Leon Ravenna, CISO of KAR Global, starts each day on the job with the expectation that this could be his last. That's how urgent cybersecurity has become, and it's in part why he's driven to dispatch the image of the CISO as the bureaucratic "Dr. No."
A criminal hack attack has disrupted healthcare in Canada's easternmost province and resulted in the theft of patient information and personal details for healthcare employees. The province of Newfoundland and Labrador disclosed the apparent ransomware attack on Oct. 30, and has yet to restore all systems.
The U.S. Department of the Treasury has blacklisted cryptocurrency exchange Chatex, along with a network of entities the department says support it, for allegedly facilitating ransomware-related financial transactions. This action effectively bars Americans from doing business with the company.
A federal grand jury has indicted the owner and manager of several medical testing labs for his alleged connection with more than $100 million in fraudulent COVID-19-related and other healthcare services billing using Medicare beneficiaries' private information.
MediaMarktSaturn Retail group, a German multinational chain of stores, has confirmed to ISMG that it has suffered a ransomware attack. It is reported that the attack was perpetrated by threat group Hive and has affected store operations in the Netherlands, Belgium and Germany.
Trading platform Robinhood says an attacker gained access to its customer support system last week, stole 7 million individuals' names and email addresses and tried to extort the company. More personal details were also stolen for a much smaller group of customers.
The calculus facing cybercrime practitioners is simple: Can they stay out of jail long enough to enjoy their ill-gotten gains? A push by the U.S. government and allies aims to blunt the ongoing ransomware scourge. But will practitioners quit the cybercrime life?
Congress has passed the $1.2 trillion physical infrastructure bill, which will inject $1.9 billion in new cybersecurity funding for the federal government. The bill, long held up in Congress, passed the House on Friday and moves to the desk of President Joe Biden, who plans to sign the measure into law.
Weeks after Israeli officials warned of a wave of attempted cyberattacks on the nation's healthcare sector, Black Shadow hacker group, which allegedly is linked to Iran, has reportedly leaked health data of nearly 300,000 patients of an Israeli network of medical centers.
As ransomware attacks continue to dominate headlines, Quentyn Taylor, a Canon director of information security, cautions organizations not to forget about "some of the other threats, like business email compromise," which continue to cripple organizations through financial and reputational damage.
The U.S. Department of Justice says one Ukrainian man has been arrested and a Russian man indicted for launching devastating REvil ransomware attacks against software company Kaseya and the state of Texas. Separately, Europol announced the arrest of a further five REvil affiliates since February.
Threat actors have breached critical systems internationally by exploiting a recently patched vulnerability in Zoho’s ManageEngine product ADSelfService Plus, with a suspected Chinese threat group leveraging leased infrastructure to scan hundreds of vulnerable organizations.
Following the arrest of suspected Clop ransomware operation members in Ukraine, Red Notices issued by Interpol seek the arrest of six more members of the Russian-speaking crime group, as part of what law enforcement agencies have dubbed Operation Cyclone.
The U.S. deputy attorney general said this week that the nation is ramping up efforts to cripple ransomware operations and other cybercrime through arrests and seizures of ransom payments. The Biden administration has called ransomware a threat to national security and an economic threat.
A recent large hacking incident and a separate vulnerability disclosure involving two different vendors' products related to electronic health records serve as reminders of the potential risks these systems can pose to patients' protected health information.