Advocate Aurora Health has agreed to pay $12.25 million to settle consolidated class action claims that the Illinois-based hospital chain invaded patient privacy by using tracking codes on its websites and patient portal, according to a preliminary settlement plan in Wisconsin federal court.
Property listings nationwide are being disrupted due to an apparent ransomware attack against California-based Rapattoni, which hosts Multiple Listing Services used by real estate brokers to list, market and sell properties. Rapattoni said it's not clear when its systems might be back online.
The LockBit ransomware-as-a-service group may have become a victim of its own success, having grown "too fast and too quick," to the point where its infrastructure and ability to handle affiliates' requests is lagging, leading many to desert the operation, says ransomware researcher Jon DiMaggio.
U.S. authorities seized a web-hosting company used by ransomware hackers in a joint operation with Polish authorities that resulted in the arrest of five individuals and the indictment of the site's owner. The site, LolekHosted, now displays a banner showing its seizure by the FBI and the IRS.
Public companies disclosing a cyber incident under the new U.S. reporting requirements should focus on the business impact and stay away from the technical pieces, said Venable's Grant Schneider. The disclosure should examine how the incident will affect revenue, profitability and public perception.
German intelligence is warning Iranian expatriates about a state-sponsored espionage campaign driven by individualized social engineering techniques. Iran's authoritarian regime has long surveilled its Western diaspora in campaigns that have included cyberespionage, assassinations and terrorism.
In the latest weekly update, ISMG editors discuss the White House's debut of a $20 million contest to exterminate bugs with AI, a New York man admitting to being behind the Bitfinex hack, and a new malware campaign that is targeting newbie cybercriminals in order to steal sensitive information.
In an after-action report on how the Lapsus$ crime group hacked "dozens of well-defended companies with low-complexity attacks," the U.S. Cyber Safety Review Board urges organizations to implement more robust two-factor authentication systems, plus regulations to combat SIM swapping.
A nonprofit firm that administers government dental programs in Canada paid a "substantial" ransom for a decryptor key and the destruction of data stolen in a recent ransomware attack. But the company is now notifying nearly 1.5 million individuals that the hack compromised their data.
Threat actors are taking control of cloud-based Microsoft 365 accounts of C-suite executives using a multifactor authentication phishing tool. Proofpoint researchers say attackers use automation to identify in real time whether a phished user is a high-level profile company official.
A Chinese state-sponsored spy group called RedHotel has emerged as a dominant espionage agent against government entities of at least 17 countries worldwide. Researchers said the motives and operations of the group closely link it to China's Ministry of State Security.
At least 637 organizations have now confirmed that they were affected by the zero-day attack on MOVEit file-sharing servers that began in late May, collectively affecting 41 million individuals, report cybersecurity researchers who've been tracking the impact of Clop's data-theft campaign.
In this week's roundup of digital assets-related cybersecurity incidents, Fireblocks found bugs in 15 crypto wallets, Curve Finance recouped most stolen funds, ethereum saw a high flow of illicit funds, the NFT faded more, the U.K. posted crypto crimes jobs and South Korea arrested Bitsonic's CEO.
Ransomware incidents are down, but the volume and impact of targeted attacks are on the rise. These are among the findings of the new Global Threat Landscape Report from Fortinet's FortiGuard Labs. Fortinet's Derek Manky shares analysis of this report and insights on the cybersecurity trends that will influence how we...
An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. The site, 16shop, sold phishing kits that targeted more than 70,000 people in 43 countries.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.