A North Carolina-based healthcare organization has reportedly discovered that malicious code had been contained on its e-commerce site for three years, sending consumers' payment information to unauthorized individuals.
The latest edition of the ISMG Security Report discusses the shutdown of DeepDotWeb. Plus, dealing with breach fatigue and the Pitney Bowes ransomware attack.
The prices for specific types of cybercriminal tools on darknet sites continue to rise, according to a recent analysis by security firm Flashpoint. Payment card and passport data remain the most sought-after commodities on these forums, research shows.
Scammers are using the notorious Phorpiex botnet as part of an ongoing "sextortion" scheme, according to Check Point researchers. At one point, the botnet was sending out over 30,000 spam emails an hour and the attackers made about $110,000 in five months, researchers say.
Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications. But some observers say getting all players to agree on a common platform will be challenging.
At least 550 fraudulent domains have been aimed at users who accidentally mistype the URL for a political candidate or election-related group, warn researchers at Digital Shadows. While many of these "typosquatting" domains appear to be relatively harmless, some could be more nefarious.
Data breaches involving phishing and related email compromises persist as a top challenge for healthcare providers. So, what are some of the top trends emerging from these incidents?
The DevSecOps community has rapidly expanded in the past handful of years, while pursuing security practices that run within high velocity, collaborative, and integrated environments. This survey serves to help identify the challenges, successes, and adaptations that many organizations work through.
Download this...
Ransomware is once again the most common illicit profit-making tool in online attackers' arsenal, police warn. Security firm Emsisoft says the most-seen strains in recent months include STOP, Dharma .cezar, Phobos, GlobeImposter 2.0 and Sodinokibi. Less widely seen Ryuk also continues to generate big profits.
Attackers are using Docker containers to spread a cryptojacking worm in a campaign dubbed "Graboid," according to researchers at Palo Alto Network's Unit 42 threat research unit. Although the researchers describe the campaign as "relatively inept," they says it has the potential to become much more dangerous.
"Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S. and Europe in an attempt to steal intellectual property, according to the security firm Proofpoint.
Large or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.
The best way to change user behavior and create a culture of enhanced security awareness is through a comprehensive security program that leverages a wide variety of tools and techniques. During this webinar we'll explore how organizations can develop a fit-for-purpose cyber awareness strategy that engages employees,...
The best way to change user behaviour and create a culture of enhanced security awareness is through a comprehensive security program that leverages a wide variety of tools and techniques. During this webinar we'll explore how organisations can develop a fit-for-purpose cyber awareness strategy that engages employees,...
In this session, we take a detailed look at the unique cybersecurity issues posed to a nation's critical infrastructure. Don't miss this compelling presentation by the IT and innovation leader of a Portuguese public utility.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
