A Massachusetts-based medical management firm holds the dubious honor of being the first ransomware victim fined for a data breach by the Department of Health and Human Services. Doctors Management Group agreed to a $100,000 financial settlement and three years of HIPAA compliance monitoring.
Researchers have discovered an underground offering with the codename "Prolific Puma," which since 2020 has been the "largest and most dynamic" cybercrime link-shortening service on the market. Attackers use it to better target victims with phishing campaigns, scams and malware.
The recently ended ISMG Financial Services Summit was dedicated to fortifying cybersecurity preparedness in the financial services industry. Thought leaders guided critical discussions on cybersecurity topics such as critical infrastructure, incident response, supply chain threats and zero trust.
Proofpoint has agreed to purchase a cloud email security provider founded by HSBC, RBS, Santander and UBS alumni to apply artificial intelligence to evolving threats. The proposed acquisition of Boston-based Tessian will help Proofpoint address common forms of data loss including data exfiltration.
North Korean hackers are spreading malware through known vulnerabilities in legitimate software. In a new campaign spotted by Kaspersky researchers, the Lazarus group is targeting a version of an unnamed software product for which vulnerabilities have been reported and patches are available.
In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.
Hospitals, clinics and doctor practices have long fallen victim to cyberattacks and breaches kicked off with phishing emails. But with the advent of AI-augmented phishing, the lures are more convincing and could lead to even more scams targeting healthcare organizations, federal authorities warned.
"We're doing fine, but we're not OK." This was the opening comment from Michael Yehoshua, CMO of HolistiCyber, discussing the impact of the Israel-Hamas war. Yehoshua shared his insights about the conflict, its historic perspective and how his and other Israeli companies are focused on resilience.
A Biden administration executive order on artificial intelligence on deck for release next week will result in governmentwide standards for agencies already using the emerging technology, a top White House official said. NIST is expected to play a key role in executing the order.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential-stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
This week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline.
Welcome to "Cyber Fail." In this ISMG program, our experts uncover fails so we can strengthen our defenses. In this episode, we take on deepfakes, hallucinating chatbots, the fate of humanity and why you should never put your trust in a ransomware gang.
This week: Sam Bankman-Fried says he'll testify, FinCEN proposed recording crypto transactions involving mixers, a financial investigation firm used NFTs to track stolen funds, Atomic Wallet froze $2 million of $100 million in hacked funds and advocates challenged the US SEC's Binance lawsuit.
The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: long-timer LockBit followed by newcomer LostTrust, with other new groups also having a notable impact.
A financially motivated hacking group is becoming more aggressive, leading Microsoft to dub it "one of the most dangerous financial criminal groups." Octo Tempest is the rare English-speaking affiliate of Russian-speaking ransomware group BlackCat.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.