Google has removed eight fake cryptomining apps from its Play Store, but researchers at security firm Trend Micro have flagged 120 other apps on users' phones purporting to also be cryptomining. Users paid for services the eight apps never delivered.
Joey Johnson, CISO of Premise Health, a Brentwood, Tennessee-based provider of online healthcare services, outlines a three-pillar security program in which "identity is the central aspect."
Tomislav Pericin, Co-founder and Chief Software Architect for ReversingLabs, discusses the evolution of supply chain attack sophistication, and why both software builders and buyers need to change how they defend against attack surface area risks.
At least 38 million records have been leaked by hundreds of online portals that were unwittingly misconfigured by organizations using Power Apps, a Microsoft service to quickly spin up web apps. Microsoft has now changed default settings for Power Apps to prevent inadvertent data exposures.
The Department of Labor is offering $240 million in grants to states to help fight against unemployment benefits fraud. Eva Velasquez, CEO at the Identity Theft Resource Center, offers insights on making the most of this investment with a multilayered security approach.
Microsoft security researchers say the operators of the well-established Mozi IoT botnet have upgraded the malware, enabling it to achieve persistence on network gateways manufactured by Netgear, Huawei and ZTE.
The Cybersecurity and Infrastructure Security Agency is warning organizations to immediately patch the ProxyShell vulnerabilities in Microsoft Exchange email servers because security researchers say ransomware gangs are exploiting these flaws.
The U.S. and Singapore have announced three agreements to expand their collaborative efforts - including shoring up information sharing, research and training - to address global cybersecurity issues.
Two large healthcare organizations - Memorial Health System in Ohio and University Medical Center of Southern Nevada - continue to mop up after recent cyberattacks apparently involving ransomware. The Ohio organization admits negotiating "a settlement" with attackers to obtain a decryptor.
The U.S. State Department reportedly recently sustained a cyber incident that prompted a notice to the Defense Department's Cyber Command. The report of the incident follows a congressional report that gave the State Department a "D" grade for its cybersecurity defenses.
Security firm Cloudflare says it detected and mitigated a 17.2 million request-per-second distributed denial-of-service attack, almost three times larger than any previously reported HTTP DDoS attack.
John "Chris" Inglis says one of his first priorities as national cyber director within the White House is focusing on issues of cyber resiliency. Battling ransomware and coordinating government responses with the private sector are also top issues he's tackling.
As ransomware-as-a-service operations continue to compete for affiliates, the operators behind LockBit have unveiled a new version of their crypto-locking malware boasting fresh features, some borrowed from rivals. Separately, a relatively unsophisticated newcomer called Hive has debuted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the evolution of fraud trends and the challenges in implementing the "zero trust" framework in the OT environment.
An Ohio man has pleaded guilty to operating an illegal bitcoin "mixer" service to launder more than $300 million in cryptocurrency for users of darknet marketplaces, according to the Justice Department. Larry Dean Harmon faces up to a 20-year federal prison sentence.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.