach hit Acer and another one affected members of the U.S. Congress.
The Chinese government's geopolitical ambitions and willingness to use cyber operations to achieve them pose one of the biggest threats to U.S. national security, the U.S. intelligence community warns. Russia, Iran and North Korea also pose major threats, as do cybercrime and especially ransomware.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. Between March 3 and March 9, Tender.fi paid a white hat reward to a thief, a Uranium Finance hacker began to launder stolen funds, Algodex revealed security breaches and BitKeep was working to reimburse hack victims.
Hackers have been selling data stolen from an online health insurance marketplace used by members of Congress and residents of Washington, D.C. The cause, size and scope of the breach are still unknown. The data pertains to "numerous" lawmakers as well as their spouses, dependents and employees.