This edition of the ISMG Security Report discusses how Australian health insurer Medibank is facing stark consequences for not paying a ransom to a group of cyber extortionists, how to limit unnecessary cybersecurity exposure during M&A, and how to manage challenges in hybrid environments.
The stark consequences of ransomware became painfully clear in Australia this week as attackers began releasing data from health insurer Medibank, one of the country's largest health insurers. Also, leaked chat logs reveal how the attackers accessed Medibank's systems.
Hacktivists fighting a proxy online battle against Russia after its invasion of Ukraine claim to have dumped online a trove of files from the Central Bank of Russia. The IT Army of Ukraine also claimed to have disrupted payments processing at Moscow's Alfa Bank.
The Red Cross symbol has marked people and facilities off-limits to attack across a century of wars, but security experts are skeptical about a proposal to create a digital Red Cross marker to protect healthcare and humanitarian groups from cyberattacks. The reason? You can't trust cybercriminals.
In this episode of "Cybersecurity Unplugged," Dr. Chris Miller, an associate professor of international history at the Fletcher School at Tufts University, discusses the cybersecurity aspects of the Russia-Ukraine war and how perceptions of the two countries may have been inaccurate.
A Dutch member of the European Parliament accused the European Union of weakness in the face of a threat to democracy posed by advanced spyware apps such as the NSO Group's Pegasus. Sophie in ’t Veld called for a moratorium on such apps and for a supranational crackdown.
The healthcare industry should be aware of Iranian hackers using social engineering techniques, says the U.S. federal government. Hackers sponsored by Tehran layer on the social media deception, warns the Department of Health and Human Services' Health Sector Cybersecurity Coordinating Center.
It's been a year since Beijing imposed regulations requiring disclosure to authorities of vulnerabilities - a period that correlated with an uptick in zero-day exploitation by Chinese state-backed hackers, says computing giant Microsoft. China is likely stockpiling and weaponizing the disclosures.
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
Who is attempting to extort Australian health insurer Medibank? Why did Medibank tell its attackers it wouldn't pay a ransom? Will this deter future cyber extortionists? Here are a few thoughts on the high cybercrime drama playing out.
Federal agents seized more than 50,000 in bitcoin stolen from Silk Road a decade ago by a man who until recently owned a Tennessee real estate development firm. James Zhong, 32, pleaded guilty Friday to one count of wire fraud while prosecutors seek to formally claim the cryptocurrency.
A Georgia-based home health and hospice provider will pay $425,000 to Massachusetts to settle litigation stemming from a 2020 breach affecting about 166,000 individuals nationwide. The agreement comes shortly after Aveanna Healthcare settled a proposed class action lawsuit in federal district court.
Cybersecurity basics are still an overlooked ransomware defense, Lindy Cameron, CEO of the National Cyber Security Center, told the CyberScotland Summit in Scotland. "We still think that 90% of incidents in the U.K. could have been prevented if people had followed the basics," she said.
Embattled Australian private health insurer Medibank says it won't pay hackers' extortion demand, saying it can't trust cybercriminals to delete personal data. A ransomware gang claiming affiliation with REvil is threatening to publish the data, which Medibank says affects 9.7 million individuals.
Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.