Smartphones used by Spain's prime minister and defense minister were infected with Pegasus spyware built by Israel's NSO Group, government officials allege. The discovery follows human rights researchers finding Pegasus infections targeting Catalonians, likely traceable to the Spanish government.
Auditors have once again rated the Department of Health and Human Services' information security program as "not effective," citing several areas of weaknesses, including issues related to risk management, information security continuous monitoring and contingency planning.
As one embarks on a zero trust journey, it's best to start with a network approach, according to Amit Basu, who is vice president, chief information officer and chief information security officer at International Seaways, a New York-based tanker company.
As ransomware-wielding attackers continue to target businesses large and small, the organizations that respond best and escape most unscathed from such attacks are those that already have in place well-honed, rehearsed plans, says ransomware expert and attorney Guillermo Christensen of Ice Miller.
New cyber incident reporting rules are set to come into effect in the U.S. on May 1. Banks in the country will be required to notify regulators within 36 hours after an organization suffers a qualifying "computer-security incident." What does this mean for banks, and what are the likely challenges?
Recent incidents affecting the sensitive information of tens of thousands of individuals underscore the ongoing threats and risks facing organizations that handle health and other delicate personal information, including a community health center and a social services agency.
In this edition, four ISMG editors discuss important cybersecurity issues, including how virtual currency Monero is becoming the main alternative to Bitcoin as the crypto choice for criminals, the challenges involved in an identity-centric Zero Trust approach and how to influence change in culture.
Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
The healthcare industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency. Errol Weiss of Health-ISAC says the industry as a whole lacks resources.
Ransomware attacks have come storming back after experiencing their typical end-of-the year decline. Security researchers report that the greatest number of known victms has been amassed by Lockbit, followed by Conti, Hive and Alphv/BlackCat.
There were no CISOs when Marene Allison started her career. There was not even a cybersecurity discipline. But starting with a distinguished stint in the military, she has progressed through the public and private sectors - including time with the FBI - to become CISO for Johnson & Johnson.
As one of the architects of Israel's offensive Red Team intelligence unit and Incident Response Team, Reuven (Rubi) Aronashvili, CEO of Israeli cybersecurity company CYE, provides a highly informed view of current cyberwarfare in the Russia-Ukraine war, including how it differs from kinetic warfare.
The Five Eyes intelligence alliance has released a set of the 15 most routinely exploited vulnerabilities in the past year. Nine of the 15 vulnerabilities allow remote code execution, and the rest include privilege escalation, security bypass and path traversal, among other flaws.
The American Dental Association allegedly was hit with an attack by new ransomware group "Black Basta." ADA is the latest medical professional organization to have a cyber incident disrupt services and potentially affect members' information. Tenet Health also experienced a cyberattack last week.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.