Skip to content

Risk

Security and Technology news from various third party sources. All attribution remains the property of the original authors

203 Topics 203 Posts
  • 0 Votes
    1 Posts
    139 Views
    CerberusC

    Analysis of Latest Health Data Breaches on the HHS OCR ‘Wall of Shame’
    Ransomware incidents are becoming a major cause of health data breaches affecting millions of individuals that have been reported so far in 2021, according to the latest additions to the federal tally. What else is topping the list?

    https://www.inforisktoday.co.uk/ransomware-incidents-among-largest-breaches-on-federal-tally-a-17846

  • 0 Votes
    1 Posts
    118 Views
    CerberusC

    Bad Actors Learn Victim Firms’ Public, Nonpublic Data Before Attack to Increase Impact
    The Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stock exchanges, to be aware of ransomware actors using their undisclosed merger and acquisition data for extortion.

    https://www.inforisktoday.co.uk/fbi-warns-ransomware-actors-leveraging-ma-data-a-17847

  • 0 Votes
    1 Posts
    120 Views
    CerberusC

    Criminal Group Announced News on Russian Site, Says Malware Research Organization vx-underground
    Ransomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground says, citing an announcement made by the gang on a Russian underground site.

    https://www.inforisktoday.co.uk/blackmatter-claims-to-shut-ops-experts-suspect-rebranding-a-17848

  • 0 Votes
    1 Posts
    105 Views
    CerberusC

    BOD 22-01 Imposes Strict Deadlines for Remediation of Publicly Known Exploits
    The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday issued a new directive - BOD 22-01 - requiring federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.

    https://www.inforisktoday.co.uk/cisa-directs-federal-agencies-to-patch-known-vulnerabilities-a-17845

  • 0 Votes
    1 Posts
    99 Views
    CerberusC

    Facebook Will Delete More Than a Billion Facial Profiles
    Facebook plans to shut down its facial recognition system, saying the regulatory landscape is unclear and citing ongoing concerns about the effects on society of using such systems. The company plans to delete more than one billion facial profiles.

    https://www.inforisktoday.co.uk/facebook-shuts-down-facial-recognition-feature-a-17842

  • 0 Votes
    1 Posts
    97 Views
    CerberusC

    Report Calls for Congressional Action to Address Risks With Fiat-Backed Tokens
    A new report from the U.S. Treasury Department urges Congress to “act promptly” to issue legislation that brings additional oversight to stablecoins, or crypto tokens pegged to fiat currencies. Federal officials say regulation should match that of traditional financial institutions - as a way to mitigate investor, market and cybersecurity risks, among others.

    https://www.inforisktoday.co.uk/us-treasury-department-says-stablecoins-must-be-regulated-a-17840

  • 0 Votes
    1 Posts
    99 Views
    CerberusC

    New Players and Rebranding Remain Constant, as Does Challenge of Operating Anonymously
    While ransomware remains many criminals’ weapon of choice for reliably shaking down victims, the ransomware-attacker landscape itself continues to evolve in numerous ways, with a constant influx of fresh players, regular rebranding, as well as the challenge of cashing in cryptocurrency while staying anonymous.

    https://www.inforisktoday.co.uk/7-trends-how-ransomware-operations-continue-to-evolve-a-17841

  • 0 Votes
    1 Posts
    99 Views
    CerberusC

    A Nevada Cancer Center Is Also Dealing With the Aftermath of an Attack
    A recent cyberattack on Community Medical Centers in Northern California has potentially compromised the information of more than 656,000 individuals. Meanwhile, Las Vegas Cancer Center reportedly fell victim to a ransomware attack during Labor Day weekend.

    https://www.inforisktoday.co.uk/california-clinic-network-cyber-incident-affects-656000-a-17839

  • 0 Votes
    1 Posts
    91 Views
    CerberusC

    European Commission: Guidelines Aim to Protect Wireless Privacy, Prevent Fraud
    Wireless device makers in the European Union market will soon have to adhere to a new set of cybersecurity guidelines at the design and production stages of manufacturing, according to the European Commission. The guidelines target devices such as mobile phones, tablets and other products.

    https://www.inforisktoday.co.uk/new-cybersecurity-norms-for-wireless-device-makers-in-eu-a-17837

  • 0 Votes
    1 Posts
    102 Views
    CerberusC

    This Flaw Could Lead to an Attack Like SolarWinds
    Two researchers from the University of Cambridge have discovered a vulnerability that affects most computer code compilers and many software development environments, according to a new research paper. The bug could cause a SolarWinds-like open-source supply chain attack scenario, they say.

