Security News

The former chief operating officer of Securolytics, a network security company providing services for the health care industry, was charged with allegedly conducting a cyberattack on Georgia-based Gwinnett Medical Center. 45-year-old Vikas Singla supposedly disrupted the health provider's Ascom phone service and network printer service and obtained information from a Hologic R2 Digitizer digitizing device in September 2018.

Cisco's Talos team said 35% of incidents led back to Microsoft Exchange Server vulnerabilities reported early in 2021, but new ransomware families have been appearing to fill the Emotet hole, too. Cisco's Talos Intelligence Group has released its incident response trends report for spring 2021, and found that Microsoft Exchange Server vulnerabilities reported in early 2021 were the most detected incident over the past three months.

Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month. "In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated," JBS USA said in a statement, with CEO Andre Nogueira adding the firm made the "Very difficult decision" to prevent any potential risk for its customers.

One of the essential types of password protection recommended by noted cybersecurity standards is breached password detection. Organizations need a solution that checks a password during the password set operation and proactively monitors the password landscape to find passwords that may become breached.

The world's largest meat processing company says it paid the equivalent of $11 million to hackers who broken into its computer system late last month. Brazil-based JBS SA said on May 31 that it was the victim of a ransomware attack, but Wednesday was the first time the company's U.S. division confirmed that it had paid the ransom.

SMART Modular Technologies announced its T5PFLC FIPS 140-2 SSDs which provide certified authentication, sophisticated encryption, and are available in capacities from 120GB - 2TB. FIPS 140-2 is a National Institute of Standards and Technology standard that outlines a set of security criteria to enable the safe handling of sensitive information, and is a requirement for all U.S. Federal government applications as well as most other high-security applications. SMART's FIPS 140-2 designation signifies that these SSDs contain cryptographic components that have been validated to NIST FIPS 140-2 Level 2 Standard which provides assurance that electronic information is highly protected and meets the stringent classification standards required by the government.

The Spanish Ministry of Labor and Social Economy is working on restoring services after being hit by a cyberattack on Wednesday. "The Ministry of Labor and Social Economy has been affected by a computer attack," MITES' media office said earlier today.

A pipeline company CEO on Tuesday defended his decisions to abruptly halt fuel distribution for much of the East Coast and pay millions to a criminal gang in Russia as he faced down one of the most disruptive ransomware attacks in U.S. history. Colonial Pipeline CEO Joseph Blount said he had no choice, telling senators uneasy with his actions that he feared far worse consequences given the uncertainty the company was confronting as the attack unfolded last month.

New York City's law department was been hit with a cyberattack that forced officials to take the 1,000-lawyer agency offline, but Mayor Bill de Blasio said he believes no data was compromised in the hack. City officials said they disconnected the law department's computers from the city's network on Sunday, after discovering the cyberattack.

United States trucks and military vehicles maker Navistar International Corporation has confirmed a cyberattack that resulted in some data being stolen. On Monday, in a Form 8-K filing with the Securities and Exchange Commission, Navistar said it earned of a credible potential cybersecurity threat to its information technology system on May 20, 2021.