Analysis of Latest Health Data Breaches on the HHS OCR ‘Wall of Shame’
Ransomware incidents are becoming a major cause of health data breaches affecting millions of individuals that have been reported so far in 2021, according to the latest additions to the federal tally. What else is topping the list?

https://www.inforisktoday.co.uk/ransomware-incidents-among-largest-breaches-on-federal-tally-a-17846

Bad Actors Learn Victim Firms’ Public, Nonpublic Data Before Attack to Increase Impact
The Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stock exchanges, to be aware of ransomware actors using their undisclosed merger and acquisition data for extortion.

https://www.inforisktoday.co.uk/fbi-warns-ransomware-actors-leveraging-ma-data-a-17847

Criminal Group Announced News on Russian Site, Says Malware Research Organization vx-underground
Ransomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground says, citing an announcement made by the gang on a Russian underground site.

https://www.inforisktoday.co.uk/blackmatter-claims-to-shut-ops-experts-suspect-rebranding-a-17848

BOD 22-01 Imposes Strict Deadlines for Remediation of Publicly Known Exploits
The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday issued a new directive - BOD 22-01 - requiring federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.

https://www.inforisktoday.co.uk/cisa-directs-federal-agencies-to-patch-known-vulnerabilities-a-17845

Facebook Will Delete More Than a Billion Facial Profiles
Facebook plans to shut down its facial recognition system, saying the regulatory landscape is unclear and citing ongoing concerns about the effects on society of using such systems. The company plans to delete more than one billion facial profiles.

https://www.inforisktoday.co.uk/facebook-shuts-down-facial-recognition-feature-a-17842

Report Calls for Congressional Action to Address Risks With Fiat-Backed Tokens
A new report from the U.S. Treasury Department urges Congress to “act promptly” to issue legislation that brings additional oversight to stablecoins, or crypto tokens pegged to fiat currencies. Federal officials say regulation should match that of traditional financial institutions - as a way to mitigate investor, market and cybersecurity risks, among others.

https://www.inforisktoday.co.uk/us-treasury-department-says-stablecoins-must-be-regulated-a-17840

New Players and Rebranding Remain Constant, as Does Challenge of Operating Anonymously
While ransomware remains many criminals’ weapon of choice for reliably shaking down victims, the ransomware-attacker landscape itself continues to evolve in numerous ways, with a constant influx of fresh players, regular rebranding, as well as the challenge of cashing in cryptocurrency while staying anonymous.

https://www.inforisktoday.co.uk/7-trends-how-ransomware-operations-continue-to-evolve-a-17841

A Nevada Cancer Center Is Also Dealing With the Aftermath of an Attack
A recent cyberattack on Community Medical Centers in Northern California has potentially compromised the information of more than 656,000 individuals. Meanwhile, Las Vegas Cancer Center reportedly fell victim to a ransomware attack during Labor Day weekend.

https://www.inforisktoday.co.uk/california-clinic-network-cyber-incident-affects-656000-a-17839

European Commission: Guidelines Aim to Protect Wireless Privacy, Prevent Fraud
Wireless device makers in the European Union market will soon have to adhere to a new set of cybersecurity guidelines at the design and production stages of manufacturing, according to the European Commission. The guidelines target devices such as mobile phones, tablets and other products.

https://www.inforisktoday.co.uk/new-cybersecurity-norms-for-wireless-device-makers-in-eu-a-17837

This Flaw Could Lead to an Attack Like SolarWinds
Two researchers from the University of Cambridge have discovered a vulnerability that affects most computer code compilers and many software development environments, according to a new research paper. The bug could cause a SolarWinds-like open-source supply chain attack scenario, they say.

https://www.inforisktoday.co.uk/trojan-source-invisible-vulnerabilities-in-most-code-a-17833

Agency’s Jen Easterly, Rep. John Katko Discuss Protection of U.S. Networks
CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify “systemically important critical infrastructure” to reduce risks of pervasive supply chain cyberattacks.

https://www.inforisktoday.co.uk/cisa-begins-program-to-identify-critical-infrastructure-a-17835

Lt. Gen. Pant: Why India Needs a Cybersecurity Strategy; What It Plans to Accomplish
India is in the last stage of rolling out a national cybersecurity strategy that aims to address challenges and appoint an apex body to regulate various government agencies, including CERT-In, the Cyber Crime Coordination Center and the National Critical Information Infrastructure Protection Center.

https://www.inforisktoday.co.uk/indias-national-cybersecurity-strategy-awaiting-approval-a-17829

London-Based Graff Jeweller’s Clients Include High-Profile Celebs
The Conti cybercrime gang, known for ransomware attacks, has reportedly leaked details of world leaders, actors and business tycoons after a strike at jeweler Graff. The organization is working with law enforcement and has informed the U.K.'s Information Commissioner’s Office about the incident.

https://www.inforisktoday.co.uk/celebrities-data-dumped-on-darknet-site-after-hack-a-17830

Operators Left Exposed After Overreaching, Says McAfee Enterprise’s John Fokker
How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide’s hit on Colonial Pipeline - “what we’re seeing … is that there is going to be a power balance shift,” says McAfee’s John Fokker, with more affiliates, not gang leaders, calling the shots.

https://www.inforisktoday.co.uk/ransomware-evolves-affiliates-set-to-wield-greater-power-a-17832

HHS OCR: If Old Gear Cannot Be Replaced, Take Other Steps to Protect PHI
Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?

https://www.inforisktoday.co.uk/reduce-security-risk-healthcare-legacy-systems-devices-a-17834

Threat Actors Believed Responsible For More Than 1,800 Ransomware Attacks
The suspected cyber actors behind deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary from eight countries. They are believed to have affected more than 1,800 victims.

https://www.inforisktoday.co.uk/multinational-police-force-arrests-12-suspected-hackers-a-17828

Director Chris Inglis Also Outlines Vision for NCD Office, Level of Accountability
National Cyber Director Chris Inglis on Thursday announced that Federal CISO Chris DeRusha will concurrently serve as his deputy at the newly created office. Inglis, a Senate-confirmed top adviser to the president, also released a “statement of strategic intent” outlining his own official duties.

