While major hacking incidents regularly grab headlines, insider threats - including malicious individuals, careless workers and third-party contractors - continue to pose significant and sometimes underestimated risk to healthcare sector entities, federal authorities warn.
The Emotet botnet, which was disrupted by law enforcement actions in January 2021, has been making its way back in recent months. Cybersecurity researchers at Proofpoint have now recorded a brief departure from its typical behavior, indicating that the group is likely testing new attack techniques.
Australian software firm Atlassian has issued fixes for a critically rated vulnerability in its Jira software that could allow an unauthenticated attacker to remotely bypass authentication protections in place. Both Jira and Jira Service Management are vulnerable to this bug.
Has your organization been bitten by BlackCat ransomware, aka Alphv? If so, the FBI wants to hear details about how attackers broke in, cryptocurrency wallet addresses used to receive ransoms and other information that could help law enforcement authorities better track and block future attacks.
Two things you know when you sit down to speak to virtual CISO Chris Roberts: You're going to get the truth, and it's unlikely to be polished. He opens up on his passion to do good, and why he believes "mission before money" is the biggest challenge the industry now faces.
In this episode of "Cybersecurity Unplugged," Roger Sels, vice president, solution, EMEA at BlackBerry, discusses the global threat landscape one year after SolarWinds, including cyberthreats from Russia and China; the cyber impact of the Russia-Ukraine war; and the cyber call to action.
The 2021 Dragos ICS/OT Cybersecurity Year in Review report says the number of industrial organizations with external connections to their industrial control systems has doubled, yet 86% of organizations report limited to no visibility of ICS environments. Tom Winston outlines the top challenges.
The U.S. telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts. The company says hackers did not steal any sensitive customer or government information during the incident.
Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days. It targets victims that it believes are adversaries of Russia, and several critical infrastructure entities in the Czech Republic are known to have been successfully targeted.
Solara Medical Supplies has agreed to pay $5 million and implement a host of security improvements under a proposed settlement of a consolidated class action lawsuit involving a 2019 phishing incident that affected sensitive information of more than 114,000 individuals.
Researchers have uncovered a code vulnerability in RainLoop, an open-source webmail client used by several organizations to exchange sensitive messages and files via email. Security researchers at SonarSource say that this vulnerability allows attackers to steal emails from the inboxes of victims.
LemonDuck, once a small piece of cryptomining malware, has evolved into a major botnet for cryptomining. After targeting Microsoft Exchange servers, it is now targeting Linux systems by using a malicious container on an exposed Docker API, according to CrowdStrike's Cloud Threat Research team.
Four editors at ISMG discuss the percentage of banks hit by ransomware - and paying the ransom, the HHS warning to healthcare entities as they continue to be targeted by the Hive ransomware group and reports that the U.K. government has been infected with NSO Group spyware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.