Phishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.
First-party fraud is largely invisible. It requires financial institutions to overhaul their traditional fraud detection approaches. Unlike more commonly recognized forms of fraud, first-party fraud involves account holders acting deceitfully, which makes detection and prevention more complex.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
The Conservative government of British Prime Minister Rishi Sunak says it won't champion a reinsurance plan for cyber insurance similar to flood insurance, telling a parliamentary committee it doesn't want to "damage competition." Global ransomware payments surged to record levels during 2023.
The U.S. Cybersecurity and Infrastructure Security Agency apparently had a good reason to urge federal agencies to reset vulnerable Ivanti VPN devices: Hackers breached two gateways used by CISA, forcing the agency to yank them offline. The agency "immediately took offline" the affected VPNs.
UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.
In the latest weekly update, ISMG editors discussed the cyberattack that's sending shock waves through the U.S. healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.
A Russian state hack against Microsoft was more serious than initially supposed, Microsoft acknowledged in a Friday disclosure to federal regulators. Microsoft said a Moscow threat actor obtained access to "source code repositories and internal systems."
As ransomware groups are causing massive damage and disruption and showing no signs of stopping, cybersecurity policy expert Ciaran Martin said it's time for governments to start asking tough questions and "figure out how to make a ransomware payments ban work."
Hackers are mass-exploiting a recently disclosed critical authentication bypass vulnerability in on-premises versions of TeamCity. JetBrains fixed the bugs in a Monday update, but researchers warn users running unpatched instances to assume compromise.
A Chicago children's hospital has finally restored access to its electronic health records systems following a cyberattack detected in late January. But the pediatrics hospital is still working to bring its MyChart patient portal and various other systems back online.
This week, VMware handled critical vulnerabilities, Capita reported losses, the NSA pushed for zero trust, malware exploited aNotepad, a Taiwanese telecom was breached, the Swiss government dealt with ransomware attack fallout, fake meetings spread malware, Amex was breached and PetSmart was hacked.
Election campaigners Michael Blake and Cynthia Wallace discuss the need for accurate information and community involvement to protect electoral integrity and empower underrepresented voters. Strategies for countering misinformation range from sourcing internet posts to hosting barbershop meetings.
Federal authorities have accused a Chinese national who worked as a CTO in a Google supercomputer data center of stealing the company's proprietary artificial intelligence secrets and sharing them with Chinese companies, according to an indictment unsealed on Wednesday.
Cybercrime reports submitted by victims to the FBI's Internet Crime Complaint Center surged last year, and the total reported losses exceeded $12.5 billion. Investment fraud and business email compromise losses dominated, and ransomware attacks spared almost no critical infrastructure sector.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.