https://www.inforisktoday.co.uk/federal-ciso-derusha-named-deputy-national-cyber-director-a-17827

Exploitation May Have Exposed REST-API Endpoints on Sites, Researchers Say
OptinMonster, a WordPress plug-in used in more than 1 million websites for sales campaign creation, was vulnerable to high-severity bugs, according to Wordfence researchers. An updated version of the plug-in has patched the flaws.

https://www.inforisktoday.co.uk/wordpress-plug-in-bugs-put-1-million-plus-sites-at-risk-a-17822

After Consulting With VTC Providers, Authorities Recommend End-to-End Encryption
Six national data protection and privacy authorities – from Australia, Canada, Gibraltar, Hong Kong SAR, China and Switzerland - have joined with the U.K. information Commissioner’s Office to issue guidance to video teleconferencing companies on privacy, calling for end-to-end encryption.

https://www.inforisktoday.co.uk/countries-team-up-to-issue-video-teleconference-guidance-a-17823

Academic Medical Center Says Access to Email Accounts Lasted Months
Massachusetts-based UMass Memorial Health is the latest large healthcare network to report an email phishing incident that potentially compromised hundreds of thousands of individuals’ protected health information. The unauthorized email access lasted about seven months.

https://www.inforisktoday.co.uk/healthcare-system-phishing-breach-affects-209000-a-17824

VMware’s Tom Kellermann on Defending Against Ransomware Attacks
In ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Therefore, it is essential to have multiple backups, says Tom Kellermann, head of cybersecurity strategy at VMware.

https://www.inforisktoday.co.uk/enterprise-backups-are-becoming-targets-for-cybercriminals-a-17820

Also: Increasing Diversity and Inclusion in Cybersecurity
Four ISMG editors discuss important cybersecurity issues, including law enforcement authorities’ disruption of ransomware gang REvil’s operations, how to collaborate as an industry to fight the surge in ransomware attacks hitting businesses, and increasing diversity and inclusion in the workplace.

https://www.inforisktoday.co.uk/ismg-editors-solving-ransomware-problem-together-a-17818

Company Aims to Fill 250,000-Worker Shortfall in Cybersecurity
Microsoft launched a four-year campaign on Thursday with community colleges in the U.S. aimed at recruiting hundreds of thousands of people into the field of cybersecurity. The goal is to fill an expected shortfall of 250,000 workers in cybersecurity, which Microsoft says means rising risk.

https://www.inforisktoday.co.uk/microsoft-launches-cybersecurity-recruitment-campaign-a-17816

Security Experts: ‘Grief’ Ransomware Gang Leaks Alleged NRA Data on Darknet
The National Rifle Association has reportedly fallen victim to a ransomware attack at the hands of a Russian cybercriminal gang known as Grief. The group has reportedly posted 13 files to its website after claiming to have hacked the gun rights advocacy group.

https://www.inforisktoday.co.uk/nra-reportedly-hit-by-russia-linked-ransomware-attack-a-17815

Incident Is Among Latest Involving Healthcare Supply Chain Vendors
A ransomware attack on a medical practice management services firm that included the theft of files containing patient information is among the latest security incidents involving similar third-party vendors.

https://www.inforisktoday.co.uk/phi-stolen-in-practice-management-firms-ransomware-attack-a-17813

Group Uses MATA Framework to Target Defense Orgs, Researchers Say
North Korean advanced persistent threat group Lazarus - aka Hidden Cobra - is developing supply chain attack capabilities using its multiplatform malware framework, MATA, for cyberespionage goals, according to researchers from Kaspersky.

https://www.inforisktoday.co.uk/lazarus-adds-supply-chain-attack-to-list-capabilities-a-17811

Kim Wyman Enters Biden Administration as Key Election Security Leader
CISA announced that Washington Secretary of State Kim Wyman will be the agency’s senior election security lead. She will become a top security official within the Biden administration, inheriting a role that has garnered public attention following interference in 2016 and fraud claims in 2020.

https://www.inforisktoday.co.uk/washington-secretary-state-to-head-election-security-a-17812

Desorden Group Attacks Thailand’s Central Group of Companies
The Desorden hacker group, previously known for its exploits against computer giant Acer and a Singaporean employment agency, has now targeted Thai luxury hotel chain Centara Hotels & Resorts. The group claims to have stolen 400GB of data from the hotel chain’s network.

https://www.inforisktoday.co.uk/hackers-claim-400gb-data-stolen-from-thai-hotel-chain-a-17814

Severe ‘Extortion-Based’ Attack From Foreign Entities, Firm Tweets
Telecom company Voipfone has come under a severe “extortion-based” DDoS attack from foreign entities, according to a tweet by the U.K.-based company. The attack is likely a continuation of the one observed on Thursday, although the company stated that all its systems remained operational.

https://www.inforisktoday.co.uk/voipfone-ddos-attacks-raise-specter-protection-racket-a-17805

4th Major Singapore Data Breach This Year Due to Third-Party Vendors
Singapore healthcare firm Fullerton Health confirms that a data breach in the server of its vendor partner Agape Connecting People was responsible for the leak of 400,000 user accounts. The incident marks the fourth major data breach incident involving third-party vendors in Singapore this year.

https://www.inforisktoday.co.uk/vendor-partner-responsible-for-fullerton-health-data-breach-a-17806

Bureau of Cyberspace and Digital Policy to Include Ambassador, Special Envoy
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape.

https://www.inforisktoday.co.uk/us-state-department-to-create-dedicated-cyber-office-a-17807

Iranian Government Blames Unnamed Foreign Country
An attack on systems that govern fuel subsidies in Iran reportedly hit all fuel stations and left many of the country’s citizens without gas for hours. Islamic Republic of Iran Broadcasting says that a cyberattack caused widespread disruption to the country’s fuel distribution network.

https://www.inforisktoday.co.uk/cyberattack-reportedly-cripples-iran-gas-stations-a-17803

Rebranding Remains Easy for Ransomware Groups, While Affiliates Already Come and Go
Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation’s brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.

