In the latest weekly update, ISMG editors discuss the trending themes from the 2022 ISMG Southeast Summit, plans by cryptocurrency exchange Binance to implement security measures to shore up cross-chain vulnerabilities, and the viability of a proposed data flow agreement between the U.S. and Europe.
Fast-fashion clothing giant Shein has been fined $1.9 million by the New York state attorney general for multiple failings tied to a massive 2018 data breach, including substandard password security as well as failing to alert users or force password resets in a timely manner.
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
Cybersecurity firm Eset says its spotted multiple hacks in Israel coming from a Lebanese threat group dubbed Polonium that's affiliated with Iran. The group employs custom-coded backdoors that use a slew of cloud storage accounts to handle command and control.
A ransomware gang published 52 gigabytes of data it says it stole from Consorci Sanitari Integral, a Barcelona health organization of 3,000 physicians and staff. CSI acknowledge a "compromise in data confidentiality" but says its systems are fully recovered thanks to cloud backups.
The toll that cyber incidents can have on healthcare entities and their patients was especially felt this week by the parents of a 3-year-old child who received an accidental megadose of medicine - a mistake attributed to IT systems being offline at an Iowa medical center.
A phishing and fraud prevention vendor has bought a startup founded by Qualys' longtime engineering leader to help organizations more effectively discover and monitor assets. Red Sift says its purchase of Hardenize will help customers assess the security of their digital asset inventory.
The latest ISMG Security Report examines whether banks should be held liable for the rapidly increasing Zelle fraud problem, explores the latest M&A activity among IAM vendors, and discusses the implications of the new legal framework for personal data transfers between the U.S. and Europe.
A former doctor who practiced internal medicine in several states has pleaded guilty in a New Jersey federal court to criminal HIPAA violations in a case that also involved a pharmaceutical salesman and a larger alleged $2.5 million healthcare fraud conspiracy.
A hacker who stole cryptocurrency says he should walk away with the majority of his loot and put that plan up for a vote to the people from who he stole, using votes tied to the stolen cryptocurrency to vote yes. "Seriously though, wtf is wrong with our industry?" tweeted a web3 consultant.
Vista Equity Partners and KnowBe4 have struck a deal to take the security awareness giant private for $4.6 billion in this week's second massive security acquisition. The agreement comes after the Austin, Texas-based investment firm upped its offer by $380 million, or nearly 4%, to $24.90 per share.
Patient portals, electronic prescriptions and some other IT systems are still affected at an undisclosed number of CommonSpirit Health hospitals and clinics in several states more than one week after a cyber incident hit the multistate hospital chain.
Both internal and external fraud are expected to grow as economic conditions worsen. Fraud education expert Andi McNeal shares insights on what anti-fraud practitioners are expecting over the next year, the types of fraud to watch out for and how to mitigate fraud risks.
Self-proclaimed Russian hacktivist group KillNet took responsibility for distributed denial-of-service attacks launched against the public websites of several U.S. airports. It emerged in the wake of Russia's invasion of Ukraine and in May tried to stop online voting for the Eurovision Song Contest.
Business Email Compromise (BEC) losses are up 51% year-over-year according to the FBI Crime Report. Additionally, Ransomware is surging, with more than double the number of incidents reported. It takes a defense-in-depth approach to reduce the risk of these popular threats. By understanding the current threats and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.