Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware 92

Ransomware Blockchain Retail Insurance 92

Security Affairs

FEBRUARY 21, 2023

Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost. The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. Very important!

Insurance 86

Insurance Ransomware Encryption IT 86

Security Affairs

JANUARY 17, 2022

The pre-release announcement for Critical Patch Update (CPU) for January 2022 states that Oracle will fix 483 new flaws. This pre-release announcement for Critical Patch Update (CPU) for January 2022 confirms that Oracle security updates will address 483 new security patches. Pierluigi Paganini.

Communications 111

Communications Financial Services Big data Retail 111

Security Affairs

MAY 1, 2023

Bitmarck, one of the largest IT service providers for social insurance carriers in Germany, announced yesterday that it has suffered a cyber attack. The incident impacted statutory health insurance companies that have their IT operated by BITMARCK. The company immediately reported the incident to the responsible authorities.

IT 85

IT Insurance Data breaches Education 85

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The man is responsible for the cyber attacks that in 2022 hit the Australian insurance provider Medibank. “ In November 2022, Medibank announced that personal data belonging to around 9.7M

Government 105

Government Insurance Ransomware Data breaches 105

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia.

Ransomware 121

Ransomware Blockchain Retail Insurance 121

Data Matters

JUNE 23, 2022

Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. Kentucky Governor Andy Beshear signed House Bill 474 into law, and Maryland Governor Larry Hogan signed SB 207.

Insurance 100

Insurance Security Cybersecurity Information Security 100

IT Governance

MARCH 1, 2022

You can find out more about the cyber security implications of the Ukraine by registering for our special presentation hosted by IT Governance’s founder and executive chairman, Alan Calder. Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below.

Data breaches 134

Data breaches Ransomware Government Blockchain 134

Security Affairs

SEPTEMBER 8, 2024

BlackSuit Ransomware Dissecting the Cicada Year-Long Campaign of Malicious npm Packages Targeting Roblox Users Rocinante: The trojan horse that wanted to fly Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion FBI: Play ransomware gang has attacked 300 orgs (..)

Security 105

Security Insurance Ransomware Government 105

Hunton Privacy

NOVEMBER 15, 2023

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty ( i.e. , a fine) in connection with the company’s response to a data breach that occurred in February 2022.

Data breaches 128

Data breaches Privacy Risk Information Security 128

Security Affairs

MAY 16, 2024

MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. Threat actors gained access to the personal and health information of an undisclosed number of individuals. million customers.

Ransomware 117

Ransomware e-Delivery Data breaches Insurance 117

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. But after being presented with a document including the Social Security number of a health professional in D.C. Washington, D.C.

Access 295

Access Information Security Authentication Communications 295

Security Affairs

JANUARY 4, 2023

According to a statement published by Wabtec, threat actors breached the company network and infected internal systems as early as March 15th, 2022. The unusual activity was detected by the company on June 26th, then the rail giant launched an investigation into the security incident.

Ransomware 92

Ransomware Insurance Data breaches Manufacturing 92

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks.

Security 206

Security Risk Insurance Cybersecurity 206

Security Affairs

DECEMBER 29, 2022

The security breach took place on October 21, 2022, when the internal security team detected unusual activity on its computer network. The security breach took place on October 21, 2022, when the internal security team detected unusual activity on its computer network. Health insurance information.

Ransomware 93

Ransomware Computer and Electronics Data breaches Insurance 93

Security Affairs

DECEMBER 28, 2022

The chief executive of insurance giant Zurich warns that cyber attacks, rather than natural catastrophes, will become uninsurable. Mario Greco, chief executive of insurer giant Zurich, has warned that cyber attacks will become soon “uninsurable.”.

Insurance 94

Insurance Risk Ransomware IT 94

Security Affairs

JULY 13, 2024

148 in the Fortune 500 in 2022. The company launched an investigation into the security breach with the help of external experts and will notify the impacted customers, BleepingComputer first reported. The group is the third-largest drugstore chain in the United States, with over 2,000 stores, and ranked No.

Data breaches 125

Data breaches Ransomware Insurance Cybersecurity 125

Security Affairs

JULY 4, 2024

Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. The intruders have stolen protected health information from the company systems. Some key facts about HealthEquity: As of July 2022, HealthEquity managed 7.5 million accounts.

Data breaches 90

Data breaches Insurance Access Cybersecurity 90

Security Affairs

JANUARY 2, 2024

Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor. The Black Basta ransomware group has been active since April 2022 , like other ransomware operations, it implements a double-extortion attack model.

Ransomware 123

Ransomware Encryption Blockchain Insurance 123

Security Affairs

OCTOBER 23, 2024

It becomes increasingly difficult to gain complete visibility or transparency that could help security and privacy teams discover sensitive data, identify its security and compliance postures, and mitigate risks. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks.

Data Privacy 101

Data Privacy Privacy GDPR Compliance 101

Security Affairs

JANUARY 23, 2024

The gang published some screenshots as proof of the attack, including passports, ID cards, and personal information of some employees. The Black Basta ransomware group has been active since April 2022 , like other ransomware operations, it implements a double-extortion attack model.