https://www.inforisktoday.co.uk/revils-cybercrime-reputation-in-tatters-will-reboot-a-17802

‘Operation DarkHunTOR’ Seizes Millions in Cash & Crypto, Plus Drugs, Guns
International law enforcement officials on Tuesday announced that some 150 suspects have been arrested globally for buying or selling illegal goods, following a 10-month sting operation, code name “Operation DarkHunTOR,” targeting the dark web.

https://www.inforisktoday.co.uk/us-doj-global-darknet-sting-nabs-150-suspects-a-17799

Ron Ross of NIST Discusses Moving Away From Stovepipe Thinking
In preparation for the relaunch of ISMG’s education platform, CyberEd.io, Ron Ross of the National Institute of Standards and Technology and Brian Barnier, who is designing a course on critical thinking and design thinking, discuss the need for reorienting toward systems thinking in cybersecurity.

https://www.inforisktoday.co.uk/need-for-systems-thinking-in-cybersecurity-a-17798

Steve King of CyberTheory on Getting Serious With Our Defense Strategy
Findings from CyberTheory’s 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we’ve seen before, says CyberTheory’s director, Steve King.

https://www.inforisktoday.co.uk/defending-against-open-source-supply-chain-attacks-a-17797

Retailer Says an Attempt Was Made to Interfere With Its Systems
Grocery retailer Tesco said it faced a service disruption on its app and website. The company told ISMG that the outage was likely due to an attempt to interfere with its systems. On Monday, a company spokesperson said that both the website and app were now “back up and running.”

https://www.inforisktoday.co.uk/uks-tesco-supermarket-app-website-disrupted-a-17792

Microsoft Says Nobelium APT Is Eyeing Resellers, Tech Service Providers
The actor behind the cyberattack targeting SolarWinds customers - Nobelium - is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and tech service providers have been notified that they have been targeted by the group.

https://www.inforisktoday.co.uk/report-solarwinds-hackers-targeting-supply-chain-a-17793

Move by Colonial Pipeline Attackers Follows Law Enforcement Action Against REvil
Following an outage of the REvil - aka Sodinokibi - ransomware operation due to coordinated law enforcement efforts involving the U.S. and foreign partners, the operators behind DarkSide ransomware have moved Bitcoin worth almost $7 million to multiple new wallets, making it more difficult to track.

https://www.inforisktoday.co.uk/darkside-transfers-7-million-worth-bitcoin-a-17787

Email Addresses Correlate With Accounts on Crypo Price Tracking Service
CoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of the source, the list would be useful for attackers to launch phishing attacks against those interested in cryptocurrency.

https://www.inforisktoday.co.uk/coinmarketcap-no-breach-despite-31m-email-address-leak-a-17789

The Cybercrime Group Posted Job Advertisements on Russian Job Portals
Threat group FIN7 has set up a website posing as a security company to recruit talent, according to fraud intelligence company Gemini Advisory. The aim of the scam was to lure security researchers who could help the group with penetration testing-related activities to enable ransomware attacks.

https://www.inforisktoday.co.uk/fin7-sets-up-fake-pentesting-company-site-to-recruit-talent-a-17783

Co-Sponsor of Bipartisan Proposal Calls Bill ‘Common-Sense Legislation’
Two Senate leaders on Thursday introduced legislation that would form a working group charged with monitoring the security of AI data obtained by federal contractors. This body would also ensure that the data adequately protects national security and recognizes privacy rights, the lawmakers say.

https://www.inforisktoday.co.uk/new-bill-would-secure-government-contractors-use-ai-a-17786

Sonatype: Cryptominers Launched in Windows, macOS, Linux Devices
Researchers at open-source software firm Sonatype have uncovered multiple malicious packages that disguise themselves as legitimate JavaScript libraries on npm registries to launch cryptominers on Windows, macOS and Linux machines.

https://www.inforisktoday.co.uk/malicious-packages-disguised-as-javascript-libraries-found-a-17782

Forrester Analyst Allie Mellen on Navigating the XDR Market
The current state of the XDR market is a “chaotic jumble of different features,” according to Forrester analyst Allie Mellon, who has authored a new study to identify the top XDR providers in the industry: The Forrester New Wave: Extended Detection And Response (XDR) Providers, Q4 2021.

https://www.inforisktoday.co.uk/forrester-report-key-questions-to-ask-xdr-vendors-a-17781

FBI, US Secret Service and US Cyber Command Target Ransomware Gangs, Reuters Reports
The outages of the notorious REvil - aka Sodinokibi - ransomware operation have been due to a coordinated law enforcement effort involving the U.S. and foreign partners, aimed at disrupting the group’s attack capabilities, Reuters reports.

https://www.inforisktoday.co.uk/revil-revelations-law-enforcement-behind-disruptions-a-17779

Discussion Also Addresses the Return to In-Person Events
In the latest weekly update, four ISMG editors discuss: a federal judge imposing the maximum sentences on a hacker who pleaded guilty to conspiracy and aggravated identity theft, regulators getting tougher on cryptocurrency lending platforms and the return to in-person roundtables.

https://www.inforisktoday.co.uk/ismg-editors-panel-regulators-get-tough-on-crypto-firms-a-17780

Multiple Breach Reports for Phishing Incident Reflect Notification Complexities
The Professional Dental Alliance is notifying more than 170,000 individuals in about a dozen states of a phishing breach involving an affiliated vendor that provides nonclinical management services to dental practices owned by PDA. Why is breach notification so complicated?

https://www.inforisktoday.co.uk/dental-alliance-reports-vendor-breach-affecting-170000-a-17775

Tools Used for Personal Surveillance, Malicious Activities Must Be Licensed
The U.S. Bureau of Industry and Security has issued an interim final rule to curb and control the export, reexport, or in-country transfer of certain offensive cyber tools that are used in surveillance of private citizens and other malicious activities that undermine the nation’s security.

https://www.inforisktoday.co.uk/us-cracks-down-on-sale-offensive-cybersecurity-tools-a-17776

