Like a member of any profession, a chief information security officer (CISO) grows into their role. They exhibit a maturity curve that can be roughly split into five attitudes: Protection: When a CISO first steps into their role, they look to perfect the basics and build a fortress for themselves in the form of firewalls,…

While ransomware groups have not spared any industry, attackers have put the healthcare sector at the top of their preferred targets. The surge in hospitals falling victim to breaches has raised concerns among regulators and government officials who have moved to push through new policies and legislation. CommonSpirit, one of the largest nonprofit healthcare systems…

Ukraine’s domestic intelligence agency revealed earlier this week that it successfully blocked more than 4,500 cyberattacks in 2022. The Security Service of Ukraine, which protects Ukraine’s information and digital security in wartime conditions, says the number of cyberattacks has tripled since last year and increased fivefold since 2020, when only 800 cyberattacks were documented. The…

BTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the extraction of new Bitcoin coins. BTC.com is one of the largest platforms for transferring Bitcoin…

The U.S. Department of Justice is reportedly investigating the theft of nearly $400 million from FTX. The crypto exchange disclosed in November the day after it filed for bankruptcy that “unauthorized access” had led to the theft. The criminal investigation is separate from the fraud case Justice is pursuing against company co-founder Sam Bankman-Fried, Bloomberg…

The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors. “This ransomware variant, dubbed ‘PolyVice,’ implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms,” SentinelOne researcher Antonio Cocomazzi said in an analysis. Vice Society, which is tracked by Microsoft under the…

In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. In response to the incident, the company deployed containment and mitigation measures and implemented additional enhanced…

France’s privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft’s Ireland subsidiary for dropping advertising cookies in users’ computers without their explicit consent in violation of data protection laws in the European Union. The Commission nationale de l’informatique et des libertés (CNIL) noted that users visiting the home page of its Bing…