The Sophos 2020 Threat Report is out, and among the key findings: Ransomware attackers continue to leverage automated active attacks that can evade security controls and disable backups to do maximum damage in minimal time. John Shier of Sophos analyzes the trends that are most likely to shape the 2020 cybersecurity...
A Utah eye clinic began notifying thousands of patients last week about a 2018 breach involving a third-party portal provider. What should other healthcare organizations learn from this incident?
The cybersecurity community had been holding its breath in anticipation of mass attacks targeting the severe BlueKeep vulnerability in Windows, which Microsoft has patched. The first in-the-wild exploits have now been seen, although they don't appear to constitute an emergency - at least yet.
Many ransomware-wielding attackers continue to hack into organizations via remote desktop protocol. But some Sodinokibi ransomware-as-a-service affiliates have shifted instead to targeting victims via botnets, saying hackers' use of RDP exploits has grown too common.
The Chinese advanced threat group APT41 is using a new espionage tool to intercept SMS messages from specific phone numbers by infecting mobile telecommunication networks, according to the security firm FireEye Mandiant.
Using the largest repository of breached credentials in the world, SpyCloud has analyzed breach data tied to Fortune 1000 employees to understand what information is out there and how it can be used to commit fraud. In this video, SpyCloud Head of Product Strategy Chip Witt will walk through SpyCloud's analysis of...
Ransomware continues to be a highly profitable cybercrime. Ransomware incident response firm Coveware reports that for the third quarter of this year, the average ransom amount paid was $41,198, a six-fold increase from the same period last year, driven by strains such as Ryuk and Sodinokibi.
For Russian-speaking hackers, ransomware used to be taboo. But GandCrab killed all such ethical qualms, democratizing ransomware-as-a-service, paving the way for new profit-sharing schemes such as Sodinokibi and driving a new generation of attackers to master advanced hacking skills, a new report finds.
A trio of domain name registrars are mandating a password reset after a breach affecting about 22 million accounts occurred in late August. Web.com and two of its brands, Network Solutions and Register.com are contacting victims via email.
Calling election security a "national emergency," nearly 100 past and current Democratic and Republican lawmakers and other government officials have sent a letter to the Senate calling for passage of stalled legislation.
Senior government officials in at least 20 countries, including the U.S. and India, were targeted earlier this year with hacking software that used Facebook's WhatsApp to take over users' phones, Reuters reports, citing sources familiar with the messaging company's investigation.
In the new world of ubiquitous connected devices and myriad cybersecurity alerts, artificial intelligence and machine learning can enable autonomous response - a boon to overworked security teams, says Darktrace's Mariana Pereira.
Bulletproof proxies have taken the concepts of anonymity and availability and embedded them in automated bot attacks. How can organizations identify and stop these attacks? Ameya Talwalkar of Cequence Security shares insights.
The healthcare sector is especially susceptible to ever-evolving cybercrimes, says attorney Jason G. Weiss, a former FBI special agent and forensics expert, who describes critical steps to take to avoid falling victim.
The latest edition of the ISMG Security Report offers an in-depth analysis of how to prevent data exposure in the cloud. Plus: why PCI's new contactless payment standard lacks PINs, and how to go beyond the hype to accurately define "zero trust."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.