In the latest weekly update, ISMG editors discuss how online markets selling illegal substances are moving to Android apps to evade authorities, how check fraud, first-party and AI-related fraud will increase in 2023, and how Chinese state-sponsored actors may benefit from Russia's war in Ukraine.
As regulators push healthcare entities and vendors to make it easier for patients to access their electronic health information, organizations must balance compliance with the prevention of potential security breaches, says attorney David Holtzman of HITprivacy LLC.
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...
Hackers are going downstream in their attacks on healthcare sector entities and their third-party business associates because in many cases, these cybercriminals have already hit up the larger players, says Michael Hamilton, CISO of security firm Critical Insight.
Darknet markets offering illegal drugs and fraudster tools and services are thriving, despite the constant threat of law enforcement infiltration, disruption, takedown and arrests. In response, multiple drug markets have launched customized Android apps to handle buying, selling and fulfillment.
Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained access by exploiting weakly configured PostgreSQL containers and vulnerable container images.
Many of the major health data breaches being reported to regulators reflect a variety of poor practices by business associates, including retaining sensitive patient information for much longer than necessary, says Kate Borten, president of The Marblehead Group.
Check fraud, first-party fraud and AI-related fraud will increase on a massive scale in 2023, thanks in large part to growing insider threats and the global economic slowdown. Frank McKenna, chief fraud strategist at Point Predictive, explains how banks can prepare to tackle these types of scams.
As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the threat actors. However, there’s an...
The United Nations will commence a hearing for its first-ever global treaty on cybercrime this week to focus on state response to cybercrime and coordinated intelligence sharing. The proposed treaty seeks to legally categorize various cybercrimes and develop a unified international response.
A financially motivated threat actor called Blind Eagle returned from its hiatus and is conducting an ongoing campaign directed at Spanish-speaking targets in the banking industry in Colombia and Ecuador. The hacking group appears to have updated its tools and infection chain.
Potential regulatory policy moves by the federal government could help healthcare entities dedicate more resources to bolstering their cybersecurity efforts, says Greg Garcia, executive director of cybersecurity at the Health Sector Coordinating Council.
In the latest weekly update, ISMG editors discuss how collaboration platform Zoom has strengthened its security features, the implications of a new law on medical device security for patient safety, and details on how a zero-day exploit enabled the ransomware hit on cloud computing firm Rackspace.
Hosting giant Rackspace says the recent ransomware attack resulted in Microsoft Exchange data for 27 customer organizations being accessed by attackers. But it says a digital forensic investigation has found "no evidence" that attackers "viewed, obtained, misused or disseminated emails or data."
Expect the recently leaked database containing over 200 million Twitter records to be an ongoing resource for hackers, fraudsters and other criminals operating online, experts warn. Though 98% of the email addresses have appeared in prior breaches, bad actors can merge databases and do more damage.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.