Legislation Targets DHS SBOM, Further Chinese Telecom Restrictions
In a busy congressional day for cybersecurity legislation, the U.S. House of Representatives passed several bills on Wednesday, targeting both software supply chain and telecommunication system security. One observer describes them as “a win-win for the government and U.S. citizens.”

https://www.inforisktoday.co.uk/house-passes-bills-on-both-supply-chain-telecom-security-a-17777

The Group Updated Its Malware Arsenal With New Capabilities
Researchers at Kaspersky report that Lyceum group, known for targeting organizations in the energy and telecommunications sectors across the Middle East, has attacked two entities in Tunisia with an updated malware arsenal.

https://www.inforisktoday.co.uk/lyceum-group-targets-two-tunisia-based-entities-a-17774

Big Game Hunting Is Out and ‘Mid Game Hunting’ Is In, Coveware Warns
When a business, government agency or other organization hit by ransomware opted to pay a ransom to its attacker in Q3, the average payment was $140,000, reports ransomware incident response firm Coveware. It says the attack landscape has seen some notable shifts since the Colonial Pipeline attack.

https://www.inforisktoday.co.uk/ransomware-average-ransom-payment-stays-steady-at-140000-a-17773

Multiple Breach Reports for Phishing Incident Reflect Notification Complexities
The Professional Dental Alliance is notifying more than 170,000 individuals in about a dozen states of a phishing breach involving an affiliated vendor that provides nonclinical management services to dental practices owned by PDA. Why is breach notification so complicated?

https://www.inforisktoday.co.uk/dental-alliance-reports-vendor-breach-affecting-170k-a-17775

(ISC)2 Report: Fixing Underrepresentation of People of Color and Women in Cyber
In a report published earlier this week, (ISC)² - the international non-profit association that certifies cybersecurity professionals - says minority security practitioners, including people of color and women, are underrepresented in the field and offers practical steps to address the issues.

https://www.inforisktoday.co.uk/diversity-equity-inclusion-challenges-in-cybersecurity-a-17771

Bulletproof Hosting Service Supported Zeus, SpyEye and Citadel Malware, Says FBI
Four extradited Eastern European men have pleaded guilty in U.S. court to one count of conspiring to serve as administrators of a bulletproof hosting service that facilitated online attacks using the Zeus, SpyEye and Citadel Trojans and the Blackhole exploit kit, says the U.S. Department of Justice.

https://www.inforisktoday.co.uk/4-bulletproof-hosting-provider-admins-getting-sentenced-a-17772

Threat Actors Use Scanning Tools for Malicious Activities
Researchers at Uptycs Threat Research have uncovered a campaign in which the cloud-focused cryptojacking group TeamTNT is deploying malicious container images hosted on Docker Hub with an embedded script to download testing tools used for banner grabbing and port scanning.

https://www.inforisktoday.co.uk/teamtnt-deploys-malicious-docker-image-on-docker-hub-a-17766

@AnibalLeaks Says Entire Database for Sale on Hacking Forum
A cybercriminal known as cfk on popular hacking forums and @AnibalLeaks on Twitter claims to have stolen a database consisting of 45 million records of Argentina’s National Registry of Persons, or ReNaPer. The government denies that there has been unauthorized entry into its systems.

https://www.inforisktoday.co.uk/hacker-claims-details-45-million-argentinians-stolen-a-17769

Federal Judge Imposes 7-Year Prison Time in Human Resources Database Hack Case
A federal judge has imposed the maximum sentences - a total of seven years in prison - on a hacker who earlier pleaded guilty in a conspiracy case involving the hacking of University of Pittsburgh Medical Center human resources databases and the theft of personal information of 65,000 employees - some which was sold on the dark web and used for federal tax fraud.

https://www.inforisktoday.co.uk/hacker-in-upmc-data-theft-fraud-case-gets-maximum-sentences-a-17770

Executive Director Wales Cites Colonial Pipeline’s Rapid Notification to Customers
A top leader of the U.S. Cybersecurity and Infrastructure Security Agency has voiced support for a 24-hour timeline for cyber incident reporting involving critical infrastructure, signaling a push by the Biden administration to implement a rapid mechanism for federal response.

https://www.inforisktoday.co.uk/cisa-leader-backs-24-hour-timeline-for-incident-reporting-a-17767

Attorney General Tells 3 Others to Provide Information in Latest Enforcement Effort
New York State AG Letitia James served cease and desist letters to two cryptocurrency lending platforms that her office says engage in “unregistered and unlawful activities.” Three other platforms were told by the OAG to “immediately provide information about their activities and products.”

https://www.inforisktoday.co.uk/new-york-tells-2-cryptocurrency-firms-to-cease-desist-a-17764

System Infection Can be Prevented Using Flaws in Malware
Researchers at Zscaler say that malware is often prone to bugs and coding errors which can cause it to crash or serve as a backdoor for defenders to undo the damage it might have caused. They suggest defenders proactively use malware bugs to stop them from spreading and infecting the system.

https://www.inforisktoday.co.uk/bugs-in-malware-serve-as-backdoor-to-undo-damage-a-17763

Trend Micro: Operators Rebrand “Supplier” Ransomware Before Deployment
Researchers at cybersecurity firm Trend Micro have observed the adoption of a new franchise-based business model by ransomware operators that moves away from the traditional ransomware-as-a-service model. Operators now rebrand a “supplier” ransomware before deployment.

https://www.inforisktoday.co.uk/new-business-model-white-labeling-ransomware-a-17761

Tells 3 Others to Provide Information in Latest Crypto Enforcement Effort
New York State AG Letitia James served cease and desist letters to two cryptocurrency lending platforms that her office says engage in “unregistered and unlawful activities.” Three other platforms were told by the OAG to “immediately provide information about their activities and products.”

https://www.inforisktoday.co.uk/nyag-issues-cease-desist-letters-to-2-crypto-platforms-a-17764

Officials: Threats to Sector Rising In Wake of Recent Hospital Ransomware Attack
Israeli officials say they have fended off a wave of attempted cyberattacks on several hospitals and healthcare entities in recent days, as Hillel Yaffe Medical Center continues to recover from a ransomware attack last week that authorities reportedly suspect was carried out by Chinese hackers.

