Leveraging Knowledge to Manage Your Data Risks
University Medical Center in Las Vegas announced that it recently became the victim of a ransomware attack by REvil, a well-known threat actor that has attacked many hospitals and health systems with the Sodinokibi malware variant.
It is being reported that during the attack, REvil was able to exfiltrate personal information that it then published…
New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy malicious malware and ransomware.
Social engineering is when criminals conduct online search of…
Coveware issued its Q1 2021 Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues to be prevalent and we have reached an inflection point where the vast majority of ransomware attacks now include the theft of corporate data.”
The Report states that the average ransom payment increased 43 percent from $154,108…
Another example of the resiliency and creativity of cyber-attackers is outlined in a new blog by Cisco/Talos researchers, which outlines how, over the past year, and in particular as a result of the migration from work at the office to work from home during the pandemic, cyber-attackers are using collaboration platforms like Slack and Discord…
Applus Technologies, Inc., a vendor of multiple state Departments of Motor Vehicles that assists states with vehicle inspections, recently announced that its systems have been affected by malware, disrupting motor vehicle inspections in Connecticut, Georgia, Idaho, Illinois, Massachusetts, New York, Texas, and Utah. As a result of the outage, vehicle inspections have not been able…
Aerospace and energy equipment manufacturer Honeywell has reportedly been hit with a cyber-attack in the form of a malware intrusion that disrupted some of its information technology systems. Honeywell issued a statement on March 23, 2021, stating that it “took steps to address the incident, including partnering with Microsoft to assess and remediate the situation.”…
The Center for Internet Security (CIS) announced last week that it has launched the Malicious Domain Blocking and Reporting (MDBR) service to assist U.S.-based private hospitals with ransomware and cyber-attacks for free. CIS, a not-for-profit entity, “is fully funding this for private hospitals at no cost, and with no strings attached, because it’s the right…
The statistic that cybercriminals have been unleashing 18 million phishing emails laced with malware on a daily basis into cyberspace during the pandemic is mind boggling, and one that executives should pay attention to when prioritizing resources for user education. Math was never my strongest subject, but 18 million malicious emails targeted at all of…
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that it had entered into a Resolution Agreement, Corrective Action Plan, and settlement with Lifetime Healthcare, Inc., the parent of Excellus Health Plan, over alleged violations of HIPAA relating to a data breach that occurred from December 23, 2013 through…
U.S. intelligence agencies, including the FBI, the Office of the Director of National Intelligence, the National Security Agency and the Cybersecurity and Infrastructure Security Agency, have confirmed that Russia was behind the SolarWinds hack. It is reported that the FBI is investigating whether Russia hacked into project management software JetBrains’ TeamCity DevOps tool to originally…
