Image: Shutterstock

School, Hospital Leaders on Front Lines of Ransomware Attack

Michael Novinson • September 27, 2023

A medical center president and school district IT leader talked to lawmakers Wednesday about lessons learned from their experiences responding to harrowing ransomware attacks. 'The cyberattack was much harder than the pandemic by far,' said Vermont Medical Center President Stephen Leffler.

Cybercrime

How Can FedNow Recruit More US Banks? Lessons From Brazil

Latest

Blockchain & Cryptocurrency

Cryptohack Roundup: $200M Mixin Network Hack

Rashmi Ramesh • September 28, 2023

This week: Mixin Network investigated a $200 million hack, Web3 lost $889 million to hacks, phishing scams and rug during the third quarter, hackers stole $8 million from HTX, Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.

Artificial Intelligence & Machine Learning

Cyber Fail: More Bumbling Cybercrooks, Avoidable Breaches

Anna Delaney , Cal Harrison • September 28, 2023

Welcome to "Cyber Fail" - ISMG's roundup of all that's broken in the world of cybersecurity, where our panel of experts uncovers the fails so we can strengthen our defenses. In this episode, ISMG host Anna Delaney takes on bumbling cybercrooks, avoidable breaches and the ethics of paying a ransom.

Fraud Management & Cybercrime

ShadowSyndicate: A New Player in the RaaS Landscape

Mihir Bagwe • September 27, 2023

An apparently new hacking group has connections to a number of name-brand ransomware-as-a-service groups including Conti spinoffs and possibly Clop, making it a notably versatile addition to the criminal underground. Group-IB researchers dubbed the group ShadowSyndicate.

Cyberwarfare / Nation-State Attacks

Chinese Hackers Target Routers in IP Theft Campaign

Akshaya Asokan • September 27, 2023

A Chinese hacking group linked to state authorities has upgraded its capabilities to target companies with headquarters in the United States and East Asia, warns an alert from Japanese and American cyber agencies. The group, BlackTech, has a customized firmware backdoor tailored for Cisco routers.

Governance & Risk Management

Why OT Security Keeps Some Healthcare Leaders Up at Night

Marianne Kolbasuk McGee • September 27, 2023

It's not just medical device cybersecurity that's keeping some healthcare security leaders up at night - it's also the risks posed by other critical connected gear that patients and clinicians depend upon, said Ali Youssef, director of medical device and emerging tech security at Henry Ford Health System.

Big Data Security Analytics

Why Palo Alto Is Eyeing Data Defense Firm Dig at $300M-$400M

Michael Novinson • September 27, 2023

A data security startup led by a Microsoft and Google veteran and backed by Samsung and CrowdStrike could soon be acquired by Palo Alto Networks. The company is in advanced talks to buy data security posture management startup Dig Security for between $300 million and $400 million.

Cybercrime

Sony Investigating Potential Data Breach

David Perera • September 26, 2023

Sony is investigating an apparent leak of internal data posted onto the dark web and a criminal hacking board by separate criminal actors. Sony is saying little other than, "We are currently investigating the situation, and we have no further comment at this time."

Multi-factor & Risk-based Authentication

CISA Urges Americans to Apply MFA, 'Think Before They Click'

Michael Novinson • September 26, 2023

CISA Director Jen Easterly urged citizens to boost their defenses by choosing strong passwords, opting for multifactor authentication, reporting phishing and enabling automatic software updates. Easterly said users should choose passwords that are complex and unique to each sensitive account.

Artificial Intelligence & Machine Learning

US, South Korea Pledge Strengthened Tech Collaboration

Rashmi Ramesh • September 26, 2023

The United States and South Korea reaffirmed a commitment to mitigate the risks in technologies including AI, 5G networks and cloud computing, while developing an "inclusive approach" to govern their use. The two countries said governance must support the development of trustworthy AI.

Cyberwarfare / Nation-State Attacks

Ukraine Cyber Defenders Prepare for Winter

Mihir Bagwe • September 26, 2023

Ukrainian cyber defenders are girding for an onslaught of cyberattacks against the energy sector as cold weather returns. That warning comes as Kyiv has observed Russian state hackers also stepping up attacks against law enforcement in a likely bid to spy on the gathering of evidence of war crimes.

Artificial Intelligence & Machine Learning

UK's AI Safety Summit to Focus on Risk and Governance

Akshaya Asokan • September 26, 2023

The British government's first-ever global summit on artificial intelligence will focus on mitigating cybersecurity and safety risks tied to the emerging technology. The AI Safety Summit planned for Nov. 1-2 will focus on mitigating risks tied to frontier AI.

Critical Infrastructure Security

US Federal Shutdown 'Dangerous and Irresponsible'

Marianne Kolbasuk McGee • September 26, 2023

A U.S. federal government shutdown would have "immeasurable" damaging effects on the federal government's ability to fight cyberthreats, a top official said Tuesday amid forewarnings that the country should start preparing now for potential cyber interference in the 2024 presidential election.