https://www.inforisktoday.co.uk/more-attempted-cyberattacks-on-israeli-healthcare-entities-a-17762

Lisa Plaggemier of NCSA and Oz Alashe of CybSafe on influencing behavior
To mark Cybersecurity Awareness Month, the National Cyber Security Alliance and U.K. based behavioral science and data analytics company, CybSafe, have released their Annual Cybersecurity Attitudes and Behaviors Report 2021, which uncovers key trends, behaviors and habits among tech users.

https://www.inforisktoday.co.uk/positive-security-inspiring-behavioral-change-at-workplace-a-17759

Matthew Trump of The University of London on Building Effective Response Plans
A spate of ransomware incidents affecting the education sector has led to the loss of student coursework, financial records and data relating to COVID-19 testing. Matthew Trump, senior IT security officer for the University of London, U.K., outlines incident response strategies.

https://www.inforisktoday.co.uk/preparing-for-ransomware-attacks-in-education-sector-a-17760

HHS Says Several Factors Making Healthcare a Favorite Target in U.S., Globally
Ransomware attacks are continuing to threaten the U.S. and global healthcare sectors, in part due to many organizations’ high dependency on legacy systems and lack of security resources, says new analysis by federal officials, which also identified the top ransomware gangs hitting the sector.

https://www.inforisktoday.co.uk/analysis-top-ransomware-gangs-targeting-healthcare-sector-a-17755

Google TAG: Threat Group DPRK Targeted Security Researchers
Social media platform Twitter has suspended two accounts that were being used by members of the DPRK, a North Korean government-backed threat group, according to Adam Weidemann, an analyst with the Google Threat Analysis Group. The accounts allegedly targeted security researchers around the globe.

https://www.inforisktoday.co.uk/twitter-suspends-north-korean-threat-actor-accounts-a-17750

PC and Device Maker Appears to Have Been Targeted by DESORDEN
After being targeted by a ransomware attack in March 2021, Acer, one of the world’s largest PC and device makers, has now suffered two further cyberattacks within a week. DESORDEN threat actors are reported to have claimed responsibility for the attacks.

https://www.inforisktoday.co.uk/acer-taiwan-india-hit-in-2nd-3rd-attacks-2021-a-17754

Media Giant Reports Broadcast Outages Nationwide; Investigation is Ongoing
Sinclair Broadcast Group, Inc., which owns or operates 186 television stations across 87 U.S. markets, has been hit with a ransomware attack that has disrupted operations. The company says the attack has impacted its ability to deliver advertisements and certain programming.

https://www.inforisktoday.co.uk/sinclair-tv-stations-targeted-in-weekend-ransomware-attack-a-17753

Consultancy Discloses Data Leak Tied to Attack For Which LockBit 2.0 Claimed Credit
Accenture says an online attack against it that it first disclosed in August resulted in “the extraction of proprietary information by a third party, some of which was made available to the public by the third party.” The LockBit 2.0 ransomware operation has taken credit for the attack and dumping data.

https://www.inforisktoday.co.uk/accenture-ransomware-attack-breached-proprietary-data-a-17751

Exposed OAuth Tokens Have Since Been Revoked, Mitigating Takeover Threat
A data breach affecting MakerBot’s Thingiverse 3D printing repository website is far bigger than what the company has acknowledged, a former employee claims. Upwards of 2 million users may have been affected by the breach, which left their 3D printers at risk of being hijacked.

https://www.inforisktoday.co.uk/thingiverse-breach-50000-3d-printers-faced-hijacking-risk-a-17749

OAuth Tokens Exposed But Now Have Been Revoked
A former employee of MakerBot says a data breach affecting that company’s Thingiverse 3D printing repository website is far more expansive than what the company is acknowledging. Upwards of two million users may be affected, and 3D printers could have been hijacked.

https://www.inforisktoday.co.uk/thingiverse-breach-50000-3d-printers-could-have-been-hijacked-a-17749

OAuth Tokens Exposed But Now Have Been Revoked
A former employee of MakerBot says a data breach affecting that company’s Thingiverse 3D printing repository website is far more expansive than what the company is acknowledging. Upwards of two million users may be affected, and 3D printers could have been hijacked.

https://www.inforisktoday.co.uk/thingiverse-breach-50000-printers-could-have-been-hijacked-a-17749

New Crypto-Based Guidelines Target Anonymous Money Laundering Activity
The U.S. Department of the Treasury unveiled additional steps to curb the illicit use of cryptocurrencies on Friday, warning enterprises not to engage with sanctioned entities exploiting the financial system - particularly to launder ransomware proceeds.

https://www.inforisktoday.co.uk/treasury-dept-to-crypto-companies-comply-sanctions-a-17744

TA505 APT Group delivers phishing email containing malicious links
Researchers at Morphisec Labs have published fresh details about a new MirrorBlast campaign that they say is run by a Russia-based threat group TA505, targeting financial services organizations. The campaign delivers MirrorBlast via a phishing email that contains malicious links.

https://www.inforisktoday.co.uk/mirrorblast-campaign-targets-finance-sector-using-macros-a-17745

FBI, CISA, EPA & NSA Advisory Says Threats to Critical Infrastructure Rising
U.S. federal agencies issued a joint advisory around potential cyber threats to the nation’s water facilities. They cite “ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices” of U.S. water and wastewater systems.

https://www.inforisktoday.co.uk/us-agencies-to-water-facilities-you-may-be-next-target-a-17741

Government Authorities Issue Advisories Following Hospital Attack
Government authorities in Israel are warning healthcare sector entities in the country of potential cyberattacks after a ransomware attack this week on Hillel Yaffe Medical Center in the city of Hadera. The hospital said it is “using alternative systems” to care for its patients.

https://www.inforisktoday.co.uk/ransomware-attack-on-israeli-medical-center-raises-alarm-a-17740

Discussion Also Addresses the Ransom-Paying Dilemma Faced by Cyber Extortion Victims
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner’s Office’s recent consultation on creating an international data transfer agreement.

https://www.inforisktoday.co.uk/ismg-editors-panel-are-our-systems-too-complex-to-secure-a-17739

