Ukraine should brace for more Russian wiper and ransomware attacks, concluded a panel of cyber threat intel experts and government officials in a report assessing the cyber dimensions of Moscow's ongoing war of conquest against its European neighbor.
Hackers who turned a zero-day in Fortra's GoAnywhere software into a bonanza of ransomware attacks for Russian-speaking extortion group Clop first penetrated the company's software in January. Hackers exploited some on-premises instances of the file transfer software as early as Jan. 18.
Attacks on software supply chains can be difficult to detect yet devastating if one has occurred. But organizations can take steps to limit the risk from their suppliers, says Vikram Asnani, senior director of solution architecture with CyberGRX.
Between April 14 and 20, hackers stole $23 million from Bitrue, $7 million from Hundred Finance and $10.5 million from 11 blockchains. The SafeMoon hacker returned 80% of the stolen $8.9 million, MetaMask suffered a third-party breach and Kyber Network advised LPs to withdraw funds from Elastic.
North Korean hackers' attack on desktop phone developer 3CX was the fruit of a separate and previously undisclosed supply chain attack on a financial trading software developer, is the conclusion of the Mandiant forensics team brought in to investigate.
The global commercial spyware market will expand over the next five years as demand for advanced surveillance tools by governments surges, says a new report from the U.K.'s National Cyber Security Center. The NCSC assesses that at least 80 countries have purchased advanced spyware apps.
The U.S. weapons arsenal developed without a zero trust architecture is at growing risk from cyberattacks, lawmakers heard today in a panel dedicated to how artificial intelligence can simultaneously help and hurt efforts to protect warfighters from digital attacks.
An Iranian state hacking group shifted from espionage to direct targeting of U.S. critical infrastructure - a likely indicator of newfound aggression by the national security apparatus, says Microsoft. One sign of Iran's new intensity is quicker uptake of exploits of newly disclosed vulnerabilities.
The Russian government continues to use an array of phishing attacks and information operations - including hack-and-leak efforts and running hacktivist groups such as CyberArmyofRussia - to support its illegal invasion of Ukraine, Google researchers report.
Generative AI tools such as ChatGPT will undoubtedly change the way clinicians and healthcare cybersecurity professionals work, but the use of these technologies come with security, privacy and legal concerns, says Lee Kim of the Healthcare Information Management and Systems Society.
Vendors should be more transparent and faster in communicating when they experience a breach or other security incident that affect clients' data, says Anahi Santiago, CISO at ChristianaCare. "Sometimes we find out about these incidents through our third-party monitoring systems," she said.
U.S. law enforcement says a troll farm operated by the Chinese Ministry of Public Security used fake Facebook and Twitter accounts to disseminate propaganda and harass dissidents located in the United States. The troll farm was part of a Chinese effort known as the 912 Special Project Working Group.
Healthcare sector entities have a special mix of identity and access management challenges, but other factors, including the shortage of skilled cybersecurity expertise, create even more obstacles, says Dave Summitt, vice president, cybersecurity, at Florida Cancer Specialists & Research Institute.
Healthcare entities of all types and sizes could be the next targets of major cybersecurity attacks, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency. Healthcare firms need to be vigilant against ransomware, DDoS and medical device breaches, he said.
New resources released Monday from a high-profile federal advisory group provide insights into the state of healthcare sector preparedness and best practices for dealing with evolving cyberthreats, according to Erik Decker, CISO of Intermountain Healthcare and co-chair of the task force.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.