Encryption 124

Encryption Ransomware Blockchain Insurance 124

Security Affairs

FEBRUARY 28, 2024

billion in revenue for fiscal year 2022 and had approximately 44,000 employees. The company discovered the security breach on February 21 and immediately launched an investigation into the incident. the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information. .”

Healthcare 99

Healthcare Data breaches Ransomware Insurance 99

Security Affairs

NOVEMBER 2, 2023

“On October 12, 2023, Rightway informed Okta that an unauthorized actor gained access to an eligibility census file maintained by Rightway in its provision of services to Okta. “The investigation revealed that your personal information was contained in the impacted file. .

Data breaches 124

Data breaches Insurance Access Authentication 124

IT Governance

OCTOBER 11, 2022

One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. The framework consists of five interrelated stages (or ‘layers’) to help organisations manage information security risks across all parts of their business. Why Cyber Insurance is Essential in 2022.

Risk 123

Risk GDPR Information Security Personal data 123

Security Affairs

JANUARY 19, 2024

According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report.

Ransomware 128

Ransomware Manufacturing Retail Insurance 128

Security Affairs

MARCH 22, 2023

“On July 5, 2022, we experienced an incident involving the inaccessibility of certain computer systems on our network. Through our response efforts, we learned that an unauthorized actor obtained access to certain ILS systems between June 30 and July 5, 2022.” The company provides its services to over 4.2

Data breaches 88

Data breaches Insurance Cybersecurity Access 88

Security Affairs

JANUARY 7, 2023

The gang states that the attack took place on December 3rd, 2022 and the attack was disclosed on January 6, 2023. employees info (social security numbers, emails, addresses, phone numbers, photos, insurances info, payments, etc.), The security breach was also confirmed by the victim in a notice published on its website.

Ransomware 85

Ransomware Insurance Data breaches Access 85

Security Affairs

AUGUST 20, 2024

branch of Toyota, stealing 240GB of files containing information on Toyota employees, customers, contracts, and financial details. branch of Toyota, stealing 240GB of files containing information on Toyota employees, customers, contracts, and financial details. The threat actor ZeroSevenGroup claims to have breached a U.S.

Data breaches 96

Data breaches Financial Services Archiving Passwords 96

Security Affairs

NOVEMBER 8, 2023

Exposed data Includes names, addresses, social insurance numbers, gender, marital status, date of birth, and rates of pay. The attackers also stole a “limited set” data from Erie Shoes HealthCare including 352 current and past employee social insurance numbers (SIN).

Ransomware 121

Ransomware Insurance Access Phishing 121

Security Affairs

OCTOBER 4, 2022

The attack took place from at least September 27, 2022 through the morning of September 29, 2022. The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe.

Metadata 116

Metadata Insurance Manufacturing Communications 116

IT Governance

JUNE 9, 2022

Organisations that are looking to bolster their information security practices are often advised to certify to Cyber Essentials – and for good reason. Plus, they are relatively easy to apply, with the scheme being designed for anyone to use regardless of their information security knowledge.

Security 117

Security Insurance Information Security Data breaches 117

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 98

Security Data breaches Artificial Intelligence Ransomware 98

Security Affairs

FEBRUARY 26, 2023

Clasiopa group targets materials research in Asia CERT of Ukraine says Russia-linked APT backdoored multiple govt sites UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2) CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine Highly evasive cryptocurrency miner targets macOS Hackers are actively exploiting (..)

Security 86

Security Military Ransomware Insurance 86

Hunton Privacy

AUGUST 10, 2022

On July 21, 2022, the National Institute of Standards and Technology (“NIST”) released an updated draft of its HIPAA Security Rule guidance. NIST issued the updated draft guidance to align it with other NIST cybersecurity guidance documents that have been published since the original HIPAA Security Rule guidance was issued in 2008.

Security 64

Security Insurance Cybersecurity Risk 64

IT Governance

SEPTEMBER 20, 2022

Over the next few weeks on this blog, we’ll delve into each layer, explaining what it encompasses, how it fits into an organisation’s overall approach to cyber security and the controls that can be implemented to establish that layer. Why Cyber Insurance is Essential in 2022. What is threat detection?

Phishing 123

Phishing Data breaches Risk Insurance 123

Security Affairs

OCTOBER 30, 2023

The median price of a vulnerability reported through the HackerOne platform is $500, up from $400 in 2022. 71% Absence of incidents or breaches, 59% Estimated savings of reputational or customer-related impacts as a result of a security program. Additional info is available in the report published by the company.

Blockchain 124

Blockchain Insurance Risk Security 124

Security Affairs

FEBRUARY 4, 2022

The investigation conducted with the help of independent cybersecurity experts, revealed that threat actors stole the personal information of 521,046 individuals, including employees, contractors, and clients. ” reads security incident notification sent by the company.

Ransomware 95

Ransomware Business Services Data breaches Insurance 95