A ransomware attack in May that and compromised the sensitive information of 319,500 individuals, including addiction treatment center patient data, has so far generated three proposed federal class action lawsuits against the Pennsylvania real estate firm that owns the medical group.
Legacy DLP is broken due to excess complexity, extended time to value and misalignment with security and business goals, said Next's Chris Denbigh-White. Addressing insider threats in a meaningful way is one of the biggest data protection challenges for organizations, he said.
International law enforcement agencies say they arrested the mastermind of a French-speaking cybercriminal syndicate dubbed Opera1er for carrying out more than 30 successful attacks against financial institutions, banks, mobile banking services and telecommunications companies.
Organizations need to adopt a creative approach when building policies around the legal, commercial and reputational risks raised by generative AI tools - such as with privacy, consumer protection and contractual obligations, said legal expert Anna King of Markel.
Every week, ISMG rounds up cybersecurity incidents in the digital assets world. This week, a Poly Network hacker stole $10 million, Belarus mulled banning P2P crypto payments, the Ethereum community proposed a new security standard and Russia raised $20 million in crypto.
The world is moving on from magnetic stripe payment cards, with one notable exception: the United States. Credit card issuers, banks and consumers agree the magnetic stripe is prone to hacking - so why is one of the largest markets for plastic payment still clinging to decades-old technology?
Ransomware believed to originate from the Russian LockBit 3.0 group locked up computer systems for the Port of Nagoya, Japan's largest cargo hub. The attack held up shipments of Toyota auto parts containers for two days, but the port reopened Thursday morning.
A Chinese nation-state group is hacking foreign affairs ministries and embassies across Europe, employing a sophisticated HTML-smuggling technique to deliver the insidious PlugX remote access Trojan to compromised systems. The technique raises concern about the security of diplomatic institutions.
A hacker suspected to be based in Mexico is targeting financial institutions using "relatively unsophisticated" tools but is achieving a high degree of success among banking customers, SentinelOne said. The threat actor also offers smishing as a service.
CISO Ian Thornton-Trump said he is opportunistic about using chatbots but warns that the technology needs oversight and testing to ensure "the responses that it's giving are accurate and the information it's able to access is also pertinent to the questions that are commonly asked."
Experts believe China's revised Counter-Espionage Law gives the Chinese Communist Party the power to retaliate against Western financial and technological sanctions and also control rising discontent among Chinese citizens. The law went into effect on Saturday.
A Tennessee medical clinic and surgical center is notifying more than half a million patients and employees that their personal information may have been stolen by cybercriminals in an April cyberattack that disrupted healthcare services for several days.
Over five dozen British academics joined a widening group of technology firms and privacy groups in criticizing a U.K. government bill aimed at protecting children from online harassments by weakening encryption. In an open letter, they said the bill is "doomed to fail."
Russia has relied on blunt-force cyberattacks in Ukraine to inflict maximum damage rather than turning to new techniques. In many cases, Ukrainian defenders are flying blind because Russian wiper malware is designed to evade most security controls, said Mandiant CEO Kevin Mandia.
Hackers kept pace with the rapid evolution of blockchain systems, stealing about $920 million in the first half of 2023. Cybercriminals attacked smart contracts, phished victims and stole from crypto exchanges in dozens of security incidents through June 30.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.