LATEST POST
RedLine, META infostealer malware operations disrupted by “Operation Magnus”
An announcement by Dutch police in conjunction with their law enforcement partners had cyberdefenders smiling yesterday. Law enforcement had seized the source code and network infrastructure for RedLine and META infostealers. In what has been called “Operation Magnus,” law enforcement warned cybercriminals that they got their data, too. In a “final update” video, law enforcement […]
Dozens under investigation in Italy amid scandal over hacked government databases and illegal dossiers
The Record reports: Four people were arrested in Italy on Friday, with dozens more under investigation, in connection with an alleged conspiracy that links current and former officials in the country’s security services to a private intelligence agency for the purposes of building illegal dossiers. The alleged creation of such dossiers has been a growing […]
Exemptions from the Drug Supply Chain Security Act Enhanced Drug Distribution Security Requirements
Christopher R. Smith of Epstein Becker & Green, P.C. writes: On July 12, 2024, the FDA provided small dispensers—those employing 25 or fewer full-time pharmacists or pharmacy technicians—with an exemption from the Drug Supply Chain Security Act’s (“DSCSA”) enhanced drug distribution security (“EDDS”) requirements until November 27, 2026.[1] The FDA had previously announced a stabilization period effectively delaying […]
Delta sues CrowdStrike over “catastrophic” software update that prompted mass flight disruptions
The Times of India reports that Delta Air Line sued CrowdStrike over the firm’s faulty software update in July that resulted in widespread outages for CrowdStrike customers. Delta had to cancel 7,000 flights for 1.3 million customers and suffered $500 million in losses. CrowdStrike responded to the lawsuit, which was filed in Georgia state court […]
77% of CISOs fear next big breach will get them fired
CSO reports that increased pressures are putting CISOs in the hot seat, but should they bear all the blame when the inevitable comes? Should the entire C-suite have skin n the game? When security vendor Portnox reported in a survey that 77% of CISOs say they are either very or extremely worried about losing their job when […]
Change Healthcare notifies OCR that it sent 100 million notices following since February ransomware attack
Eight months after the biggest breach ever involving patient data, Change Healthcare informed the U.S. Department of Health & Human Services Office of Civil Rights (HHS OCR) that it has sent individual notifications to 100 million affected patients. This is the first time they have revealed any actual number since an April update where they […]
How Merck upped its cybersecurity strategy since the NotPetya cyberattack that led to a $1.4 billion dispute
A costly lesson to learn, but it sounds like Merck learned it. Fortune reports: Cybersecurity has always been a priority, but got even more attention inside Merck after the company was stung by the NotPetya cyberattack in 2017, which reportedly damaged more than 30,000 of the company’s computers. It led to $1.4 billion in claims […]