The IT unit charged with overseeing the Virginia General Assembly has been hit with a ransomware attack. The incident has prevented state lawmakers from accessing a portal for their legislative proposals. The attack has reportedly not affected the commonwealth's executive branch.
An anesthesiology practice and an accounting firm are among the latest organizations reporting ransomware-related health data breaches. Meanwhile, other entities and vendors that serve the healthcare sector are dealing with their own challenges and fallout involving recent ransomware incidents.
Like CISOs everywhere, Dawn Cappelli of Rockwell Automation awoke last Friday to news about the Log4j vulnerability and the risk it posed to her company, customers and partners. Here is how she approached triage, response and capturing insights to be shared with other security leaders.
Botnet operators have launched DDoS attacks on devices that have not applied patches for two separate vulnerabilities, researchers say. One is a Mirai-based botnet dubbed Moobot, according to cybersecurity firm Fortinet, and the other is an unnamed Mirai-reminiscent botnet, according to Qrator Labs.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Ultimate Kronos Group, a U.S.-based multinational firm that provides workforce management and human resource management systems, says that its private cloud service has fallen victim to a ransomware attack. An executive with the company says service restoration may take "several weeks."
Accenture's State of Cybersecurity Resilience 2021 study finds that 55% of large companies are not effectively stopping cyberattacks, finding and fixing breaches quickly, or reducing the impact of breaches. Ryan LaSalle of Accenture Security discusses how to increase cyber resiliency.
Multiple security researchers have spotted threat actors already exploiting the Apache Log4j vulnerability by deploying Muhstik and Mirai botnets to target Linux devices. Their advice: Ensure to remove any existing compromise before patching, and expect this flaw to be exploited for the long term.
A Russian national has been sentenced to 48 months in prison for aiding a botnet scheme that infected victims' devices with malicious Kelihos malware and ransomware, according to the U.S. Justice Department.
Indian Prime Minister Narendra Modi's official Twitter account was compromised - for the second time - as part of a cryptocurrency scam. The account was "immediately secured" by Twitter, according to a tweet by the PM’s Office. Cyberlaw experts discuss where the onus of protection lies.
The Biden administration has announced that the U.S. and several allies have aligned to create the Export Controls and Human Rights Initiative, which puts stricter criteria around the export of certain offensive cyber tools, particularly those that end up in the hands of authoritarian regimes.
Federal regulators are warning healthcare sector entities worldwide that an authentication vulnerability in a variety of Hillrom Welch Allyn cardio products, if exploited, could allow attackers access to privileged accounts. Why is the flaw so worrisome for some healthcare IT environments?
As of Dec. 13, the U.K. is facing a "tidal wave" of infections from the COVID-19 Omicron variant, and case numbers are rising in North America as well. What do health experts know so far about the spread and severity of Omicron infections? Pandemic expert Regina Phelps shares insights.
In today's disparate IT environment, there are gaping, business critical gaps in enterprise log management. Graylog's Mark Brooks discusses the Log Management Maturity Model and the six (6) critical steps to move from "no alignment" to "continuous improvement."
For many security teams, it's been all hands on deck since the Apache Log4j zero day vulnerability recently came to light. Experts say the flaw may be the most serious security vulnerability to have emerged in years, and organizations are now racing to identify their exposure and defenses they can deploy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.