Fewer health-care organizations are paying ransoms, but the average payment has soared. Eric Geller reports: Hospitals, clinics and other health-care organizations are facing a barrage of cyberattacks and struggling to provide normal services amid computer outages and loss of important files, according to newly published research by Proofpoint, an email security firm. Nearly 90% of…
Category: Commentaries and Analyses
The largest cyberattack of its kind recently happened. Here’s how.
Tim Starks writes: A trio of internet giants revealed on Tuesday that they had fought off an “unprecedented” distributed denial-of-service (DDoS) attack — used to disrupt the availability of systems like websites and services — that registered as the biggest on record, by far. Cloudflare, Google and Amazon Web Services (AWS) said the attack relied…
Justice department wants to fight R5 million fine over ransomware attack in court
Myles Illidge reports: The Department of Justice and Constitutional Development (DoJ&CD) is taking the Information Regulator to court to appeal the R5 million fine the agency slapped it with after falling prey to a ransomware attack in 2021, TechCentral reports. Departmental spokesperson Steven Mahlangu reportedly said the court application was issued on 29 September 2023…
North Korea Suspected in Massive Hack of DeFi Project Mixin (1)
Katrina Manson reports: The massive breach of a decentralized finance project bears the hallmarks of a North Korean attack, according to a senior White House official. Mixin Network, which helps blockchains handle transactions more efficiently, said it had lost less than $150 million in a late-September attack. Originally the company estimated it lost $200 million…
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
Alert Code AA23-278A EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. Through NSA and CISA Red and Blue…
HC3: Monthly Cybersecurity Vulnerability Bulletin
October 05, 2023 TLP:CLEAR Report: 202310051200 September Vulnerabilities of Interest to the Health Sector In September 2023, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches. Vulnerabilities for September…