cyberscoop.com cyberscoop.com

Experts suggest French insurer AXA's plan to shun ransomware payouts will set a precedent

When French insurer AXA signaled last week that it would no longer write new cyber-insurance policies covering  extortion payouts to criminals, ransomware and cyber insurance experts had two reactions. They wondered why it took so long, and how long it would take others to follow suit. Ransomware is an ever-increasing cause of cyber-insurance claims, according to industry estimates, and having such insurance may make policyholders...

cyberscoop.com cyberscoop.com

Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals

Four Eastern European men pleaded guilty to a scheme overseeing websites that hosted malware used to cause victims hundreds of millions of dollars in losses, the Justice Department said Friday. Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, along with Aleksandr Skorodumov from Lithuania and Pavel Stassi of Estonia, allegedly oversaw an organization that rented IP addresses, computers servers and domains to cybercriminals...

cyberscoop.com cyberscoop.com

DHS to hire 200 more cyber pros as Biden administration grapples with hacking threats

The Department of Homeland Security announced on Wednesday that it intends to hire 200 new cybersecurity professionals by July as the Biden administration aims to curb ransomware attacks affecting U.S. corporations, as well as foreign espionage operations. In a speech Wednesday, Homeland Security Secretary Alejandro Mayorkas said the cyber recruiting was part of “the most significant hiring initiative” that DHS has undertaken in...

cyberscoop.com cyberscoop.com

CISA used new subpoena power to contact US companies vulnerable to hacking

The Department of Homeland Security’s cybersecurity agency used a new subpoena power for the first time last week to contact at least one U.S. internet service provider with customers whose software is vulnerable to hacking. It’s an authority that DHS’s Cybersecurity and Infrastructure Security Agency has long sought, as agency officials struggled to communicate with some technology firms before flaws in their equipment became...

cyberscoop.com cyberscoop.com

Florida homecoming queen faces up to 16 years after alleged scheme to hack high school contest

A teenager accused of gaining unauthorized access to school computer systems in order to rig a homecoming queen contest with her mother will stand trial as an adult, and could spend 16 years in prison if convicted. Emily Grover, who turned 18 in April but who was arrested in March, when she was 17, faces four charges alongside her mother, Laura Carroll. Carroll was an assistant principal at Bellview Elementary School, while her...

cyberscoop.com cyberscoop.com

Qualys researchers uncover 21 bugs in Exim mail servers

Researchers have found 21 unique vulnerabilities in Exim, a popular mail transfer agent, some of which would allow hackers to run full remote unauthenticated code execution against targets, the Qualys Research Team announced Tuesday. If used properly, attackers could execute commands to install programs, manipulate data, create new accounts or change settings on the mail servers, according to the research. CVE-2020-28017, one of the...

cyberscoop.com cyberscoop.com

Hackers disrupt networks at San Diego medical provider, Kansas organ transplant facilitator

A pair of hacks at health care organizations revealed in recent days highlights the enduring cybercriminal threat to the sector as the U.S. makes progress in fighting the coronavirus pandemic. Scripps Health, a San Diego-based nonprofit system with five hospital campuses, on May 1 said that it had suspended access to IT applications that support its health care facilities following a “security incident.” The incident forced Scripps...