Apria healthcare data breach has exposed the personal, medical, and financial information of up to 1.8 million individuals. The cyber intrusions occurred from April 5 to May 7, 2019, and from August 27 to October 10, 2021.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Fortune 500 companies continue to demonstrate extreme wariness of AI chatbots and similar AI tools in the workplace, as Apple has banned employees from using ChatGPT on work devices.
Siloed technologies with different management and configuration dashboards cobbled together create security gaps and visibility blind spots that slow cyber response, mitigation and recovery.
Bad bots account for 30% of internet traffic and are increasingly used in account takeover and API attacks, while human traffic fell to an 8-year low of just over half of all internet traffic.
Microsoft reports a long-term campaign by Chinese hackers that has burrowed into a number of different aspects of US critical infrastructure, with the eventual goal being the creation of a system of widespread disruption that could be 'switched on' during another global crisis or a conflict between the two nations.
Another vulnerability that can expose master passwords in KeePass has surfaced, after one was discovered to start the year. The new security exploit involves traces of the password being left in system memory, and potentially reassembled if the memory is dumped.
The focus is now turning to the cybersecurity implications of ChatGPT and other AI/machine learning (ML) platforms especially after the recent OpenAI security incident. What are some of the key security considerations that organizations need to consider before they explore how to utilize new AI/ML solutions?
Authorities in the U.S. and Australia have warned that the BianLian ransomware gang has abandoned the double extortion model for purely data extortion attacks. More groups are likely to follow suit and forego the hassle of developing and managing the encryption and decryption process in favor of a less complicated attack,
Cyber insurance only forms part of the puzzle in bolstering cyber resilience. Even with cyber insurance, businesses must not consider themselves immune from ransomware attacks. They must still implement cyber hygiene practices as part of a holistic data protection and recovery strategy.
Group-IB researchers infiltrated the Qilin ransomware operation and observed that the group's payment structure rewards affiliates with 80% from a ransomware payout of $3 million or less and 85% for any payout exceeding $3 million.










