Lisa Sotto of Hunton Andrews Kurth LLP joins three ISMG editors to discuss important cybersecurity and privacy issues, including data breach preparedness, the evolution of LockBit 3.0 and the potential impact of the Cyber Incident Reporting for Critical Infrastructure Act of 2022.
Here's unwelcome ransomware news: When a ransomware victim chooses to pay a ransom, the average amount has increased to $228,125, reports ransomware incident response firm Coveware. On the upside, however, big-name ransomware groups are having a tougher time attracting affiliates.
Another proposed federal class action lawsuit alleges Facebook uses its Pixel tracking tool to collect millions of individuals' sensitive health data from healthcare provider websites without patients' knowledge or consent. HIPAA prohibits the use of PHI for marketing purposes without consent.
Fifty bucks gets cybercriminals access to a phishing-as-a-service platform for campaigns impersonating major brands in the United States and other English-speaking countries. Researchers from IronNet say the prices offered on "Robin Banks" are substantially less than comparable service providers.
Microsoft is revealing details of an advanced spyware campaign in a bid to neutralize its effectiveness. It fingers Austrian firm DSIRF as responsible for coding malware known as "Subzero," which Microsoft researchers dub "Knotweed." Pressure is mounting on companies that supply spyware apps.
Since the decline and fall of the Conti ransomware brand earlier this year, LockBit appears to have seized the mantle, listing more victims on its data leak site than any other. Experts say the group's focus on technical sophistication and keeping affiliates happy remain key to its success.
In March of 2020, DeVry University had 40 active campuses across the United States. Then the pandemic hit, and those that were receiving on-site classes were swiftly converted to remote learning. The cybersecurity challenges were immediate and huge, and CISO Fred Kwong shares how he tackled them.
The ISMG Security Report analyzes a settlement with the U.S. Justice Department, in which Uber accepts responsibility for a data breach cover-up to avoid criminal charges. It also discusses why early-stage startups are conserving cash and recent initiatives from the U.S. Federal Trade Commission.
Data breaches in the healthcare sector cost about $10.1 million - more than double the average cost of breaches across other industries - once again ranking the sector as having the most expensive data breaches, says Limor Kessem, principal consultant of cyber crisis management at IBM Security.
The report from Israeli publisher Globes that CrowdStrike plans to spend $2 billion buying one or more Israeli cybersecurity companies sent shockwaves through the industry. Here's a look at six security startups with a large presence in Israel that could be a good fit for CrowdStrike.
The chairman of the U.S. House Intelligence Committee vowed more action against makers of advance spyware such as Israel's NSO Group while witnesses pressed the panel to commit the intelligence community's resources to disrupting spyware companies.
Human and PerimeterX will join forces to prevent fraud and account abuse and address a broader range of use cases. The combination will create a bot mitigation monster with 450 employees, more than $100 million in annual recurring revenue and more than 500 customers across media and e-commerce.
While reports of big health data compromises involving unencrypted computers have been sinking for years, the recent theft of an iPad from a locked storage room - along with the tablet's password - is a reminder that mobile device mishaps can lead to breaches affecting tens of thousands of patients.
A nice $10 million awaits tipsters capable of providing the U.S. federal government with information leading to the identification of state-sponsored hackers who attack systems vital to America's day-to-day operations. Of special interest are hackers employed by North Korea.
A recent Securities and Exchange Commission filing by Tenet Healthcare, a major Dallas-based healthcare delivery organization, provides the latest public peek into the hefty impact a disruptive cyber incident can have on a healthcare entity's finances.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.