The current and former owners of CafePress, a site for selling customizable merchandise, have agreed to a draft Federal Trade Commission settlement tied to multiple security shortcomings that failed to prevent or detect a 2019 data breach that exposed 22 million users' account details.
This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.
War in Ukraine continues into its third week, and Russia is closing in on major Ukrainian cities, upping its targeting of civilian infrastructure. In the U.S., cybersecurity officials continue to urge a "Shields Up" approach - while the digital conflict has devolved deeply into the underground.
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
It is critical for medical device manufacturers to take a threat modeling approach early in a product's design stage, say MITRE medical device cybersecurity experts Margie Zuk and Penny Chase, co-authors of the recently released Playbook for Threat Modeling Medical Devices commissioned by the FDA.
A proposed class action lawsuit against a Montana-based healthcare organization after a recent hacking incident affecting 214,000 individuals - the entity's second significant breach since 2019 - alleges, among other claims, that the entity was negligent when it failed to protect sensitive data.
What are the ethics of paying ransom to cybercriminals who might be working as a proxy cyber force in support of Russia's invasion of Ukraine? Realistically, whether or not to pay often comes down to a business decision. But Russia's invasion further complicates the optics for ransomware victims.
Ukraine's cybersecurity authority says the country is fighting its first-ever hybrid war - combining conventional and digital warfare strategies and tactics. In this time of high alert, Rob Dartnall of Security Alliance calls for organizations to develop their threat intelligence capabilities.
Hacking group MuddyWater, linked to the Iranian Ministry of Intelligence and Security, is targeting Turkey and the Arabian Peninsula to conduct espionage and intellectual property theft and to deploy ransomware and destructive malware. The campaign uses malicious documents to deploy RATs on systems.
International hacking collective Anonymous on Thursday announced that it has hacked the Russian censorship agency known as Roskomnadzor. The group released 364,000 files it says show intensified censorship around the perception of the Ukraine invasion, which began in late February.
After months of political infighting, a landmark cybersecurity provision requiring critical infrastructure providers to report security incidents and ransom payments has passed both chambers of Congress and now heads to President Joe Biden's desk. The mandate is part of an omnibus spending bill.
Despite the drumbeat that began about a decade ago for healthcare entities to bolster their identity and access management, it is still an "incredibly weak" area for many, Lee Kim of HIMSS says. She discusses the effects of cyberattack trends and the Ukraine-Russia War on healthcare organizations.
Cybersecurity in Russia right now is complicated, owing to reprisals over its Ukraine invasion, leading to Russia launching its own root certificate to keep sites online; facing down "Russians only" RURansom wiper malware; and Avast being the latest business to suspend all operations in the country.
Ari Redbord of TRM Labs joins editors at ISMG to discuss President Biden's executive order on digital assets, the role of cryptocurrency in the Ukraine-Russia war and nuances for ransomware victims who consider paying a ransom, and trends in regulatory guidance and leadership for digital currency.
The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.