What's behind the profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business models and at least one case of a ransomware group leader with poor morale-building skills.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Four years ago, federal regulators started sending a message to healthcare entities about the need to give patients timely access to their health records. Insurer UnitedHealthcare, the 45th firm penalized for potential "right to access" violations, agreed to an $80,000 fine and corrective action.
Spain is set to launch Europe's first-ever artificial intelligence regulatory agency as the trading bloc finalizes legislation meant to mitigate risks and ban AI applications considered too risky. Madrid said its goal is to foster AI that is "inclusive, sustainable, and centered on citizens."
Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed against Prudential seeks 10 years of prepaid identity theft monitoring services instead of the usual two.
AI holds great promise for certain applications in healthcare, particularly around clinical research, but security leaders - and others involved in governance within medical institutions - must be ready for the implications, said John Frushour, CISO of New York-Presbyterian Hospital.
Recent legal actions against CISOs have spawned a debate on whether security leaders should be held accountable for security incidents. CISOs should manage this shifted liability through real-time documentation and collaboration with law enforcement, said attorney Stephen Reynolds.
Sharing information and threat intelligence "collectively" is critical in order for health and public health sector entities to be able to defeat their cyber adversaries, said Nitin Natarajan, deputy director of the Cybersecurity Information and Security Agency.
The Food and Drug Administration's newly enhanced authority over medical device security - as granted by a funding bill signed into law last year - is "transformative" in raising the bar on what is expected from makers in their product submissions to the agency, said Dr. Suzanne Schwartz of the FDA.
U.S. intelligence agencies are warning about unnamed foreign intelligence entities targeting the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading U.S. satellite capabilities. They say space-related innovation is a valuable target.
The federal agency that enforces HIPAA is heavily focused on investigations of potential violations involving online tracking tools in healthcare websites that impermissibly transmit sensitive patient information to third parties, said Susan Rhodes of the Department of Health and Human Services.
Advocate Aurora Health has agreed to pay $12.25 million to settle consolidated class action claims that the Illinois-based hospital chain invaded patient privacy by using tracking codes on its websites and patient portal, according to a preliminary settlement plan in Wisconsin federal court.
Duo offers a variety of features that can help you secure your organization's resources quickly and easily, including Multi-factor authentication (MFA), Device verification and Risk-based policies
A global law firm that handles data breach litigation is faced with defending itself against a proposed class action lawsuit filed in the aftermath of its own data breach. The lawsuit stems from a March hacking incident at San Francisco-based Orrick, Herrington & Sutcliffe.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.