Gov. Michael L. Parson Alleges Newspaper Reporter Improperly Accessed Data
A newspaper reporter in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state’s governor. The governor alleged the publication of the vulnerability after it was fixed was part of a “political vendetta.”

https://www.inforisktoday.co.uk/missouri-refers-coordinated-bug-disclosure-to-prosecutors-a-17737

But Name-and-Shame Attackers Likely Retooling After Spotting Encryption Problems
A free decryptor for BlackByte ransomware has been released by security researchers at Trustwave who cracked the crypto-locking malware’s encryption. But they say that unfortunately, the underlying encryption problem is likely in the process of already being fixed by the malware’s developer.

https://www.inforisktoday.co.uk/blackbyte-free-decryptor-released-for-ransomware-strain-a-17738

Gov. Michael L. Parson Alleges Newspaper Reporter Improperly Accessed Data
A newspaper reporter in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state’s governor. The governor alleged the publication of the vulnerability after it was fixed was part of a “political vendetta.”

https://www.inforisktoday.co.uk/missouri-refers-responsibly-reported-bug-to-prosecutors-a-17737

Gov. Michael L. Parson Alleges Newspaper Employee Improperly Accessed Data
A newspaper employee in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state’s governor. The governor alleged the publication of the vulnerability after it was fixed was part of a “political vendetta.”

https://www.inforisktoday.co.uk/missouri-refers-responsible-bug-report-to-prosecutors-a-17737

Bill Would Remove Some Third-Party Content ‘Immunity’ Held by Social Platforms
Democratic lawmakers on the House Committee on Energy and Commerce announced legislation that would rein in tech algorithms on platforms exceeding 5 million monthly viewers. This follows a high-profile whistleblower case heard before Congress on Facebook’s allegedly questionable data policies.

https://www.inforisktoday.co.uk/house-lawmakers-announce-bill-targeting-tech-algorithms-a-17736

Focus is on Critical Infrastructure Threats and Clinical Data
MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.

https://www.inforisktoday.co.uk/mitre-launches-centers-to-protect-infrastructure-health-a-17734

Attackers Can Push Code To A Protected Branch
Researchers at Cider Security have uncovered a security loophole in GitHub Actions that allows adversaries to bypass the required reviews mechanism and push unreviewed code to a protected branch, allowing it into the pipeline to production.

https://www.inforisktoday.co.uk/flaws-in-github-actions-bypass-code-review-mechanism-a-17733

PII of Nearly 28,000 Members Exfiltrated in June 2020 Hacking Incident
The American Osteopathic Association has just begun notifying nearly 28,000 individuals about a June 2020 data exfiltration incident involving their personal information. The medical professional organization says workforce challenges during the pandemic led to the notification delay.

https://www.inforisktoday.co.uk/osteopathic-professional-group-reports-year-old-breach-a-17735

The Data Dump Is Being Broadly Circulated on a Popular Hacking Forum
Thingiverse, a popular website dedicated to sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 2.5 million unique email addresses and other personally identifiable information.

https://www.inforisktoday.co.uk/thingiverse-data-leak-affects-228000-subscribers-a-17729

The Data Dump Is Being Broadly Circulated on a Popular Hacking Forum
Thingiverse, a popular website dedicated to sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 2.5 million unique email addresses and other personally identifiable information.

https://www.inforisktoday.co.uk/thingiverse-data-leak-affects-25-million-subscribers-a-17729

New Criminal Penalties, Assistance to Victims in the Ransomware Action Plan
Australia plans to require businesses with more than $10 million in revenue to report ransomware attacks to the government, part of a comprehensive strategy to fight the attacks that also includes new criminal penalties and assistance to victims. The plan would need to be passed by Parliament.

https://www.inforisktoday.co.uk/australia-plans-ransomware-attack-reporting-requirement-a-17731

China, Russia Both Absent from 30-Nation Gathering on the Threat of Ransomware
The White House National Security Council this week kicked off its international counter-ransomware event with participation from more than 30 nations. This gathering aims to elevate both law enforcement collaboration and diplomatic efforts. Noticeably absent from the summit: Russia.

https://www.inforisktoday.co.uk/us-convenes-global-ransomware-summit-without-russia-a-17730

Also, NJ AG Smacks Fertility Clinic With Big Fine in Hacking Incident
A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.

https://www.inforisktoday.co.uk/fertility-testing-lab-says-ransomware-breach-affects-350000-a-17728

How Many Strikes Should Cybercrime-as-a-Service Customers Get Before Getting Busted?
Dutch cybercrime police have a message for almost 30 users of an on-demand distributed-denial-of-service site: We see what you’re doing, now cut it out or we’re going to arrest you. Not for the first time, the move shows police in Europe also emphasizing ethical hacking pursuits instead for young adults.

https://www.inforisktoday.co.uk/dutch-cyber-cops-tell-stresserbooter-customers-cut-out-a-17727

2.4 Tbps Attack Was 140% Higher Than All Recorded Attacks
Microsoft disclosed that it mitigated a 2.4 Tbps DDoS attack, which was 140% higher in scale than any previously recorded network volumetric event on Azure. The firm and some security experts say that attacks of this magnitude could wreak havoc on targeted companies and are difficult to mitigate.

https://www.inforisktoday.co.uk/microsoft-says-mitigated-largest-ever-ddos-attack-a-17725

1 Alleged Co-Conspirator Was Employed by Bank of America, TD Bank
The U.S. Attorney’s Office for the Eastern District of Virginia last week indicted three men - including an ex-employee of Bank of America and TD Bank - with money laundering and aggravated identity theft after the men allegedly conducted an extensive business email compromise scheme.

https://www.inforisktoday.co.uk/3-men-charged-by-us-doj-laundering-bec-proceeds-a-17726

OMB Memo: Agencies Have 90 Days to Allow CISA to Begin Reviewing EDR Status
In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.

https://www.inforisktoday.co.uk/cisa-to-access-agencies-endpoints-help-enhance-security-a-17723

