Security News

Romanian hospital ransomware crisis attributed to third-party breach
2024-02-14 15:48

The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider. All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.

Proactive cybersecurity: A strategic approach to cost efficiency and crisis management
2024-01-31 05:30

We examine the benefits of adopting a proactive cybersecurity approach, particularly in terms of cost efficiency and crisis management, and explore the impact of offensive security testing on compliance and zero-day response. A zero trust approach to cybersecurity has become the go-to model for many organizations because it embraces a framework that layers nicely across every possible threat vector.

Ransomware recap 2023 highlights cybersecurity crisis
2024-01-30 05:00

In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment's development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368 victims globally, according to Cyberint.

Ransomware negotiation: When cybersecurity meets crisis management
2024-01-18 05:00

He discusses ransomware gangs, the role of cyber insurance, and how governments and regulatory bodies are responding to the ransomware threat. In light of the increasing sophistication of ransomware attacks, can you discuss the dynamics of negotiating with ransomware gangs? How do these negotiations typically unfold, and what are the critical business considerations during these interactions?

If you prepare, a data security incident will not cause an existential crisis
2024-01-09 06:00

Why is it that when a company becomes aware of a potential data security incident, the team working on it have an immediate and overwhelming feeling that the company is doomed? And yet, when there's another kind of high-risk event, such as an ethics investigation, it doesn't cause the same apocalyptic feelings? Cybersecurity professionals in legal and IT security departments have key roles in working through a data security incident, but often fail to build up a trusted relationship in advance.

Australian Government’s ‘Six Cyber Shields’ Is Potentially a Well-Meaning Skills Crisis
2023-09-26 16:01

This forms a core part of the upcoming 2023-2030 Cyber Security strategy, and it aims to build six cyber shields in service of citizens, businesses and government at all levels. As well-meaning as this initiative is, there are many implications about the impact the six cyber shields approach will have on Australian businesses.

EU’s financial institutions face cyber resilience crisis
2023-08-01 03:00

84% of financial institutions have been exposed to a fourth-party breach - illustrating how a vast web of unseen risks are hiding in plain sight. "If nearly 20% of the most well-resourced financial entities in the EU have grades of C or worse, then it's likely that the overall cyber resilience for other financial entities is actually much lower," said Matthew McKenna, Chief Sales Officer, SecurityScorecard.

China crisis is a TikToking time bomb
2023-03-27 09:30

Chinese law, specifically Article 7 of the National Intelligence Law compels all citizens and organisations to act as covert arms of state security on demand, even if overseas. Chinese owned technology companies can deny this as much as they like, in fact they have to, but the law is clear.

How to succeed in cyber crisis management and avoid a Tower of Babel
2023-01-17 05:30

Even if things go well on the technical level, incident response is still a stressful and hectic process across the company; this is the reality of cyber crisis management. I recently managed a cyber incident in a large company where, on a technical level, the handling of the incident was excellent but the cooperation with the management was complex and frustrating, a real Tower of Babel.

S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]
2023-01-12 19:59

We've got one zero-day, but perhaps even bigger than that, we say, "Thanks for the memories, Windows 7 and Windows 8.1, we hardly knew ye." There's one zero-day, which I think is an elevation of privilege, and that applies right from Windows 8.1 all the way to Windows 11 2022H2, the most recent release.