San Diego-based Scripps Health, which operates four area hospitals, has been forced to postpone some patient care - and reportedly divert some patients seeking emergency treatment - as a result of what local news outlets say is a ransomware attack.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
An attack group, likely based in China, recently conducted a spear-phishing attack against a defense contractor that develops nuclear submarine technology for the Russian Navy, according to the security firm Cybereason.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
CISA is investigating whether five U.S. government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to a senior official. Security researchers believe that at least two nation-state groups have been attempting to exploit these flaws.
The Internal Revenue Service is sharpening its expertise in cryptocurrencies to help prevent their use for tax evasion and money laundering, says Jarod Koopman, a director at the agency. The IRS is partnering with companies that have developed techniques and technologies for tracing blockchain transactions.
Four editors at Information Security Media Group discuss timely issues, including how the zero-day attacks against Accellion File Transfer Appliance users have rewritten the rules of the cyber extortion game and former federal CISO Gregory Touhill taking on an important new role.
The Babuk ransomware gang says it will no longer launch attacks but instead will make its malware source code available for other attackers to use. The gang took credit for recent attacks against the Washington, D.C. Metropolitan Police Department and the Houston Rockets basketball team.
A cyberthreat gang that's been active since 2020 exploited a now-patched zero-day vulnerability in the SonicWall SMA 100 Series appliance to plant ransomware in attacks launched earlier this year, FireEye Mandiant researchers say.
The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.
Providers have traditionally used deterministic data such as credit histories and scores in determining the suitability of an applicant. The problem is that deterministic data was never intended to assess fraud risk or verify identities but rather to gauge creditworthiness. Moreover, Gen-Z and younger millennials may...