Accountable Care Organization Says It’s Investigating 2020 Incident
A compromise of sensitive health information affecting nearly 38,000 individuals discovered nearly a year after a terminated company executive accessed the data spotlights some of the top security and privacy challenges covered entities and business associates face with insiders.

https://www.inforisktoday.co.uk/former-executive-accessed-phi-nearly-38000-individuals-a-17724

Also, Bitdefender Report Reinforces Need for Cyber Hygiene When Using BYOD
The UK’s NCSC has published an updated guidance for employees using their personal devices for work. The agency offers technical controls for different types of bring-your-own-device, or BYOD, deployments. And a Bitdefender report stresses the need for good cyber hygiene when using BYOD.

https://www.inforisktoday.co.uk/uk-cybersecurity-agency-releases-new-byod-guidance-a-17722

Count of Victims - Listed on Leak Sites or Not - Appears To Be Holding Steady
One measure of the damage being done by ransomware groups continues to be how many victims get listed on ransomware operators’ dedicated data-leak sites, as part of their so-called double extortion tactics. Unfortunately, the number of victims doesn’t appear to be declining.

https://www.inforisktoday.co.uk/ransomware-no-decline-in-victims-posted-to-data-leak-sites-a-17719

Letter to 4 Departments Asserts that Cryptocurrency Is Enabling These Attacks
A congressional letter sent to the heads of four federal agencies expressed an urgent need for the Biden administration to continue combating ransomware. This includes a particular focus on the cryptocurrency infrastructure that is enabling these cyberattacks, four Democratic lawmakers say.

https://www.inforisktoday.co.uk/democratic-lawmakers-urge-agencies-to-act-on-ransomware-a-17716

Mandiant Report Says Threat Actors Deploy Ryuk, Leverage Initial Access Brokers
A Russian-speaking threat actor group that deploys the Ryuk variant ransomware, leverages initial access brokers, and generally skips double-extortion attempts in favor of fast and higher payout ransoms has been predominately targeting the healthcare sector, warns security firm Mandiant.

https://www.inforisktoday.co.uk/fin12-ransomware-attacks-aggressively-targeting-healthcare-a-17717

Code Deployed Prevents Detection and Kills Competition
Researchers at Trend Micro have discovered threat actors deploying malicious code that targets Huawei Cloud and removes defensive applications and services. The malicious codes, they say, disable the hostguard service that detects security issues, protects the system and monitors the agent.

https://www.inforisktoday.co.uk/trend-micro-linux-malware-targets-huawei-cloud-a-17714

Profit Projections Down £25 Million, Revenue Deferrals Put At £50 Million
A ransomware attack on Scottish multinational engineering firm Weir Group led to several ongoing but temporary disruptions including engineering, manufacturing and shipment rephrasing, hitting profits despite no ransom being paid.

https://www.inforisktoday.co.uk/ransomware-attack-hits-engineering-giant-weir-group-a-17710

Company Outlines Added Security for High-Profile Users, Announces 2FA Enrollment
Some 14,000 Google users were warned of being suspected targets of Russian government-backed threat actors on Thursday. The next day, the tech giant announced cybersecurity updates - particularly for email accounts of high-profile users, including politicians and journalists.

https://www.inforisktoday.co.uk/google-says-russian-apt-targeting-journalists-politicians-a-17708

Microsoft: 58% of Attacks Reported Worldwide Originated From Russia
Microsoft, in its annual threat review report, Digital Defense, says 58% of cyberattacks worldwide over the past year originated in Russia. And 92% of the Russia-based threat activity came from the nation-state threat group Nobelium.

https://www.inforisktoday.co.uk/nobelium-makes-russia-leader-in-cyberattacks-a-17705

Officials and Experts Debate Legality, Diplomatic Ramifications of the Statement
The Dutch government says it may use intelligence agencies or military services to counter cyberattacks - including ransomware attacks - that threaten the country’s national security. This comes in a letter from Dutch Minister of Foreign Affairs Ben Knapen in response to a parliamentary inquiry.

https://www.inforisktoday.co.uk/netherlands-says-armed-forces-may-combat-ransomware-attacks-a-17703

Erik Decker, CISO of Intermountain Health, on Ways to Bolster Security Posture
A federal law signed earlier this year amending the HITECH Act could help incentivize many healthcare sector entities to bolster their cybersecurity programs, says federal adviser Erik Decker, CISO of Intermountain Health, who suggest other incentives, as well.

https://www.inforisktoday.co.uk/efforts-to-incentivize-healthcare-sector-cyber-investments-a-17704

US Breach Notification Transparency Declining, Identity Theft Resource Center Warns
The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns. It says that there’s also been a rise in tardy breach notifications containing little detail.

https://www.inforisktoday.co.uk/data-breach-reports-rise-as-supply-chain-attacks-surge-a-17701

Discussion Also Addresses the Importance of Product Security
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of product security, the impact of ransomware on healthcare sector entities during the pandemic and thinking about cybersecurity awareness creatively.

https://www.inforisktoday.co.uk/ismg-editors-panel-first-fatality-linked-to-ransomware-a-17698

Martin Cook, Sr. Solutions Engineer, Reliaquest Discusses How to Streamline Your Time to Response
In this exclusive interview, Martin Cook, Senior Solutions Engineer with ReliaQuest, discusses how to reduce complexity, increase visibility and tap into new resources to enhance your own abilities to detect, investigate and respond to attacks.

https://www.inforisktoday.co.uk/analyzing-results-2021-cybersecurity-complexity-study-eu-uk-a-17700

110,000 Servers Exposed to Active Attacks; US Government Urges Immediate Patching
Apache HTTP Server users are being warned to install yet another patch, as a fix released Wednesday was incomplete and introduced a new flaw. The U.S. Cybersecurity and Infrastructure Security Agency has urged all users to update immediately, citing in-the-wild attacks exploiting Apache’s software.

https://www.inforisktoday.co.uk/apache-issues-another-emergency-patch-for-exploited-flaws-a-17697

Plug and Play Ventures Left an Amazon S3 Bucket Open to the Internet
A Silicon Valley venture capital firm that runs a matchmaker service linking investors with startups exposed 6GB of data, including deal flow information pertaining to investors and startups. The exposure has been closed, but it’s unclear if the company will notify regulators.

