New York state officials are investigating a data breach at Illuminate Education, maker of a widely used software platform for K-12 schools. More than 1 million current and former New York students' personal details were exposed, and some students in California, Colorado and Connecticut were also affected.
A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based on forensic analysis.
Two signs that the tide may finally, if slowly, be turning on ransomware: The number of victims who choose to pay continues to decline, while the amount they pay - when they choose to do so - recently dropped by one-third, reports ransomware incident response firm Coveware.
Kellogg Community College, or KCC, has resumed operations in all its five campuses - Battle Creek, Albion, Coldwater, Hastings and Fort Custer Industrial Park in Michigan - starting Wednesday. The college management had suspended classes on Monday as the result of a ransomware attack.
DeFi platform Fei Protocol has offered a $10 million "no questions asked" bounty to hackers in an attempt to recover some of the funds stolen from its recently merged DAO partner Rari Capital. Blockchain security firms BlockSec and CertiK say the amount of stolen funds totals about $80 million.
The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
John Riggi, national adviser for cybersecurity at the American Hospital Association, and Carolyn Crandall, chief security advocate at Attivo Networks, explain why threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally.
Smartphones used by Spain's prime minister and defense minister were infected with Pegasus spyware built by Israel's NSO Group, government officials allege. The discovery follows human rights researchers finding Pegasus infections targeting Catalonians, likely traceable to the Spanish government.
As ransomware-wielding attackers continue to target businesses large and small, the organizations that respond best and escape most unscathed from such attacks are those that already have in place well-honed, rehearsed plans, says ransomware expert and attorney Guillermo Christensen of Ice Miller.
The Computer Emergency Response Team of Ukraine and the National Bank of Ukraine are warning of massive DDoS attacks against pro-Ukrainian targets. The intelligence service in Romania, SRI, also warns of a similar type of attack targeting sites belonging to its national authorities.
In what is likely the shortest breach reporting timeline globally, the Indian Computer Emergency Response Team, CERT-In, has mandated that starting June 28, government and private organizations in the country must inform the agency within six hours of discovering a cybersecurity incident.
Recent incidents affecting the sensitive information of tens of thousands of individuals underscore the ongoing threats and risks facing organizations that handle health and other delicate personal information, including a community health center and a social services agency.
In this edition, four ISMG editors discuss important cybersecurity issues, including how virtual currency Monero is becoming the main alternative to Bitcoin as the crypto choice for criminals, the challenges involved in an identity-centric Zero Trust approach and how to influence change in culture.
Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
Ransomware attacks have come storming back after experiencing their typical end-of-the year decline. Security researchers report that the greatest number of known victms has been amassed by Lockbit, followed by Conti, Hive and Alphv/BlackCat.