HHS OCR: If Old Gear Cannot Be Replaced, Take Other Steps to Protect PHIFederal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices – including specialty software and gear – that […]
Ransomware Evolves: Affiliates Set to Wield Greater Power
Operators Left Exposed After Overreaching, Says McAfee Enterprise’s John FokkerHow is the ransomware ecosystem set to evolve? Since some operations overreached – notably with DarkSide’s hit on Colonial Pipeline – “what we’re seeing … is that there is going to […]
Celebrities’ Data Dumped on Darknet Site After Hack
London-Based Graff Jeweller’s Clients Include High-Profile CelebsThe Conti cybercrime gang, known for ransomware attacks, has reportedly leaked details of world leaders, actors and business tycoons after a strike at jeweler Graff. The organization is working with law enforcement and has […]
Multinational Police Force Arrests 12 Suspected Hackers
Threat Actors Believed Responsible For More Than 1,800 Ransomware AttacksThe suspected cyber actors behind deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary from eight […]
Federal CISO DeRusha Named Deputy National Cyber Director
Director Chris Inglis Also Outlines Vision for NCD Office, Level of AccountabilityNational Cyber Director Chris Inglis on Thursday announced that Federal CISO Chris DeRusha will concurrently serve as his deputy at the newly created office. Inglis, a Senate-confirmed top adviser […]
Healthcare System Phishing Breach Affects 209,000
Academic Medical Center Says Access to Email Accounts Lasted MonthsMassachusetts-based UMass Memorial Health is the latest large healthcare network to report an email phishing incident that potentially compromised hundreds of thousands of individuals’ protected health information. The unauthorized email access […]
Countries Team Up to Issue Video Teleconference Guidance
After Consulting With VTC Providers, Authorities Recommend End-to-End EncryptionSix national data protection and privacy authorities – from Australia, Canada, Gibraltar, Hong Kong SAR, China and Switzerland – have joined with the U.K. information Commissioner’s Office to issue guidance to video […]
WordPress Plug-In Bugs Put 1 Million-Plus Sites At Risk
Exploitation May Have Exposed REST-API Endpoints on Sites, Researchers SayOptinMonster, a WordPress plug-in used in more than 1 million websites for sales campaign creation, was vulnerable to high-severity bugs, according to Wordfence researchers. An updated version of the plug-in has […]
Enterprise Backups Are Becoming Targets for Cybercriminals
VMware’s Tom Kellermann on Defending Against Ransomware AttacksIn ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Therefore, it is essential to have multiple backups, says […]
ISMG Editors: Solving the Ransomware Problem Together
Also: Increasing Diversity and Inclusion in CybersecurityFour ISMG editors discuss important cybersecurity issues, including law enforcement authorities’ disruption of ransomware gang REvil’s operations, how to collaborate as an industry to fight the surge in ransomware attacks hitting businesses, and increasing […]