Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group accused of using wiper malware to disrupt the Ukrainian national Media Center has close ties with the Russian GRU, investigators say.
A pro-Kremlin hacking group with a history of launching distributed denial-of-service attacks took its annoyance tactics to Germany following Berlin's announcement that it will ship Leopard 2 battle tanks to Ukraine's front lines. A German government spokesperson said the attacks had minimal effect.
In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether Chat GPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.
As ransomware continues to pummel numerous sectors, and lately especially the manufacturing industry, how does any given organization end up becoming a target or victim? Cybercrime watchers say the answer involves initial access brokers, botnets, targets of opportunity and, above all, profit.
Russian and Iranian state-sponsored hackers are using advanced social engineering tactics to target journalists, defense organizations and academic and civil society organizations in the U.K. for cyberespionage campaigns, the British National Cyber Security Center warns.
Two hacking breaches - one at a non-profit provider of foster care, mental health and substance treatment services, and the other at a provider of behavioral health services - have affected sensitive information of nearly 400,000 individuals.
Meta's popular social media platforms are increasingly being targeted by cybercriminals, and account takeover complaints rose over 1,000% last year. This social threat is spilling over into banks and government agencies, and experts criticize Meta for moving too slowly to address security issues.
While Russian military forces and allied groups continue to pummel Ukrainian targets with online attacks, security experts tracked a phishing and malware surge at the end of 2022, even as U.S. intelligence said the war was running at a "reduced tempo."
ISACA's recently published Privacy in Practice 2023 survey report shares new research related to the privacy workforce, privacy skills, privacy by design and the future of privacy. Expert Safia Kazi shares ways organizations can align privacy goals with business objectives.
The FBI penetrated the network of the Hive ransomware group, which has a history of attacking hospitals. A multinational operation seized the ransomware-as-a-service group's leak site and two servers located in Los Angeles. U.S. law enforcement said an investigation is ongoing.
Data breaches in 2022 hit near-record levels as U.S. organizations issued 1,802 data breach notifications and more than 400 million individuals were affected. But only 34% of breach notifications included actionable information for consumers whose information was exposed.
The world's largest cybersecurity vendor continues to pull away from the competition. Microsoft's security sales surpassed $20 billion in 2022 after 33% annual growth. The cloud computing and software giant continues to reap the rewards of security tool consolidation.
When the DOJ announced a "major, international cryptocurrency enforcement action," observers expected to see charges against a well-known firm. Instead, the agency charged a lesser-known figure, Anatoly Legkodymov, the Russian founder of Bitzlato, with facilitating $700 million in illegal activity.
CommonSpirit was negligent in failing to protect sensitive health data, resulting in a compromise affecting at least 623,000 patients and perhaps many more, allege plaintiffs in two proposed class action lawsuits filed against the Chicago-based hospital chain after a 2022 ransomware attack.
North Korea's Lazarus Group was behind the $100 million theft from the Horizon blockchain bridge, the U.S. federal government confirmed. The FBI vowed "to expose and combat North Korea's use of illicit activities - including cybercrime and virtual currency theft - to generate revenue."