In the latest weekly update, ISMG editors discussed why crypto-seeking drainer scam-as-a-service operations are thriving, a novel legal move that recovered a hospital's stolen data, and a ground-breaking case involving bitcoin that could streamline recovery for victims.
Arati Prabhakar, director of the White House's Office of Science and Technology Policy, said during an event at the 2024 World Economic Forum that generative artificial intelligence has the potential to "dramatically accelerate and amplify the erosion of information integrity."
Hackers aligned with the Iranian state are masquerading as journalists to target Middle East experts and deploy a new custom backdoor that supports the Iranian government's spying agenda. Tehran may be harvesting perspectives on the Israel-Hamas conflict, according to Microsoft.
The American Hospital Association is warning of increasingly sophisticated social engineering scams targeting hospital IT help desks with schemes involving the stolen credentials of revenue cycle and other finance employees to commit payment fraud against the institutions.
This week, the U.S. SEC assessed its X account hack, attackers stole $3.3M from Socket, Do Kwon got a new trial date, Alex Mashinsky sought to dismiss charges, Google Play Store removed crypto apps for India users, IRS clarified crypto asset reporting and South Korea mulled crypto mixer legislation.
A Russian domestic intelligence agency hacking group known for long-lasting logon credential phishing campaigns against Western targets is now deploying malware embedded into PDFs, say security researchers from Google. "Coldriver" is using a family of backdoors Google dubs Spica.
Switzerland's federal government reports that multiple federal agencies' public-facing sites were temporarily disrupted by distributed denial-of-service attacks perpetrated by a self-proclaimed Russian hacktivist group "as a means of gaining media attention for their cause."
OpenAI said it is taking steps to prevent use of its models in online influence operations throughout the 2024 election season, amid growing concerns about election security and increasing fears that political deepfakes and AI-generated election misinformation could significantly disrupt democracy.
The ubiquity and anonymity of cryptocurrencies are fueling economic, legal and ethical challenges that put healthcare entities in the crosshairs of cybercriminals, said David Hoffman, general counsel of Claxton-Hepburn Medical Center, which recently filed a lawsuit against ransomware gang LockBit.
Digital money is energizing Southeast Asian organized crime as a method for money laundering and as a way of reaping new revenue, warn experts who say that tether plays a heavy role in the rapidly evolving state of law-breaking in Myanmar, Thailand and elsewhere.
Cryptocurrency phishing scams designed to send crypto owners to fake versions of legitimate sites, recently disseminated via hijacked high-profile social media accounts, highlight the ongoing use of drainer scam-as-a-service offerings, which researchers say last year led to $295 million in losses.
Estimates of the number of devices affected by a duo of zero-days in a popular corporate VPN made by software developer Ivanti have skyrocketed from fewer than 10 to over 1,700. The flaws affect the firm's Connect Secure VPN appliance, formerly known as Pulse Secure, and Ivanti Policy Secure.
Consumer groups continue to fight for banks to reimburse victims of authorized push payment scams, but regulators in some countries including the United Kingdom and Australia are looking for ways to tighten controls, said Ken Palla, fraud expert and retired director at MUFG Union Bank.
A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit. The hospital group had filed a lawsuit against LockBit as a legal maneuver to force the storage firm to return data the cybercriminals had stashed on the vendor's servers.
A Mississippi health system is notifying nearly 253,000 individuals that their data was potentially compromised in a "malicious and sophisticated ransomware" attack last August that also took IT systems offline. The cybercriminal gang Rhysida had claimed responsibility for the assault.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.