The FBI is asking all U.S. victims of DDoS attacks to please come forward. The bureau's plea for more information from cyberattack victims parallels similar requests made this week by British authorities speaking at ISMG's Fraud and Breach Prevention Summit in London.
The Internal Revenue Service is pushing back at critics who contend the tax agency isn't doing enough to secure its information technology. Commissioner John Koskinen cites headway in preventing criminals from gaining access to tax filers' personally identifiable information.
Researchers say they've identified faulty cryptographic code in microchips made since 2012 by Infineon Technologies, posing risks to government-issued smartcards, consumer laptops, authentication tokens and more.
A small Missouri clinic admits paying a ransom to unlock data after a ransomware attack in August encrypted patient data on a file server, as well as backups. The incident spotlights the dilemmas healthcare organizations can face after a ransomware attack if they're not well-prepared.
Key gaps in how healthcare entities defend against cybercrime hacking have emerged. Even organizations strictly strictly adherent to HIPAA, NIST or other regulators are still unaware of how their practices compare to their industry peers and whether or not they are lagging behind.
Has your organization assessed and...
An apparently misconfigured Amazon repository that exposed on the web medical data for approximately 150,000 patients serves as another important reminder of the need to protect cloud-based health information from being inadvertently accessible to the public.
Security researchers have discovered websites run by credit bureaus Equifax and TransUnion were both affected by dodgy code that redirected users to adware and malware. Both issues are fixed, but the situations beg questions about how closely the companies monitor their online security.
Organizations can no longer rely simply on signature-based scanning of machines to identify malware. Polymorphic malware takes on an infinite number of forms, making it difficult to identify. And malware doesn't exist for the sake of just existing; it has a purpose in mind that always involves taking something from...
By following best practices to simplify security intelligence, an agency reduces the burden on its security operations team and allows technology to do the work of surfacing and responding to cybersecurity threats.
Download this whitepaper and learn how to:
Discover and alert on threats quickly so they can be...
Federal agencies that adopt the Threat Lifecycle Management strategy can achieve immediate and ongoing cost savings as compared to adopting any other SOC model. This strategy also leads to a material reduction in risk for the organization.
Download this whitepaper and learn how your SOC can:
The reason large data breaches still occur is because the TLM workflow is implemented poorly across a large number of diverse security systems, each offering different user interfaces, inadequate integration with other systems, and lacking automation in the areas of advanced security analytics and incident...
A new House bill proposes that federal regulators work with healthcare providers and insurers as well as technology firms to recommend "voluntary frameworks and guidelines" to improve the cybersecurity of medical devices. But some security experts are calling for stronger mandates.
Dark web vendors offer a wide range of technological crime. From distributed denial of service (DDoS) attacks to pre-recorded phone calls, there is a myriad of knowledge and listings for hacking & exploits.
In addition to materials for sale, the dark web is also home to a variety of forums designed to build...
The Dark Overlord, a hacking group that hijacks data from businesses and holds it for ransom, is now threatening school districts. The apparent intent isn't to get ransoms from schools per se, but to create a fear campaign designed to scare big businesses into paying the group's ransoms.