The breach was caused by a hacker exploiting a vulnerability in a third-party application. Customer information such as names, phone numbers, postal and email addresses may have been exposed, but financial and password information remains unaffected.
The US cybersecurity agency CISA on Tuesday published a new document detailing its efforts in promoting the use of artificial intelligence (AI) to improve security and supporting critical infrastructure organizations in adopting AI. Aligned with national AI strategy, CISA’s Roadmap to AI (PDF) promotes beneficial uses of AI in enhancing cybersecurity capabilities and details the […]
3rd Party Risk Management , Breach Notification , Cybercrime Northwell Health Among Perry Johnson & Associates’ Healthcare Clients Affected Marianne Kolbasuk McGee (HealthInfoSec) • November 15, 2023 A data theft incident at medical transcription firm PJ&A has affected at least 9 million patients. (Image: Perry Johnson & Associates) The number of healthcare organizations […]
In yet another sign that international cybersecurity cooperation is on the rise in the Middle East and Africa region, the countries of Rwanda and Qatar have partnered to collaborate on a number of cybersecurity strategies, including improving public key infrastructure and support for AI research and development. The deal is part of a Qatari effort […]
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). “Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised […]
Fraud Management & Cybercrime , Government , Industry Specific Bureau Touts ‘All-Time High’ Public-Private Coordination Despite Rise in Attacks Chris Riotta (@chrisriotta) • November 15, 2023 The FBI, CISA and other agencies have invested in expanding information-sharing programs with private sector partners in recent years, officials said Wednesday. (Image: Shutterstock) Enhanced interagency and […]
MeridianLink, a publicly traded software company, is facing pressure from the ransomware group after allegedly not responding to their ransom demands and failing to disclose the breach.
According to recent research on employee offboarding, 70% of IT professionals say they’ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn’t deprovisioned, a surprise bill for resources that aren’t in use anymore, or a missed handoff of a critical resource or […]
Nov 16, 2023NewsroomCloud Security / Ransomware A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. “Starting from a single compromised machine, threat actors could progress in several ways: they could […]