A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
The Department of Veterans Affairs is in the midst of an IT transformation that spotlights security efforts ranging from enforcing the use of two-factor authentication to reducing privileged access accounts, says a new mid-year report.
It's no secret that cloud apps like Office 365, Salesforce, and Box are the future of enterprise computing, yet security concerns remain where organizations no longer have control over their infrastructure and limited control over end-user devices. Cloud Access Security Brokers (CASBs) have emerged as the go-to...
A Senate bill proposes removing Social Security numbers of U.S. veterans from all Department of Veterans Affairs' information systems within the next five years to help reduce identity theft and fraud. How difficult would it be to make the change?
The FBI is warning U.S. businesses to beware of business email compromise scams focused not just on creating fraudulent wire transfers, but also stealing personally identifiable information. Experts, however, are criticizing the FBI's alert as being too little, too late.
With rampant password, patch management and data missteps, it can feel like information security déjà vu all over again as security professionals fight so many of the same battles as 10 or 20 years ago, says white hat hacker Cris Thomas, a.k.a. "Space Rogue."
Dropbox is keeping a close eye on the latest news reports of big-name, big-data breaches, but says the reported hackers are bluffing when claiming to have compromised and obtained the web storage service's data.
Asking how many different technologies consumers will tolerate when it comes to paying for their goods and services is a bit like asking how many more superheroes moviegoers will countenance in the latest "Avengers" film.
Despite understanding the need for multifactor authentication, many financial institutions struggle with the complexity of implementing effective solutions.
"Let's talk about what this complexity looks like...The average MFA initiatives have been ongoing for six years. On average, four point solutions are deployed...
The integration of technology within the
healthcare sector continues to create seismic
changes in how individuals receive medical
care. Yet in their rush to adopt technology
designed to improve the consumer's
experience, organizations within the healthcare
industry face the very real threat of sensitive
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
A security firm claims to have obtained from a young Russian hacker a data set that includes 272 million unique credentials for Hotmail, Gmail and Yahoo email addresses, among others. But there's no reason to panic, security experts say.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.