Ransomware gangs rely on shotgun-style attacks using phishing or stolen remote access credentials to target individuals. This strategy snares less poorly prepared organizations, and that often means healthcare entities. Experts share insights on this plague on healthcare and what to do about it.
Especially for healthcare organizations, repelling ransomware attacks hinges on having robust monitoring and defenses in place to spot the signs of an unfolding attack and shut it down before crypto-locking malware gets unleashed, says Peter Mackenzie, director of incident response at Sophos.
Hackers, possibly North Korea's Lazarus Group, are behind a campaign that socially engineers cryptocurrency traders into opening an Excel spreadsheet loaded with a malicious macro. Pyongyang hackers specialize in cryptocurrency theft as the regime seeks hard currency to fuel weapons development.
The U.S. Department of Justice on Friday charged 10 individuals with using business email compromise and money laundering schemes to target public and private insurers. These schemes targeted Medicare, state Medicaid programs, private health insurers and numerous other victims.
User education is vital to boosting the detection rate of phishing emails or social engineering scams that could lead to data breaches or ransomware infestations. Technology alone can't make websites or email inboxes safe since both are business-critical for all users, says ID Agent's Amelia Paro.
Cyberattackers love to strike on weekends and holidays - that's not news. What is news: These attacks cost more than weekday incidents, and they take a heavy toll on defenders. Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays."
The shift to remote work during COVID-19 has prompted hackers to dramatically boost phishing attacks. The pandemic has led to users reading more corporate email on personal devices and opening messages while distracted by children or pets, increasing the chances they'll click on something malicious.
A Georgia-based home health and hospice provider will pay $425,000 to Massachusetts to settle litigation stemming from a 2020 breach affecting about 166,000 individuals nationwide. The agreement comes shortly after Aveanna Healthcare settled a proposed class action lawsuit in federal district court.
A French-speaking gang codenamed "Opera1er" has been tied to the theft of at least $11 million from dozens of victims - mainly banks in Africa - and remains "active and dangerous," cybersecurity researchers warn, as they release indicators of compromise to help potential victims protect themselves.
“MFA blocks 99% of attacks” until it doesn’t. An outdated MFA is a clear and present danger. In this webinar with Roger Grimes, author of “Hacking Multifactor Authentication”, we’ll enumerate the multiple vulnerabilities with existing “phishable” MFA; and the TTP’s hackers are employing to bypass the...
With fraudsters evolving their tactics and tricking a growing number of people with authorized payment scams, it's time for banks and security solution providers to explore new ways to protect consumers who are left holding the bag, says Ian Mitchell, managing partner at Omega FinCrime.
North Korean state hacking group Kimsuky is developing Android malware targeted at South Korean users by disguising the apps as legitimate apps including a Google security plug-in and a document viewer. Seoul-based cybersecurity company S2W dubs the apps FastFire, FastSpy and FastViewer.
Customer engagement platform Twilio says the number of customers affected by a phishing campaign that coaxed employees of the San Francisco company into permitting attackers to bypass multifactor authentication protections will stand at a final tally of 209.
Many entities fight an uphill battle against increasingly clever phishing and related scams that lead to serious data compromises, say former CIA analyst Eric Cole and former Department of Justice Assistant Attorney General David Kris, who are both advisers at security firm Theon Technology.
Organizations can improve security with modern authentication protocols, but the big message to the marketplace is that FIDO Passkeys give customers more convenience and deliver a consistent user experience, according to panelists on the final day of FIDO Alliance's Authenticate 2022 Conference.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.