    https://www.inforisktoday.co.uk/trojan-source-invisible-vulnerabilities-in-most-code-a-17833

  • 0 Votes
    1 Posts
    96 Views
    CerberusC

    Agency’s Jen Easterly, Rep. John Katko Discuss Protection of U.S. Networks
    CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify “systemically important critical infrastructure” to reduce risks of pervasive supply chain cyberattacks.

    https://www.inforisktoday.co.uk/cisa-begins-program-to-identify-critical-infrastructure-a-17835

  • 0 Votes
    1 Posts
    92 Views
    CerberusC

    Lt. Gen. Pant: Why India Needs a Cybersecurity Strategy; What It Plans to Accomplish
    India is in the last stage of rolling out a national cybersecurity strategy that aims to address challenges and appoint an apex body to regulate various government agencies, including CERT-In, the Cyber Crime Coordination Center and the National Critical Information Infrastructure Protection Center.

    https://www.inforisktoday.co.uk/indias-national-cybersecurity-strategy-awaiting-approval-a-17829

  • 0 Votes
    1 Posts
    96 Views
    CerberusC

    London-Based Graff Jeweller’s Clients Include High-Profile Celebs
    The Conti cybercrime gang, known for ransomware attacks, has reportedly leaked details of world leaders, actors and business tycoons after a strike at jeweler Graff. The organization is working with law enforcement and has informed the U.K.'s Information Commissioner’s Office about the incident.

    https://www.inforisktoday.co.uk/celebrities-data-dumped-on-darknet-site-after-hack-a-17830

  • 0 Votes
    1 Posts
    96 Views
    CerberusC

    Operators Left Exposed After Overreaching, Says McAfee Enterprise’s John Fokker
    How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide’s hit on Colonial Pipeline - “what we’re seeing … is that there is going to be a power balance shift,” says McAfee’s John Fokker, with more affiliates, not gang leaders, calling the shots.

    https://www.inforisktoday.co.uk/ransomware-evolves-affiliates-set-to-wield-greater-power-a-17832

  • 0 Votes
    1 Posts
    93 Views
    CerberusC

    HHS OCR: If Old Gear Cannot Be Replaced, Take Other Steps to Protect PHI
    Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?

    https://www.inforisktoday.co.uk/reduce-security-risk-healthcare-legacy-systems-devices-a-17834

  • 0 Votes
    1 Posts
    113 Views
    CerberusC

    Threat Actors Believed Responsible For More Than 1,800 Ransomware Attacks
    The suspected cyber actors behind deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary from eight countries. They are believed to have affected more than 1,800 victims.

    https://www.inforisktoday.co.uk/multinational-police-force-arrests-12-suspected-hackers-a-17828

  • 0 Votes
    1 Posts
    112 Views
    CerberusC

    Director Chris Inglis Also Outlines Vision for NCD Office, Level of Accountability
    National Cyber Director Chris Inglis on Thursday announced that Federal CISO Chris DeRusha will concurrently serve as his deputy at the newly created office. Inglis, a Senate-confirmed top adviser to the president, also released a “statement of strategic intent” outlining his own official duties.

    https://www.inforisktoday.co.uk/federal-ciso-derusha-named-deputy-national-cyber-director-a-17827

  • 0 Votes
    1 Posts
    89 Views
    CerberusC

    Exploitation May Have Exposed REST-API Endpoints on Sites, Researchers Say
    OptinMonster, a WordPress plug-in used in more than 1 million websites for sales campaign creation, was vulnerable to high-severity bugs, according to Wordfence researchers. An updated version of the plug-in has patched the flaws.

    https://www.inforisktoday.co.uk/wordpress-plug-in-bugs-put-1-million-plus-sites-at-risk-a-17822

  • 0 Votes
    1 Posts
    96 Views
    CerberusC

    After Consulting With VTC Providers, Authorities Recommend End-to-End Encryption
    Six national data protection and privacy authorities – from Australia, Canada, Gibraltar, Hong Kong SAR, China and Switzerland - have joined with the U.K. information Commissioner’s Office to issue guidance to video teleconferencing companies on privacy, calling for end-to-end encryption.

    https://www.inforisktoday.co.uk/countries-team-up-to-issue-video-teleconference-guidance-a-17823

  • 0 Votes
    1 Posts
    112 Views
    CerberusC

    Academic Medical Center Says Access to Email Accounts Lasted Months
    Massachusetts-based UMass Memorial Health is the latest large healthcare network to report an email phishing incident that potentially compromised hundreds of thousands of individuals’ protected health information. The unauthorized email access lasted about seven months.

    https://www.inforisktoday.co.uk/healthcare-system-phishing-breach-affects-209000-a-17824