Hacking incidents recently reported as major breaches by three different types of health sector entities - a children's hospital, a managed care plan and a government contractor - have in total compromised the sensitive information of more than 1.4 million individuals.
Semperis has closed a Series C funding round to expand geographically and enhance identity protection and threat mitigation with AI and ML capabilities. The AD security provider plans to use the $200 million to expand into safeguarding additional cloud applications and cloud identity providers.
The ICO has imposed a penalty of 7.5 million pounds on Clearview AI Inc. for using scraped U.K. citizen facial images for its facial recognition database. The agency has directed the firm to delete images of all U.K. citizens and to stop scraping data from the open internet.
Mark Zuckerberg, CEO of Facebook parent Meta, is being sued for failing to protect users of the social media platform during the Cambridge Analytica privacy scandal. The lawsuit on behalf of the District of Columbia was initiated by Washington, D.C. Attorney General Karl A. Racine.
A cyberattack detected in December at a Canadian healthcare entity has compromised a wide range of data, including some patient information dating back to 1996, as well as employee vaccination records from last year. Some of the affected data belonged to a nonprofit group of affiliated clinicians.
The U.S. is setting up a Joint Ransomware Task Force, headed by the Cybersecurity and Infrastructure Security Agency and the FBI, as well as two international initiatives, chaired by the Department of Justice, to tackle illegal cryptocurrency activities related to ransomware.
In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.
The healthcare services in the island country of Greenland, an autonomous Danish dependent territory, have been crippled by a cyberattack that began on May 9, 2022. Healthcare executives continue to face IT challenges to date, including lack of access to patient records and email services.
Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDdos. First discovered in 2014, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.
Pathlock has merged with Appsian to form a 500-person vendor that secures users and data across SAP and Oracle's ERP apps. Bringing Pathlock, Appsian and Security Weaver together will allow the firm to take a larger bite out of the $110 billion market focused on compliance testing for business apps.
There has been a rise in crypto fraud, and a substantial portion of it can be attributed to stimulus funding and paycheck protection programs, says David Britton, vice president of strategy, global ID and fraud at Experian. He discusses new authentication methods and stricter regulations.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
Canada says it will no longer allow the use of products and services from China's Huawei Technologies and ZTE Corp. in its telecommunications systems. The government says its decision is based on reviews by independent security agencies and was made in consultation with its "closest allies."
The U.S. Department of Justice has revised its policy on who it charges with violations under the Computer Fraud and Abuse Act. The DOJ now specifies that good-faith security research and researchers cannot be charged under the CFAA because they help improve cybersecurity standards.