A Ferrari Spider - a fast car but not as fast as Red Bull (Image: Shutterstock)

Breach Roundup: Ferrari, Indian Health Ministry and the NBA

Mihir Bagwe • March 23, 2023

This week's roundup of cybersecurity incidents around the world includes attacks on luxury car manufacturer Ferrari, the Indian health system and a Dutch maritime logistics company. Other data breach incidents involve the NBA, Lionsgate, the city of Oakland, McDonald's and Samsung.

►

Fraud Management & Cybercrime

How Innovative Security Tools Cut Video Piracy by 85%

Latest

Cyberwarfare / Nation-State Attacks

SideCopy APT Targets India's Premier Defense Research Agency

Jayant Chakravarti • March 23, 2023

Security researchers uncovered a Pakistani cyberespionage group employing fresh tactics to target workers at India's Defence Research and Development Organization and steal sensitive military secrets. A new campaign uses a PowerPoint file with information about India-developed K4 missile.

Blockchain & Cryptocurrency

Cryptohack Roundup: BitPay, Euler Finance Gala Games

Rashmi Ramesh • March 23, 2023

Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 17 and 23: New York State Department of Financial Services reminds BitPay that regulations exist. Also, Euler Finance, Gala Games, BitGo, ZenGo, General Bytes, Bitzlato and ParaSpace.

Cyber Insurance

Lawmakers Weigh New Regulations in U.S. Cyber Strategy

Cal Harrison • March 23, 2023

Members of a U.S. House panel got their first look at the Biden Administration's new National Cybersecurity Strategy and quizzed the White House cybersecurity director on the timeline, proposed regulations and incentives for private businesses.

Cybercrime

Report: Threat Landscape Growing Scarier for Healthcare

Marianne Kolbasuk McGee • March 23, 2023

Threats that traditionally menaced other industries - including synthetic accounts and abuse of IT product platforms - are emerging worries for the healthcare sector, warns an industry report. Other experts also predict a similar evolution among criminal activities affecting the healthcare sector.

Critical Infrastructure Security

US Officials Urged to Examine Chinese Risk to Electric Grid

Michael Novinson • March 23, 2023

Utility companies have increasingly refrained from purchasing large power transformers from China given greater awareness of the security risks. Lawmakers sparred with the Energy Department's cybersecurity leader over how much of the electric grid contains components manufactured in China.

Card Not Present Fraud

Credit Card Stealer Targets WordPress Payment Plug-Ins

Rashmi Ramesh • March 23, 2023

Attackers are deploying modified MageCart malware against WordPress websites that use the WooCommerce shopping cart plug-in, says website security firm Sucuri. Hackers inject PHP and JavaScript code and hide stolen credit card numbers in .jpg files.

Card Not Present Fraud

Online Card Fraud Flourishes, Thanks to the Magnetic Stripe

Suparna Goswami • March 23, 2023

EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.

Fraud Management & Cybercrime

TikTok CEO Aims to Assure Lawmakers Americans' Data Is Safe

Mathew J. Schwartz • March 23, 2023

TikTok CEO Shou Chew appeared Thursday before the U.S. congressional panel to defend his company against accusations that it's imperiling Americans' national security, privacy and mental health. Lawmakers pressed Chew on the company's Chinese ownership, source code and privacy practices.

Security Information & Event Management (SIEM)

Securonix SIEM Platform Frees CISOs From Security Burdens

Rahul Neel Mani • March 23, 2023

As the human factor continues to drive data breaches, organizations need to be more cyber fusion-centric and deploy advanced AI-powered tools to predict threats. Harshil Doshi, country manager for Securonix in India and the SAARC region, discusses the future of SIEM technology.

Cryptocurrency Fraud

Russians Can Use Crypto to Evade Sanctions, Researchers Warn

Mathew J. Schwartz • March 23, 2023

Dark web merchants have been offering Russians - consumers and criminals alike - services for bypassing international sanctions that may indirectly involve U.S. financial institutions, demonstrating the need for more robust "know your customer" and anti-money laundering checks, researchers warn.

Identity & Access Management

Splashtop Buys Foxpass to Bring Enterprise IAM to the Masses

Michael Novinson • March 23, 2023

Remote access provider Splashtop has bought server and network access management vendor Foxpass to get better visibility across co-managed and multi-tenant environments. The acquisition of Foxpass will simplify the onboarding experience for developers while ensuring passwords aren't being shared.

HIPAA/HITECH

DC Health Link Facing Lawsuits in Hack Affecting Congress

Marianne Kolbasuk McGee • March 22, 2023

The DC Health Benefit Exchange Authority - the online health insurance marketplace servicing Washington, D.C., residents and congressional staff - is facing two proposed class action lawsuits in the aftermath of a hack that affected more than 56,400 individuals, including members of Congress.