https://www.inforisktoday.co.uk/silicon-valley-vc-firm-leaked-deal-flow-data-a-17696

DOJ Also Announces Formation of National Cryptocurrency Enforcement Team
The U.S. Department of Justice said this week it will pursue government contractors that fail to report cybersecurity incidents. The department also announced the formation of a Cryptocurrency Enforcement Team to prosecute the misuse of virtual currencies.

https://www.inforisktoday.co.uk/us-doj-to-fine-contractors-for-failure-to-report-incidents-a-17695

Ransomware Variant Updated; Group Claimed Credit for Accenture Attack
Federal regulators are warning healthcare and public health sector organizations of potential attacks by the ransomware group LockBit 2.0 and its affiliates. The group claimed credit for the August attack on consultancy firm Accenture. What preventative steps should healthcare sector entities take?

https://www.inforisktoday.co.uk/hhs-warns-healthcare-sector-about-lockbit-20-threats-a-17694

5-Year Intrusion Is the Latest Incident Involving Lesser-Known - Yet Key - Provider
Who had heard of Syniverse before it recently disclosed a five-year breach, potentially exposing call-routing data and text messages for hundreds of mobile phone networks? The incident is just the latest supply chain attack to hit a lesser-known but nevertheless critical service provider.

https://www.inforisktoday.co.uk/breach-syniverse-reveals-yet-another-supply-chain-attack-a-17692

Exploits Use Ethernet Cables, Can Leak Data to Location Several Meters Away
Researchers at Ben-Gurion University of the Negev, Israel, have uncovered a new type of electromagnetic attack, dubbed LANtenna, that exfiltrates sensitive data from an isolated, air-gapped computer using Ethernet cables as transmitting antennas.

https://www.inforisktoday.co.uk/lantenna-attacks-exploit-air-gapped-networks-via-ethernet-a-17688

Legislation Would Also Direct US DHS to Study Ransomware, Cryptocurrencies
U.S. lawmakers have introduced legislation that would require the reporting of ransom payments within 48 hours of the transaction. The bill would also require DHS to create a voluntary website to log ransom payments and task the department with studying ransomware and cryptocurrencies.

https://www.inforisktoday.co.uk/new-bill-would-require-ransom-disclosure-within-48-hours-a-17689

Recent Cyber-Related Incidents Spotlight the Serious Potential Risks Facing Patients
The expanded recall of insulin pump devices due to vulnerabilities that pose the risk of injury or death to patients and a recent malpractice lawsuit alleging that the effects of a ransomware attack led to a baby’s death are the latest warnings of dangers posed by security issues in medical gear.

https://www.inforisktoday.co.uk/patient-safety-concerns-grow-over-medical-gear-security-a-17687

Reports: Platform’s Entire Source Code Compromised in 125GB Leak
Amazon-owned video streaming service Twitch, which focuses on video games and e-sports broadcasts, reportedly suffered a massive data breach, which the company vaguely confirmed via Twitter. A post on the anonymous online forum 4chan reportedly indicates that the entire platform was compromised.

https://www.inforisktoday.co.uk/video-game-streamer-twitch-confirms-massive-data-breach-a-17686

Shodan Search Shows 112,000 HTTP Servers Running Vulnerable Version
Apache, a popular open-source web server software for Unix and Windows, says it has fixed a zero-day vulnerability in its HTTP server that it says has been exploited in the wild. The path traversal and file disclosure vulnerability only affects Apache HTTP servers upgraded to version 2.4.49.

https://www.inforisktoday.co.uk/apache-fixes-zero-day-flaw-exploited-in-wild-a-17685

Cybersecurity Specialist John Walker on How Attackers Work
Cyber extortion through digital means is nothing new, says U.K.-based cybersecurity expert John Walker, but the concerning aspect of today’s ransomware attacks is that they are “low-cost in the macro sense and so easy to achieve.”

https://www.inforisktoday.co.uk/understanding-real-threat-ransomware-a-17684

Syniverse Routes Over 1 Trillion Messages Annually for AT&T, Verizon, Others
Telecommunications service provider Syniverse, which routes 1 trillion messages annually for many of the world’s mobile phone carriers, has disclosed a five-year breach of its systems, which handle call metadata and text messages. Experts say the exposed data poses serious criminal and espionage risks.

https://www.inforisktoday.co.uk/text-messaging-routing-firm-syniverse-reveals-5-year-breach-a-17682

This Is the 3rd Attack Involving the US Web Hosting Service Epik
Hacktivist collective Anonymous has for the third time carried out an attack involving Washington-based domain name registrar and web hosting service Epik, according to independent Texas journalist Steven Monacelli. This time around, the group leaked data belonging to the Republican Party of Texas.

https://www.inforisktoday.co.uk/anonymous-leaks-data-from-texas-gop-a-17679

FDA Warns Exploitation of Security Flaw Could Cause Death
The Food and Drug Administration on Tuesday issued a warning notifying patients that medical device maker Medtronic has expanded a recall of remote controllers for certain wireless insulin pumps that were part of an earlier recall. The FDA has classified the recall as the most serious type due to issues that could result in serious injury or death.

https://www.inforisktoday.co.uk/medtronic-insulin-pump-devices-recalled-due-to-serious-risks-a-17680

Agency Issues Best Practices for Communicating Device Vulnerabilities
The Food and Drug Administration has issued a new best practices document for healthcare industry stakeholders and government agencies to use when communicating medical device vulnerabilities to patients and caregivers.

https://www.inforisktoday.co.uk/fda-how-to-inform-patients-about-medical-device-cyber-flaws-a-17677

Head of NSA, Cyber Command Says US Will Continue to Battle Ransomware for Years
Some of the highest-ranking cybersecurity officials in the U.S. government discussed the pervasive threat of ransomware on Tuesday, likening it to a clear issue of national security with the ability to inflict measurable damage on major world powers.

https://www.inforisktoday.co.uk/top-us-cyber-officials-say-ransomware-here-to-stay-a-17678