Identity management company Okta and Microsoft have confirmed breaches by the Lapsus$ group, which has been on a high-profile hacking spree. Okta is facing increasing pressure to more fully describe the impact of its incident, as Okta's identity systems are widely used across enterprises.
The ransomware-as-a-service operation AvosLocker has been amassing "victims across multiple critical infrastructure sectors in the United States," the FBI warns in a new alert that includes known indicators of compromise and tactics employed the group and essential defenses for all organizations.
The U.S. National Rifle Association States reportedly fell victim to a ransomware attack in October 2021. The NRA did not acknowledge the attack at the time, but a recent FEC filing explaining a financial discrepancy has forced it to confirm the ransomware attack and detail its impact.
Researchers have uncovered a full-time initial access broker group that serves both Conti and Diavol ransomware groups. Google's Threat Analysis Group - TAG - observed this financially motivated threat actor, dubbed Exotic Lily, exploiting a zero-day in Microsoft MSHTML tracked as CVE-2021-40444.
Federal authorities are advising healthcare sector entities to take precautions, including enhancing their cybersecurity posture and being prepared to implement four- to six-week business continuity plans, as they continue to face potential cyber incidents related to the Russia-Ukraine war.
In the latest weekly update, four editors at ISMG discuss how Russia's invasion of Ukraine complicates cybercrime ransomware payments, a former U.S. Treasury senior adviser's take on Biden's cryptocurrency executive order, and important points regarding the upcoming identity theft executive order.
The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
Expel is out with its new forward-looking report, “Great eXpeltations,”
and ransomware and cryptojacking are among the topics covered. Jon
Hencinski of Expel and Michael Darling of Venable share insights on attack
trends and how to defend against them.
Download this eBook to learn more about:
Highlights...
Attraverso l’identificazione delle 10 tecniche ATT&CK più comuni utilizzate dagli avversari, The Red Report di Picus Security aiuta i team che si occupano di sicurezza a prioritizzare la prevenzione dalle minacce e gli sforzi nel rilevamento delle stesse.
I risultati sottolineano l’importanza di un approccio...
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
It is critical for medical device manufacturers to take a threat modeling approach early in a product's design stage, say MITRE medical device cybersecurity experts Margie Zuk and Penny Chase, co-authors of the recently released Playbook for Threat Modeling Medical Devices commissioned by the FDA.
As the Russia-Ukraine war continues, healthcare sector entities need to be prepared to deal with potential spillover cyber incidents, says Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware. She discusses current cyber challenges.
The scary fact is that the majority of data breaches are caused by human error. With so many technical controls in place hackers are still getting through to your end users. How are they so easily manipulated into giving the cybercriminals what they want? Well, hackers are crafty. And the best way to beat them is to...
The ransomware-as-a-service group LockBit 2.0 has claimed that it will leak all the stolen data from an attack on tire manufacturer Bridgestone Americas. The attack reportedly came to light in late February, which led to the disruption of some plant operations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.