Raytheon Company (Raytheon), RTX Corporation, and Nightwing Group LLC, and Nightwing Intelligence Solutions LLC (collectively, Nightwing), have agreed to pay $8.4 million to resolve allegations that Raytheon violated the False Claims Act by failing to comply with cybersecurity requirements in contracts or subcontracts involving the Department of Defense (DoD). Raytheon is a subsidiary of Arlington,…
Category: Of Note
45 CHS hospitals were affected by the Oracle Health outage
This is reportedly all resolved by now, but on April 25, Becker’s Hospital Review reported that dozens of hospitals affiliated with Franklin, Tenn.-based Community Health Systems were experiencing IT outages after data storage linked to their Oracle Health EHRs was accidentally deleted: The hospitals have reverted to paper for patient records, with the issue expected…
EFF Leads Prominent Security Experts in Urging Trump Administration to Leave Chris Krebs Alone
DataBreaches has signed the letter, too, and encourages others to sign it. The administration’s attempts to censor honest reporting just because it disagrees with their political agenda and revenge campaign must stop. April 28 – SAN FRANCISCO – The Trump Administration must cease its politically motivated investigation of former U.S. Cybersecurity and Infrastructure Security Agency…
North Dakota Expands Data Security Requirements and Issues New Licensing Requirements for Brokers
A.J. S. Dhaliwal, Mehul N. Madia, and Beineng Zhang of SheppardMullin write: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated…
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions!
Catalin Cimpanu writes: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. All…
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…