Hackers crashed the Winter Olympics, apparently by using destructive malware dubbed "Olympic Destroyer." The attack resulted in the Pyeonchang 2018 website being offline for 12 hours and WiFi unavailable during the opening ceremony, but organizers say no competitions were disrupted.
More than 4,200 websites, some belonging to the U.S., U.K. and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero. The security lapse continues the recent trend of cryptocurrency mining malware overtaking ransomware.
Do healthcare entities face a growing risk of being hit with cryptocurrency mining attacks, which have become more common in other sectors? A Tennessee hospital may be the first victim in the sector, and some security experts predict many more such incidents.
The U.S. Department of Justice, in one of its biggest-ever cybercrime disruptions, shuttered the Infraud Organization, an online forum prosecutors tied to $530 million in losses. Thirteen suspects - in Australia, France, Italy, Kosovo, Serbia, the U.K. and the U.S. - have been arrested.
A malware incident at Partners HealthCare that was detected last spring but was only recently determined to have exposed patient data illustrates that confirming a data breach through a forensics investigation can be difficult and time-consuming.
A hacking team dubbed "Group 123" with apparent ties to the government of North Korea has been exploiting a zero-day vulnerability in the Flash browser plug-in, likely to hack high-value targets. Adobe has released an emergency Flash update with security fixes. Or organizations could simply stop using Flash.
The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
The Department of Justice has charged two men, arrested in Connecticut near the scene of a jackpotting attack against a drive-up ATM, with bank fraud stemming from a malware attack. Police say they recovered $9,000 in $20 bills, as well a black box and other equipment from the suspects' car.
In 2014, the Department of Defense (DoD) issued instructions that replaced DoD Information Assurance Certification and Accreditation Process (DIACAP) with the Risk Management Framework (RMF). The RMF is designed to be managed as a continual process as the risk posture evolves over time for each information...
The fact that Federal agencies are prime targets for the most sophisticated cyber threats is undeniable. If cyberattacks are inevitable, then robust capabilities for security investigation, threat hunting, and rapid response are essential. Government cybersecurity professionals require visibility across their silos of...
The booming interest and sometimes surging values of cryptocurrencies are drawing the interest of cybercriminals on a scale never seen before - including attacks aimed at trying to steal computing power to mine cryptocurrency.
Leading the latest edition of the ISMG Security Report: Inside the darknet marketplaces that serve cybercrime-as-a-service buyers and sellers. Also, why the healthcare sector remains so bad at detecting data breaches and blocking ransomware.
Micro-segmentation is fast becoming a foundational layer of the security architecture for today's data center and cloud computing environments. It has seen a big push by a range of vendors as well as growing recommendations from leading analyst firms such as Gartner, ESG, and the 451 Group.
The idea of using network...
As of January 1, 2018, all SWIFT customers must self-attest to their compliance with the new SWIFT Customer Security Program (CSP). The program is designed to respond to the wave of cybercrime targeting SWIFT installations that began with the Bank of Bangladesh breach back in February 2016 and has swept across the...
Many Malwarebytes users had a busy weekend after a software update led their Windows systems to experience "out of memory" errors, loss of internet access and, in some cases, crashing. The security firm has apologized and issued detailed instructions for reversing the problems and installing its fix.