BankInfoSecurity.com

1.3 Million Individuals Being Notified Their Social Security Numbers Were Stolen
Background check firm Jericho Pictures, which does business as National Public Data, is notifying 1.3 million individuals that their personal information was stolen via a December 2023 breach of its systems. The stolen information was listed for sale on a cybercrime market beginning in April.

Cybercriminal Gang RansomHub Claims It Leaked 700 Gigabytes of Lab's Stolen Data
Florida drug testing medical laboratory American Clinical Solutions told federal regulators that 300,000 individuals are caught up in a hacking incident now that criminal gang RansomHub has published 700 gigabytes worth of data stolen from the lab's network.

NYU's Brennan Lodge on Training Your Own Model With Retrieval Augmented Generation
Many cybersecurity organizations hope generative artificial intelligence and large language models will help them secure the enterprise and comply with the latest regulations. But to date, commercial LLMs have big problems - hallucinations and a lack of timely data, said NYU professor Brennan Lodge.

FBI Says Iran, Russia Ramping Up Influence Operations Ahead of National Vote
The FBI confirmed recent reports that Iran hacked into former President Donald Trump’s campaign, saying in a Monday statement the country was attempting "to stoke discord and undermine confidence" in the U.S. democratic process through online influence operations and other malicious efforts.

Median Ransomware Attack Recovery Cost for Critical Infrastructure Is 4X Higher
Ransomware remains a major threat to energy, oil/gas and utilities organizations of all sizes around the globe. Our 2024 state of ransomware report reveals that the median recovery costs for two critical infrastructure sectors - energy and water - quadrupled to $3 million over the past year.

Microsoft's Tool Requires Physical Access, a 'Time-Consuming and Laborious Task'
Microsoft's statement that a faulty CrowdStrike update affected less than 1% of active Windows systems doesn't tell the full story, since large organizations in critical sectors make up a disproportionate part of the user base, as the outages in healthcare, transportation and banking demonstrate.

Tips on Managing Public Relations in the Face of a Cyber Incident
Cybersecurity incidents are not just technical problems. They are also major public relations challenges. Effective IT and cybersecurity leadership during a crisis can significantly affect your company's reputation, stakeholder trust and overall recovery - and have a big impact on your career.

The deployment of an asset management platform is helping Main Line Health gain deeper visibility and better security over the 100,000-plus medical devices and IoT gear used throughout the group's multiple hospitals and medical facilities, said CISO Aaron Weismann, who discusses the implementation.

Healthcare groups should consider several key points about a recent Texas federal court ruling and its impact on the use of online tracker technology on the healthcare websites of HIPAA-regulated organizations, said privacy attorney Iliana Peters of the law firm Polsinelli.

The interconnectedness of medical devices, which generate data that can be distributed to multiple systems that are often managed by different policies, presents privacy concerns that device manufacturers must address, said Adam Hesse, CEO of Full Spectrum.

The FDIC is clarifying its policy and supervisory approach related to facilitating payment processing services directly, or indirectly through a third party, for merchant customers engaged in higher-risk activities.

The FFIEC on Oct. 7 issued a joint statement concerning Microsoft's discontinuation of support for its Windows XP operating system as of April 8, 2014.