New bipartisan legislation introduced in the U.S. Senate - the Rural Hospital Cybersecurity Enhancement Act - aims to help address the shortage of cybersecurity skills facing rural hospitals, which increasingly find themselves in the crosshairs of hackers, including ransomware attackers.
Institutional pharmacy PharMerica says personal data of nearly 6 million current and deceased patients was caught up in a March hacking incident. The Money Message ransomware group claims to be the attacker, posting on its dark web leak site multiple spreadsheets the group says contain patient data.
Cybercrime watchers continue to see prolific use of information-stealing malware such as Raccoon and Vidar, which are being used to populate stolen digital identity listings at markets such as Genesis, RussianMarket and TwoEasy, as well as via Telegram channels offering "clouds of logs."
A newly uncovered hacking group with a string of cyberespionage successes is targeting Ukrainian and pro-Russian targets alike. Malwarebytes in a Wednesday dubs the threat actor "Red Stinger," saying the group is the same as the "Bad Magic" threat actor revealed by Kaspersky in March.
In the latest weekly update, ISMG editors discuss how the Feds have dismembered Russia's 'Snake' cyberespionage operation; the ongoing debate over privacy laws and regulations in the APAC region; and why more companies are banning the use of generative AI tool ChatGPT.
A hacker made $34 million from MEV bot attacks, NYDFS penalized Bitflyer for lax cybersecurity, Ishan Wahi was sentenced in the Coinbase insider trading case, the IRS is training Ukraine in blockchain forensics and the New York AG proposed a crypto cybersecurity bill.
In this week's data breach, the spotlight was on Dragos, a guilty plea from a Twitter hacker and cryptocurrency thief and North Korean hackers. Also, Sysco, a Ukrainian border truck queuing system and an update on Western Digital. Plus, a new tool for decrypting partially encrypted files.
Customers want to trust a brand, and that includes trusting it with protecting their digital identity. Joe Burton, Telesign CEO, advised that customers should be part of the "security journey." Explaining why you're asking for information to verify their identities "turns friction from annoying to reassuring."
In the annals of attempting to downplay the impact of a data breach, here's a new one: British outsourcing giant Capita says the hackers who hit it - steling data pertaining to customers, suppliers and employees - accessed "less than 0.1% of its server estate."
Security researchers say a slight modification to a Microsoft Exchange zero day attack used by Russian state hackers can bypass a patch the computing giant introduced in March. Microsoft patched the modified attack during this month's dump of fixes, rating the bug as "important" but not "critical."
A possibly Russian state hacking group has been deploying a novel backdoor dubbed DownEx against international governmental targets located in Kazakhstan and Afghanistan, reports Bitdefender. At least one victim appears to be an embassy located in Kazakhstan.
OTC Markets Group in recent years has gone from having almost sector-specific cybersecurity regulations to highly robust ones, said CISO Vlad Brodsky. Since 2016, the New York-based financial market has been subject to stringent policies and procedures to ensure OTC's cybersecurity and resiliency.
A European Parliament committee investigating commercial spyware tools such as Pegasus recommended new regulatory safeguards but dropped a preliminary call for a moratorium. Members condemned "major violations of EU law in Poland and Hungary" for those governments' use of commercial spyware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.