Source: Shutterstock

Attempted Ransomware Attack Grounds SpiceJet Flights

Mihir Bagwe • May 25, 2022

Indian passenger airline SpiceJet says an attempt at a ransomware attack was made against its IT infrastructure on Tuesday night. The airline says the attack was "contained," and it has resumed regular operations. Passengers continued to complain about takeoff delays until noon local time.

Fraud Management & Cybercrime

Conti Claims It Has 'Insiders' in Costa Rican Government

Latest

Next-Generation Technologies & Secure Development

Cribl Raises $150M to Incubate New Observability Features

Michael Novinson • May 25, 2022

Cribl has raised $150 million to drive the development of new features such as hosted versions of the company's technology. The company will build out separate tools for each piece of the observability process rather than forcing customers to purchase a bundle with features they don't care about.

Application Security

WhiteSource, Renamed Mend, Takes on Remediating Code Issues

Michael Novinson • May 25, 2022

WhiteSource has renamed itself Mend as the company pushes beyond software composition analysis to become a broad application security platform with automated remediation. The name WhiteSource didn't have any negative connotations when the company was founded, but some people today find it offensive.

Healthcare

Developing Medical Device Cybersecurity Maturity Benchmarks

Marianne Kolbasuk McGee • May 25, 2022

An effort to establish industry benchmarks for medical device cybersecurity maturity aims to help advance overall cybersecurity in the healthcare sector, says Rob Suárez, CISO of medical device maker Becton, Dickinson and Co. He discusses how to improve the state of medical device cybersecurity.

Breach Notification

3 Health Data Hacks Affect 1.4 Million Individuals

Marianne Kolbasuk McGee • May 24, 2022

Hacking incidents recently reported as major breaches by three different types of health sector entities - a children's hospital, a managed care plan and a government contractor - have in total compromised the sensitive information of more than 1.4 million individuals.

Artificial Intelligence & Machine Learning

Semperis Raises $200M to Extend AI, ML to Identity Security

Michael Novinson • May 24, 2022

Semperis has closed a Series C funding round to expand geographically and enhance identity protection and threat mitigation with AI and ML capabilities. The AD security provider plans to use the $200 million to expand into safeguarding additional cloud applications and cloud identity providers.

Security Operations

UK Privacy Watchdog Imposes 7.5M-Pound Fine on Clearview AI

Mihir Bagwe • May 24, 2022

The ICO has imposed a penalty of 7.5 million pounds on Clearview AI Inc. for using scraped U.K. citizen facial images for its facial recognition database. The agency has directed the firm to delete images of all U.K. citizens and to stop scraping data from the open internet.

Governance & Risk Management

Hospital Cyberattack Compromises Data From Decades Ago

Marianne Kolbasuk McGee • May 23, 2022

A cyberattack detected in December at a Canadian healthcare entity has compromised a wide range of data, including some patient information dating back to 1996, as well as employee vaccination records from last year. Some of the affected data belonged to a nonprofit group of affiliated clinicians.

Blockchain & Cryptocurrency

US Sets Up Multiagency Initiatives to Curb Ransomware

Prajeet Nair • May 23, 2022

The U.S. is setting up a Joint Ransomware Task Force, headed by the Cybersecurity and Infrastructure Security Agency and the FBI, as well as two international initiatives, chaired by the Department of Justice, to tackle illegal cryptocurrency activities related to ransomware.

Blockchain & Cryptocurrency

Proof of Concept: How Can We Improve Industry Collaboration?

Anna Delaney • May 23, 2022

In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.

Business Continuity Management / Disaster Recovery

Cyberattack Affects Greenland's Healthcare Services

Mihir Bagwe • May 23, 2022

The healthcare services in the island country of Greenland, an autonomous Danish dependent territory, have been crippled by a cyberattack that began on May 9, 2022. Healthcare executives continue to face IT challenges to date, including lack of access to patient records and email services.

Endpoint Security

How Broadcom Acquiring VMware Would Shake Up Cybersecurity

Michael Novinson • May 23, 2022

The tumultuous experience of Symantec under Broadcom's control presents a cautionary tale for CISOs currently using VMware's security technology. Symantec saw massive customer and employee attrition following deal close, and the company's technology doesn't fare as well in reviews by Gartner.

Cybercrime

Massive Surge in Use of Linux XorDdos Malware Reported

Prajeet Nair • May 21, 2022

Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDdos. First discovered in 2014, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.