Hospitals face attacks from nation-states seeking medical research and cybercriminals using pediatric patient data to apply for loans, says Stoddard Manikin. Adversaries target pediatric records to exploit the patient's credit and adult records when pursuing insurance or prescription fraud.
Twitter accounts that use SMS for two-factor authentication are at a heightened risk of account takeover with the disclosure that texting "STOP" to the verification service results in it being turned off. The vulnerability opens the door to a password reset attack or a password stuffing attack.
Pro-Kremlin hackers claimed credit for a denial-of-service attack against FBI websites, marking the latest in a series of nuisance attacks. The FBI earlier said it is aware of "pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success."
Russian hackers have a campaign to maliciously encrypt files of Ukrainian victims. But unlike other ransomware groups, they are doing so without the possibility of offering a decryptor. Ukraine’s Computer Emergency Response Team identifies the group as UAC-0118, also known as From Russia with Love.
Bankrupt cryptocurrency exchange platform FTX says unsanctioned actors made off with customers' digital assets, causing a scramble to secure digital wallets. Estimates of the amount of stolen money are in the hundreds of millions. FTX filed for bankruptcy Friday after entering a liquidity crunch.
The shift to remote work during COVID-19 has prompted hackers to dramatically boost phishing attacks. The pandemic has led to users reading more corporate email on personal devices and opening messages while distracted by children or pets, increasing the chances they'll click on something malicious.
French defense multinational Thales confirmed that ransomware-as-a-service group LockBit published internal documents but emphasized its operations remain unaffected by the hack. The company says the source of the leak is likely a compromised user account of an online partner collaboration site.
The Cyber Police of Ukraine arrested five cybercrime gang members for their participation in a transnational scheme to fleece buyers into a supposed cryptocurrency and securities investment platform. The gang has established call centers around Europe, including three in Kyiv and Ivano-Frankivsk.
A recent ransomware attack at a Texas hospital that knocked out phone and email systems for weeks is now even worse following OakBend Medical Center's admission that the hackers downloaded data from the medical records of up to 500,000 individuals.
In the latest weekly update, ISMG editors discuss implications of the seizure of $3.36 billion in stolen bitcoin, whether the EU is complicit in the spread of advanced spyware, and the departure of the U.K.'s Dr. Ian Levy, technical director of NCSC, with some important parting words.
The Australian government says hackers from Russia are behind the attack on Medibank, the country's largest private health insurer. Prime Minister Anthony Albanese said not just hackers but "the nation where these attacks are coming from should also be held accountable."
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
Police in Ontario arrested a dual Canadian-Russian national for his involvement with the LockBit ransomware-as-a-service gang. The United States is asking for the extradition of Mikhail Vasiliev, 33, to face a criminal charge in a New Jersey federal court of conspiracy to commit computer intrusion.
A U.S. federal district judge said users would be "shocked to realize" that Facebook collects patient data. Plaintiffs suing the social media giant asked the judge to enjoin the company from intercepting health data and communications through its Pixel web tracking tool embedded into patent portals.
Embattled social media platform Twitter lost its chiefs of security, privacy and compliance, and the resignations put the company and its new owner, Elon Musk, at greater risk of regulatory enforcement. The company signed a binding two-decade agreement with the U.S. Federal Trade Commission in May.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.